urlscan.io logo urlscan.io
SecurityTrails logo

gazivakfi.org Open in urlscan Pro
2606:4700:3035::ac43:ce20  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://360-insurance.com/maday.html
Effective URL: https://gazivakfi.org/zld/
Submission: On May 16 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3035::ac43:ce20, located in United States and belongs to CLOUDFLARENET, US. The main domain is gazivakfi.org.
TLS certificate: Issued by GTS CA 1P5 on May 9th 2023. Valid for: 3 months.
This is the only time gazivakfi.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

5    107.154.147.24 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.147.24.ip.incapdns.net
360-insurance.com
16    2606:4700:3035::ac43:ce20 (United States)

ASN13335 (CLOUDFLARENET, US)
gazivakfi.org
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
Apex Domain
Subdomains		 Transfer
16 gazivakfi.org
gazivakfi.org
584 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
38 KB
5 360-insurance.com
360-insurance.com
26 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
translate.googleapis.com — Cisco Umbrella Rank: 1046
76 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1346
28 KB
32 5
Domain Requested by
16 gazivakfi.org 1 redirects gazivakfi.org
5 360-insurance.com 360-insurance.com
4 www.gstatic.com gazivakfi.org
www.gstatic.com
3 fonts.gstatic.com gazivakfi.org
2 fonts.googleapis.com gazivakfi.org
1 translate.googleapis.com
1 translate.google.com gazivakfi.org
32 7

This site contains links to these domains. Also see Links.

Domain
translate.google.com
Subject Issuer Validity Valid
360-insurance.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-12 -
2024-05-11		 a year crt.sh
gazivakfi.org
GTS CA 1P5		 2023-05-09 -
2023-08-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gazivakfi.org/zld/
Frame ID: F7778389D2683B07B9DF044137FCBA98
Requests: 35 HTTP requests in this frame

Frame: data://truncated
Frame ID: 51A195D27D57D74C4CFB6ABC3298CEBB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

الصفحة غير موجودة. – Gazi Vakfı

Page URL History Show full URLs

  1. https://360-insurance.com/maday.html Page URL
  2. https://360-insurance.com/maday.html Page URL
  3. https://gazivakfi.org/zld/ Page URL
  4. https://gazivakfi.org/cdn-cgi/phish-bypass?atok=05vRMUdXTDf0CPt92KsCPCKlvsDXUw9RK2bnBVbH178-168422... HTTP 301
    https://gazivakfi.org/zld/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

9
IPs

2
Countries

753 kB
Transfer

2458 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://360-insurance.com/maday.html Page URL
  2. https://360-insurance.com/maday.html Page URL
  3. https://gazivakfi.org/zld/ Page URL
  4. https://gazivakfi.org/cdn-cgi/phish-bypass?atok=05vRMUdXTDf0CPt92KsCPCKlvsDXUw9RK2bnBVbH178-1684222938-0-%2Fzld%2F HTTP 301
    https://gazivakfi.org/zld/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
maday.html
360-insurance.com/ 		212 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
212
content-type
text/html
x-iinfo
57-103311917-0 0NNN RT(1684222936939 146) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18
_Incapsula_Resource
360-insurance.com/ 		178 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash
f65b2f194446456e0c904863c61341dbe8db69b9e1b2ba83235a4403d94b503f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
26019
content-type
application/javascript
_Incapsula_Resource
360-insurance.com/ 		29 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/_Incapsula_Resource?SWHANEDL=4886244041358131409,15045324330813524737,3959513672063716282,691971
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
29
content-type
application/javascript
maday.html
360-insurance.com/ 		75 B
270 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/maday.html
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
Apache /
Resource Hash
e2a74414e4a092663c70dcc80bcdc90f5562554cb3943df62f50f85ecd73e407

