urlscan.io logo urlscan.io
SecurityTrails logo

www.drtevsilk.com Open in urlscan Pro
2606:4700:3033::681c:19b1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://royalonline-delivery.astepofclass.com/
Effective URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGU...
Submission: On December 19 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3033::681c:19b1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.drtevsilk.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.
This is the only time www.drtevsilk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Royal Mail (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
24 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
27 4
Domain Requested by
24 www.drtevsilk.com www.drtevsilk.com
2 fonts.googleapis.com www.drtevsilk.com
1 maxcdn.bootstrapcdn.com www.drtevsilk.com
1 royalonline-delivery.astepofclass.com 1 redirects
27 4
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-27 -
2021-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Frame ID: D67327D4EAB35D413E7D6A2CEC7CC8F3
Requests: 11 HTTP requests in this frame

Frame: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Frame ID: C5AFAA5EFE93232FFAACDF69EE2D3485
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://royalonline-delivery.astepofclass.com/ HTTP 301
    https://www.drtevsilk.com/royal/ Page URL
  2. https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcC... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

27
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

465 kB
Transfer

1563 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://royalonline-delivery.astepofclass.com/ HTTP 301
    https://www.drtevsilk.com/royal/ Page URL
  2. https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://royalonline-delivery.astepofclass.com/ HTTP 301
  • https://www.drtevsilk.com/royal/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.drtevsilk.com/royal/
Redirect Chain
  • http://royalonline-delivery.astepofclass.com/
  • https://www.drtevsilk.com/royal/
211 B
928 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/royal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
84650b184120dd856fbcc3e3cd07ea63d9b3045498d107d12463d4ef72476991

Request headers

:method
GET
:authority
www.drtevsilk.com
:scheme
https
:path
/royal/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dcf03be016a9308ad7a12393aa5aa1a671608409717; expires=Mon, 18-Jan-21 20:28:37 GMT; path=/; domain=.drtevsilk.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=p7ja65ndo3chr0814jd5hmcda4; path=/; secure
x-powered-by
PHP/7.0.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
071e49b2780000323c71170000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oYzPFKxjNaIJVOp%2F88SA4NTxK5PmUZ8C5kjorIKP4vPOCGJfdQy9eJkWToLRjTvqA566CCraF%2BNnUuj9JMHmZk02yCMn%2Bchr%2F1r2%2BZSCYXst%2BEo%2B2a9jZn15czDR5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6043defd8f18323c-FRA
content-encoding
br

Redirect headers

Server
nginx/1.16.1
Date
Sat, 19 Dec 2020 20:28:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Location
https://www.drtevsilk.com/royal/
Primary Request intro.php
www.drtevsilk.com/royal/ 		562 KB
324 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
508fda10fff8691a6f29ad6127bad2792a41a4f916ff341d958538d833109b31

Request headers

:method
GET
:authority
www.drtevsilk.com
:scheme
https
:path
/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.drtevsilk.com/royal/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dcf03be016a9308ad7a12393aa5aa1a671608409717; PHPSESSID=p7ja65ndo3chr0814jd5hmcda4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.drtevsilk.com/royal/

Response headers

date
Sat, 19 Dec 2020 20:28:40 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
071e49b7c60000323c74a26000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tzxvBpn20N71SAgmcilOePtXsuypYJ5ApkVYxK226fd42A4932OpFZJqlTAERKorQ7i2E1dYmd42uMGjkZElfKwNrZ%2FRwnjE2WmtUVIaieQDMO7YRx7Ovi%2Bgoqdlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6043df060a34323c-FRA
content-encoding
br
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2087a094b0a427d552413baedcf0e1d92b442e44c8dd7a4c517c569b4b76c038

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		260 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fc8c7cb39825b0c5fcf608136ac9c79aced90c297c0db611b0412848078e48e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
chevinstd-bold.woff2
www.drtevsilk.com/assets/fonts/chevin/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/fonts/chevin/chevinstd-bold.woff2
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Origin
https://www.drtevsilk.com
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.0.33
cf-request-id
071e49c3a30000323c89990000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jtBMIHNCLShfD4TWBQp18FHaWyHeVGYHyLRQ8uCKdlghhAiPSCacF7RlRfj6osa4Ix0aPeNbU%2B2jIcjupMYa3BRRjYHzvHOiNaD6E8G1n6Xl3q1Xjvu7kZAK1XoLEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6043df190825323c-FRA
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
chevinstd-medium.woff2
www.drtevsilk.com/assets/fonts/chevin/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/fonts/chevin/chevinstd-medium.woff2
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Origin
https://www.drtevsilk.com
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:42 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.0.33
cf-request-id
071e49c3a60000323c431f6000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A6FMCulXZBmkbv3pXs3dcy3xLcZDEXITFU1NqGoN4D%2FkMZq5HxYSoOyH4MBNsSptpqHhhKJOBMsybHIHTb44urATxJyEbfBTDPVTBEpxw5r%2FupB57wRauf%2Fl7FIAKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6043df19082c323c-FRA
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
sending-your-item-infographic.svg
www.drtevsilk.com/assets/images/ Frame C5AF 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
618deac9a06cc3097f4de134668a0a5a0aca9ef989ee7bfc38f1921be76ddfc1

Request headers

:method
GET
:authority
www.drtevsilk.com
:scheme
https
:path
/assets/images/sending-your-item-infographic.svg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
object
referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK

Response headers

date
Sat, 19 Dec 2020 20:28:43 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3359e269dbb71d4c551df6dbb8063eea1608409721; expires=Mon, 18-Jan-21 20:28:41 GMT; path=/; domain=.drtevsilk.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.0.33
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
max-age=14400, must-revalidate
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
MISS
cf-request-id
071e49c40c0000323c5a816000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q7VqiwvuqTc%2BtsyCN%2FrSIRUzUR6GghhZ0ZNVSgKGHhK%2Fb1XVSObocCGnQe9A3LtEACQ37XSmx6uS6cVuc30r3ZVz2cNS7xPZrdkqlLI12EdrRoQ%2B9E5GZab85QWTOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6043df19a992323c-FRA
content-encoding
br
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
027e325b7fcf7957d891823ddf2a7873869aa9bbdb26d645324372aeffba154c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
chevinstd-light.woff2
www.drtevsilk.com/assets/fonts/chevin/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/fonts/chevin/chevinstd-light.woff2
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Origin
https://www.drtevsilk.com
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.0.33
cf-request-id
071e49c43b0000323c5d3be000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NHd0Bfy50j%2F0j2vZDtpJ1%2Bfihi5X1wa4DR0reBRAEHkvSe5%2FzAp8%2BwVXfWvT4qIlH1ILUh9vQ1yIt7umc4CY0an4YMYenmliEfCs2w4ERXkhw5MCNIUQWR9yZElu6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6043df19fa02323c-FRA
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
chevinstd-medium.woff
www.drtevsilk.com/assets/fonts/chevin/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/fonts/chevin/chevinstd-medium.woff
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Origin
https://www.drtevsilk.com
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.0.33
cf-request-id
071e49c8610000323c36009000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=en3nfEqYb7EvRN%2BTtsly8RDqaSJFPsEVKAjCG%2FamfxbGeYbLC0OvrpsTJ%2FoVbEJLsVn%2FCl33xgqRJtvZTNv7oGNS0lhQg1%2BNpg8WEIJ5U1E8kFFQf0u8XdeG2nwStQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6043df209862323c-FRA
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
chevinstd-bold.woff
www.drtevsilk.com/assets/fonts/chevin/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/fonts/chevin/chevinstd-bold.woff
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Origin
https://www.drtevsilk.com
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.0.33
cf-request-id
071e49c9140000323c2b9dd000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TE7yNKsRA9Pxq6bImY%2BFmSWvAg60x68d10%2BL4Pg1%2FF4R3jJMWhMA3dnQpm7cFfS8XLkgtCnZiA1IqpKoHBCMdgtyMAhuW8GAGjQpLjy0cc3mhopPsArwTFax0Ct2EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6043df21bb2d323c-FRA
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
style.min.css
www.drtevsilk.com/wp-includes/css/dist/block-library/ Frame C5AF 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9600000323c33969000000001
last-modified
Mon, 28 Sep 2020 02:07:08 GMT
server
cloudflare
etag
W/"d293-5f71454c-7e096583b4e9f8c6;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r5CXYlL3xvyplSdjWT5iemWvjuPHvN4VgMb0Em%2FlLBxxJWbIeg4k8ad2WhinZo78rDUfsVPp1KLXOrttv6ZxoG6GAhvdco5ObhFtG8ZVrxENzaHbqQfuSs116Bkzww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c4a323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
styles.css
www.drtevsilk.com/wp-content/plugins/contact-form-7/includes/css/ Frame C5AF 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9610000323c938c7000000001
last-modified
Sun, 08 Nov 2020 07:08:32 GMT
server
cloudflare
etag
W/"780-5fa79970-e0a65859d7b55c5b;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w0UhSdn4sAwsa7Y7zbpgjCQYsYWVYcPu7ncNkAwMntPo3cCe2GxLF%2FEL3QTH2PvON8LJVmPbHGu4bAbJdjQBhgLyqivFdkHqmXfUVkj%2FZUZ%2BdQRCB4eq%2Ftxaj9cKqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c4d323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
css
fonts.googleapis.com/ Frame C5AF 		6 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&ver=5.5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e46b148fc456754e7377bc0f6c08be769b8f7fd8014c5fd2212be4a46d085199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Dec 2020 20:28:43 GMT
server
ESF
date
Sat, 19 Dec 2020 20:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Dec 2020 20:28:43 GMT
css
fonts.googleapis.com/ Frame C5AF 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i&ver=5.5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20191fe4083c4f390b99555eb32a9494d90a91b2aae33543cb38b784c6f05fbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Dec 2020 19:51:06 GMT
server
ESF
date
Sat, 19 Dec 2020 20:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Dec 2020 20:28:43 GMT
bootstrap.css
www.drtevsilk.com/wp-content/themes/business-brand/assets/css/ Frame C5AF 		149 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/css/bootstrap.css
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9610000323c47985000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"254bf-5fa79911-1b9d990ddf8ec157;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fnQo4eRJAwDY93flnlTX35HNmfT3FLTLVpJVQjssbu8kiEd63Gg7aHhNghAOEsVeQBiEldHPspBMZ63L1KO8TLb%2BWKHye%2BJ2XlADJdlkoJN6gkS%2BdOTSGH6edlZbqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c4f323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C5AF 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=2.46
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
animate.css
www.drtevsilk.com/wp-content/themes/business-brand/assets/css/ Frame C5AF 		77 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/css/animate.css
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645fd2f904fb3258fc81305236ee729f3399989ae13ec25c117650411181e9b7