Request headers

Referer
https://360-insurance.com/maday.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html
date
Tue, 16 May 2023 07:42:18 GMT
last-modified
Sun, 07 May 2023 22:45:08 GMT
server
Apache
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
57-103311917-103312016 NNNN CT(15 20 0) RT(1684222936939 598) q(0 0 0 -1) r(0 0) U12
_Incapsula_Resource
360-insurance.com/ 		1 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://360-insurance.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8280373004442063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
360-insurance.com/ 		0
0
/
gazivakfi.org/zld/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6466a7c4be1fee5e4ee1fd5b1ed90478ac2766416f80c9cc67558b06b70a973f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://360-insurance.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-ray
7c81fbb6bc5c30cf-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 May 2023 07:42:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkZ%2FH%2BHEkGwDkLQcvihIflYgc%2FeeHQx6AVue6UBupnQ4wTyr4DkoidfUI83LnecPxPPa64OCOCXYqYGVWh%2FvUHIlWMfsN7LnhG6FrFOkNP%2B2N4SOkNBJ9xk6akA8g3YRs6tqb%2FozEj0amvrC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
gazivakfi.org/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 12:05:21 GMT
server
cloudflare
etag
W/"645e2b81-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7c81fbb6dc8330cf-FRA
expires
Tue, 16 May 2023 09:42:18 GMT
icon-exclamation.png
gazivakfi.org/cdn-cgi/images/ 		452 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:18 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 12:05:21 GMT
server
cloudflare
etag
"645e2b81-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7c81fbb6eca230cf-FRA
content-length
452
expires
Tue, 16 May 2023 09:42:18 GMT
Primary Request /
gazivakfi.org/zld/
Redirect Chain
  • https://gazivakfi.org/cdn-cgi/phish-bypass?atok=05vRMUdXTDf0CPt92KsCPCKlvsDXUw9RK2bnBVbH178-1684222938-0-%2Fzld%2F
  • https://gazivakfi.org/zld/
923 KB
134 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
64448ee20b29adeba9b08cbf2b71631e835fb08cedccf35a784133201e70747e

Request headers

Referer
https://gazivakfi.org/zld/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7c81fbcdd81330cf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 May 2023 07:42:25 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://gazivakfi.org/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVlHF26Rzn27eNdH5YoG0zZECznzzkwFFNbBY56d2hSLhgyVkUUh7WFb62jHkgGQ1oqyTO2o14mdAz2Yb%2FtiK0oWlu%2FjlNarxDiSSva7XO2SN%2ByOr77pTkX3FqWXnbVtMcd8On%2BhgoBWViUr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34

Redirect headers

cache-control
private, no-cache
cf-ray
7c81fbcdc80230cf-FRA
content-length
167
content-type
text/html
date
Tue, 16 May 2023 07:42:22 GMT
location
https://gazivakfi.org/zld/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
wp-emoji-release.min.js
gazivakfi.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD7WL3LsNfm%2FJltv0A0WVCz%2FFqES6hcEsJFwb2y%2BKV93MCbnVc1%2B78ksNu%2F3s1KgG7OjCGuY34ZXT1a1f0RlYK9WJgMx%2FIvB4brKat1GhEo62FC4GEodvZXuSN%2F%2BfxrXbefxAXFhR3g8N55%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c81fbe8fa7230cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		386 B
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Candal%3A300%2C400%2C700&ver=6.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 07:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 07:42:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 07:42:26 GMT
css
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Times+New+Roman%3A300%2C400%2C700&ver=6.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
jquery.min.js
gazivakfi.org/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8cGKzoMgtHoJwCaccl5AGS81sqGhJcLNFgkKgHxlBxM%2BINhU9%2FfT7%2FW2jInOQxOZM0rp2HiBr20ZgkYLbdQrdJEkxgPkaKYdoOL0D0afmf5IkLKCDXNNYZMAh4wmTu%2Bu8RI%2BQpiQ%2FKnwbYP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c81fbe8fa7430cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-polyfill-inert.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B8l98vSM3rLlQTYZ5Frjq1fVwRv%2F%2BNIcd7A8PEvBEPdVbx5yi1BoRNUl4FgG%2FDqqRDG%2Bq%2B%2F%2F2FFpxmrz0BYh4sxjO99B0nID4AizZcboe2NXjySoJ%2BjAT0XTF0CgQXrKYaQd%2BnBoMRHLlNW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c81fbe8fa8030cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
regenerator-runtime.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzyyWnubI5ioyE1m25dT0%2FnzKoz2qmwtFf%2B1zUxeY2W1pZbcK%2FhvFkHSFh1tkbPZB8Hcodhs9SliRnuPQyhFc4hk7GnvJMBJ21yS7tyQu%2FuawgwsvFQhKjIhGOshOhC1NtmhZjb5HARKFxZ8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c81fbe8fa8330cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-polyfill.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 02 Nov 2022 06:24:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1XMDaUmjuQ6%2FI%2FyQXs6ytKm9sHjKCdw7Rvbs4tjh%2BWCMHZ%2F6GyeISDlp5h8sfH0bKUWkSq6VXYeyCk2wCiGLtkVruZT0r1fnOFot2kNot9qrGB7%2Bl1MUueooxd7v2wV%2FGjqAeB9Yydtd19B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c81fbe8fa8430cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
element.js
translate.google.com/translate_a/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a03b6918917801da64b7b5abdbba469dc9311915c4f646417339addbd35917ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 07:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
autoptimize_9801e1c459c18fe3985c499281440817.js
gazivakfi.org/wp-content/cache/autoptimize/js/ 		635 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/cache/autoptimize/js/autoptimize_9801e1c459c18fe3985c499281440817.js
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd89a70328b1081ddd6c9ab55dd62b64fe2a0448287671244174ed5f7107d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 06:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz0Pd6h1bAXmLsAZicvDZf9odu9zDEChTWLTeNES0x61JYx7NOWnEtZeTX%2FPbpJx03EGN905Q1R%2Bg1LIMtjx9LHLGtNf%2BMjj5VUtGAqLUJiPjosVa5wiJARyeId2QBfoxwHQKnX22Pd5PYO%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=30672000, immutable
cf-ray
7c81fbec5edd906a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 May 2024 07:42:27 GMT
truncated
/ 		86 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad9028c535cbac821881768c4a56bd111bde3e9c2f7e68f97aba5780224c9dcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		86 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93236c6e908c4edbdc034eb3f6f71067d1d8c315243751da84b68330031c686a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 16:20:22 GMT
x-content-type-options
nosniff
age
228125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10256
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 16:20:22 GMT
fa-brands-400.woff2
gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Request headers