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9610000323c89a08000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"135ea-5fa79911-e3c987b1179d279c;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4CX%2BLc%2BDCyrkc1zQiPtDNRjqyKjIiQr8l0r9iNV0wnfO%2Fr3m2kV%2Fyq9YIQ23zb7pEeDfeFeIlUcaMdlZtrXDelsHAK3xltJQktx7tb%2FWcbvFnu1rZ2PKCa%2FipcZ1QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c52323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
menu.css
www.drtevsilk.com/wp-content/themes/business-brand/assets/css/ Frame C5AF 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/css/menu.css
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d30d7aca5dae971dfdb4468d4b6bab39accdf0be08d397e7bf536a15f2ff77

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9620000323c36918000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"31de-5fa79911-909b7a679d6f8eb;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y2dTHU4xkEjtffyjN7nRnrDV2aYVbLkO9rl%2FEt08z8vxJVG9ZyKIrsV4fV287L0v%2FnOLY1JJsu3zeNFusmPm71lBJ7H%2BS8xstElWm3T0cYmZEMdf426MlrFQFisGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c54323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
default.css
www.drtevsilk.com/wp-content/themes/business-brand/assets/css/ Frame C5AF 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/css/default.css
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890021a3ea413a6c660bb2ef593d6ce930a8cb34de5a577e26f8d8b88a5e142b

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9620000323c97b3d000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"b9ba-5fa79911-7e8398312b7e8507;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8lHfvpKwuU8Dppm21nLCg%2FhNMvwT3VvK08MPGpZ0uY24bC91ibk%2FA2FqnJsXfX6iRXU70fVdh1R%2Fh69bNa0p9CqXUpREcHS60mNTFuqS%2FKDBJqCNnyPAFXasSJ%2B%2FGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c55323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
style.css
www.drtevsilk.com/wp-content/themes/business-brand/ Frame C5AF 		1 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/style.css?ver=5.5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09380da2adb104d08c7a827ec30bebd986dc7f792427f7a0fde12ce9e4df94c

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9620000323c7f97e000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"47b-5fa79911-ec38251df273c8e7;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yng%2BBtg0sBEQdIyOH%2FENziJqgI84QkFAep1FVOkAOvzePgUT4PItOfJ3bxDdyQ90odkb9F5xJZHHzcMmdSz7Qd4edrbYVvQB9XSwXz0c4yB1DZ9TYJyTIeHVYZ5%2Fog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c56323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
jquery.js
www.drtevsilk.com/wp-includes/js/jquery/ Frame C5AF 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49c9620000323c5026e000000001
last-modified
Sat, 20 Jul 2019 01:25:58 GMT
server
cloudflare
etag
W/"17a69-5d326da6-5bd4f1f367f543d8;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7s%2FWzM2apQ7Qs8tqngQq5T44zLGtKaui76kgF%2F%2BPY%2BiYk55MGYtiUmopwuAofamXd%2B8WqgH6lkyxivg%2FscIbvq%2F50B5S4DVDPayPyAPGnzye3Gdj2TSnrC9%2F0X3LAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df223c58323c-FRA
expires
Sat, 26 Dec 2020 20:28:44 GMT
cropped-womenofislamorg.gif
www.drtevsilk.com/wp-content/uploads/2019/07/ Frame C5AF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drtevsilk.com/wp-content/uploads/2019/07/cropped-womenofislamorg.gif
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d884d3ec81418e30c138a59f0d83b91173d7df6b6c9020a06e5a5f0885c2cf

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:46 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
11060
cf-request-id
071e49d0330000323c97bdb000000001
last-modified
Wed, 24 Jul 2019 10:11:22 GMT
server
cloudflare
etag
"2b34-5d382eca-cdd12f0e188aca74;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ef8iRbnLyD7caWLvjGChHkdSIsXA3BH4xWMSNOQKl%2BHcPQiKBcuxP2nxzs7gfAQn6XWM6K%2FD5gB1loSZEQhjmln3C7hOBrD4qv5RQHQZaGY0px5%2B2EgsXfMGakjiig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6043df2d1d95323c-FRA
expires
Sat, 26 Dec 2020 20:28:45 GMT
scripts.js
www.drtevsilk.com/wp-content/plugins/contact-form-7/includes/js/ Frame C5AF 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:46 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49d0080000323c33a01000000001
last-modified
Sun, 08 Nov 2020 07:08:32 GMT
server
cloudflare
etag
W/"37c8-5fa79970-650d8e3063950bdc;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z3fsUC1D679EhLZleNaKNMuT6rpKk2%2FK8BZhaq2%2Fx2Xv%2FpLuhWy9DYXyPXgbFw0JcYbXwIZFgHEz9jdHf7We%2Bhbcve5cKnCgM%2FSvoPu%2BrnXwx%2Fe5dXbI4EYlV05VSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df2cdd1e323c-FRA
expires
Sat, 26 Dec 2020 20:28:45 GMT
bootstrap.js
www.drtevsilk.com/wp-content/themes/business-brand/assets/js/ Frame C5AF 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/js/bootstrap.js
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:46 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49d02c0000323c609fa000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"1104b-5fa79911-174048794e23688e;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PZit5LZDtGPa%2Fw1yWncKgcpW2V6jp3YsrwvrSFnk6GGu6UggtDga%2FqZWRpDMt1o1wiwoqbkUkwe0rnKAl%2F%2Fqy3xQhvmBgf1ptVm9AipiObx8OEaM5wX%2BR8ALfOWW7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df2d1d7a323c-FRA
expires
Sat, 26 Dec 2020 20:28:45 GMT
slick.js
www.drtevsilk.com/wp-content/themes/business-brand/assets/js/ Frame C5AF 		82 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/js/slick.js
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15fde05f8dac8744bb1643b021c01aa546318febd2b88a925dabe23aa1a0977b

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:46 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49d0310000323c6987c000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"14885-5fa79911-c63d2a102eb409ee;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wwInNkxdQRaQx5GXntfgYZkcO2i%2F%2FPy%2FBNFimn1p8dPriL%2BY%2FQ5nOsMkwg8OLdZc9aEyseT8Tg2Er8AzHg8fDn5YbvlKohTQIHqWn9sg1EcS9pItiWgz8y2ZvZ6cDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df2d1d8d323c-FRA
expires
Sat, 26 Dec 2020 20:28:45 GMT
menu.js
www.drtevsilk.com/wp-content/themes/business-brand/assets/js/ Frame C5AF 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-content/themes/business-brand/assets/js/menu.js
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6286c2a6644c311c8086a066941043d30ac1bf83b23029e31f6b7353b1d88b4