Referer
https://gazivakfi.org/zld/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:28 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9K1kPySHprTyi6%2B2Wdn68%2FojaJKqaURD4aUPbTZ5CnNnEWZoPaVmwlnJvaFgxDtgReOMavbHLF0w%2FoTHkwxvcj2X%2FXI5nibo%2Bd4VfFkZ%2BaYvehS7SH2sviuIN4EK2hyADSzasmfaln45zWKQ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c81fbec7efc906a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75368
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 16:23:25 GMT
x-content-type-options
nosniff
age
227942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 16:23:25 GMT
fa-solid-900.woff2
gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009

Request headers

Referer
https://gazivakfi.org/zld/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:28 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAB10sgJaas%2Ff8mPK4XoPQXGpUw7%2FBksvft0ru0%2BC%2Bxc72zZykd6xXqGndlsQ6j3O4jjPvW%2BZ14VpryaqVPo7N%2B1oVSJrZY%2FZoJqO7bY2ODPhoP%2FOGCSeq%2FmQZX6G5T63rXK1pCxiDe0kJSS"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c81fbec7efd906a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75760
Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 19:34:47 GMT
x-content-type-options
nosniff
age
216460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 19:34:47 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eoF9yEv-yI0.O/d=1/rs=AN8SPfqdFt32puVezTjozmUfX347NQPdqA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 17:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4396
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 17:45:33 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eoF9yEv-yI0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqdFt32puVezTjozmUfX347NQPdqA/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eoF9yEv-yI0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqdFt32puVezTjozmUfX347NQPdqA/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eoF9yEv-yI0.O/d=1/rs=AN8SPfqdFt32puVezTjozmUfX347NQPdqA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997b3dd0f85bdd40f56d5fa5bf564d4167c2fa2d66c8a7548693d37b01df9f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 17:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76180
x-xss-protection
0
last-modified
Sat, 13 May 2023 01:09:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 May 2024 17:51:49 GMT
truncated
/ Frame 51A1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:08:24 GMT
x-content-type-options
nosniff
age
2043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 May 2024 07:08:24 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 04:19:10 GMT
x-content-type-options
nosniff
age
12197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 May 2024 04:19:10 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 13:19:08 GMT
x-content-type-options
nosniff
age
66199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 14 May 2024 13:19:08 GMT
truncated
/ 		475 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
gazivakfi.org/wp-content/plugins/google-language-translator/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/wp-content/plugins/google-language-translator/images/flags.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:29 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Apr 2022 14:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTwthGnzcKOVCGXGyb45MaBRunwrk4CDtR2T8kJDksI8U8ox%2BZ1j2Co%2BQvHTZfzTfFVQ2lc2zAtW6QbAiMWWN4E5nITOYFSZzS2ZwKnSoICQqrQ5cnHUzfRquOgiIXKaTEujFBVFYcb0IYqa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c81fbf55f8e906a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54996
/
gazivakfi.org/ 		635 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/?wc-ajax=get_refreshed_fragments
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
0140c626ee53e328ca4fb01f8110f8bf2de538c089e60a34045aed983286b732
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://gazivakfi.org/zld/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 07:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ij%2BZKy5r3yvmxLD9FfvO7niA4pk4MBQ9hOjaYtpk%2BAL3aE7jwQ%2BKXX%2B5UTLPNQSMSeg%2FV%2BdGRwlhBk0YKCTtKt2fEqmjkhsSB8S%2BHXhLkbzry2wQhYXYN1uroMSV2pMUSy%2FvzugZ9%2BIgVaSD"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gazivakfi.org
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
7c81fbf56f94906a-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
gazivakfi.png
gazivakfi.org/wp-content/uploads/2022/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/wp-content/uploads/2022/01/gazivakfi.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4e362872b85503281754e458ef06019efaf77453953483d49cad7ec350548a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:42:29 GMT
cf-cache-status
BYPASS
last-modified
Sat, 22 Jan 2022 18:16:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3r2vbk3srY6ZMi5MMVOtSFSXWFB%2FDM%2FFK58pUTB%2F7so35DEz3iN76F0TU0JOgHSEzW3%2BjbGY6o2OwWkM9rNOU3UNp7ppM4tBQR94%2FEHqr%2Big%2F2eIUzxErK9u9rraCbGRfilq2zI167UAeuX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
accept-ranges
bytes
cf-ray
7c81fbf71985906a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4167

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
360-insurance.com
URL
https://360-insurance.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A102%2Cr%3A259)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| wc_add_to_cart_params function| setREVStartSize object| RS_MODULES function| GoogleLanguageTranslatorInit object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| woocommerce_params object| wc_cart_fragments_params object| xtra_strings object| closure_lm_989142 function| GLTFireEvent function| doGoogleLanguageTranslator object| Codevz object| Codevz_Plus object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor function| Cookies object| forbiddenTag string| numberType object| forbiddenClass object| className boolean| res

3 Cookies

Domain/Path Name / Value
.360-insurance.com/ Name: visid_incap_2707971
Value: e1mPR6WlRgKVRsDtz/YKD9kzY2QAAAAAQUIPAAAAAABHZ/bzJIiGfyYm95wmBuyU
.360-insurance.com/ Name: incap_ses_1607_2707971
Value: lQ1RCK2sgCzp1GtZVzZNFtozY2QAAAAAs9Ck8Sd2xCeFS9a6TH7f5A==
.gazivakfi.org/ Name: __cf_mw_byp
Value: 05vRMUdXTDf0CPt92KsCPCKlvsDXUw9RK2bnBVbH178-1684222938-0-/zld/

2 Console Messages

Source Level URL
Text
network error URL: https://gazivakfi.org/zld/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.googleapis.com/css?family=Times+New+Roman%3A300%2C400%2C700&ver=6.2
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

360-insurance.com
fonts.googleapis.com
fonts.gstatic.com
gazivakfi.org
translate.google.com
translate.googleapis.com
www.gstatic.com
360-insurance.com
107.154.147.24
2606:4700:3035::ac43:ce20
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
0140c626ee53e328ca4fb01f8110f8bf2de538c089e60a34045aed983286b732
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
64448ee20b29adeba9b08cbf2b71631e835fb08cedccf35a784133201e70747e
6466a7c4be1fee5e4ee1fd5b1ed90478ac2766416f80c9cc67558b06b70a973f
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
93236c6e908c4edbdc034eb3f6f71067d1d8c315243751da84b68330031c686a
997b3dd0f85bdd40f56d5fa5bf564d4167c2fa2d66c8a7548693d37b01df9f4b
a03b6918917801da64b7b5abdbba469dc9311915c4f646417339addbd35917ae
ad9028c535cbac821881768c4a56bd111bde3e9c2f7e68f97aba5780224c9dcc
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274
bcd89a70328b1081ddd6c9ab55dd62b64fe2a0448287671244174ed5f7107d1b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cf4e362872b85503281754e458ef06019efaf77453953483d49cad7ec350548a
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
e2a74414e4a092663c70dcc80bcdc90f5562554cb3943df62f50f85ecd73e407
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f65b2f194446456e0c904863c61341dbe8db69b9e1b2ba83235a4403d94b503f