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:46 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49d0320000323c42156000000001
last-modified
Sun, 08 Nov 2020 07:06:57 GMT
server
cloudflare
etag
W/"e6c-5fa79911-e772d3bbe529d728;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WyIBo%2FQKeIGNuMW7eBaZiymLdSDUwLib8%2Bmi4rEyEuRN%2FQ56ij7W41mfVcgnXqHFcNKmaVgz2amNLEuEF0xpiMdZNeubOCX2Kvq%2BOlB8hors4U0Q%2FxhSedwWk0obSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df2d1d90323c-FRA
expires
Sat, 26 Dec 2020 20:28:45 GMT
wp-embed.min.js
www.drtevsilk.com/wp-includes/js/ Frame C5AF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:46 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49d0320000323c651aa000000001
last-modified
Sat, 27 Jun 2020 16:13:21 GMT
server
cloudflare
etag
W/"59a-5ef77021-90339b00e20433ee;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GYXVXywNUA8K%2FNNkvGPeJ5%2B9Rksxu7ga1ZuV0UWmoA9j7EZVmITAwwKdFDbwaqa1YUylJGX25YZShriGfKrmLclB3%2BFTkiQFUO1NCWW1wCdr6zBZMK90wdSLSDqP9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df2d1d91323c-FRA
expires
Sat, 26 Dec 2020 20:28:46 GMT
wp-emoji-release.min.js
www.drtevsilk.com/wp-includes/js/ Frame C5AF 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://www.drtevsilk.com/assets/images/sending-your-item-infographic.svg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:47 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
071e49d4560000323c2b3fe000000001
last-modified
Mon, 28 Sep 2020 02:07:26 GMT
server
cloudflare
etag
W/"37a6-5f71455e-edcbdcfc84516e5a;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=klTX5oNo5tbXznmETLskvniq5c415WafBe0shFnJsiEf9IMwSrXZOZFezqZjYaAZxnxew192vxugqMVy2hfKmsU8U%2Fd2BEX2kP1DrUj%2FBaj953sA7lc1ZvYCUd0zHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6043df33bcba323c-FRA
expires
Sat, 26 Dec 2020 20:28:46 GMT
chevinstd-light.woff
www.drtevsilk.com/assets/fonts/chevin/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.drtevsilk.com/assets/fonts/chevin/chevinstd-light.woff
Requested by
Host: www.drtevsilk.com
URL: https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:19b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Origin
https://www.drtevsilk.com
Referer
https://www.drtevsilk.com/royal/intro.php?freq=new&topic=tx_clam&appID=IMBScOeFwcCPmOIiLBmUzXBbsduKQcCYoDrRSWXOzZelonTzoGUodWPWzK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 20:28:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.0.33
cf-request-id
071e49c9870000323c78b2f000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NzeWwlluZoD78esLgKPA%2BCX7KoZcHT2t3VnaGqV5%2B5fPSzBqLqxixA1TqNig4iFNrMSbEyw2bB%2FlvZxjpgoBjYlwAICgWDhn03U8O2Uqg3piAPelt6u3A3%2FvwepChA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6043df227ce1323c-FRA
link
<https://www.drtevsilk.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Royal Mail (Government)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
.drtevsilk.com/ Name: __cfduid
Value: d3359e269dbb71d4c551df6dbb8063eea1608409721

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
maxcdn.bootstrapcdn.com
royalonline-delivery.astepofclass.com
www.drtevsilk.com
184.168.131.241
2001:4de0:ac19::1:b:2b
2606:4700:3033::681c:19b1
2a00:1450:4001:802::200a
027e325b7fcf7957d891823ddf2a7873869aa9bbdb26d645324372aeffba154c
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
15fde05f8dac8744bb1643b021c01aa546318febd2b88a925dabe23aa1a0977b
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20191fe4083c4f390b99555eb32a9494d90a91b2aae33543cb38b784c6f05fbb
2087a094b0a427d552413baedcf0e1d92b442e44c8dd7a4c517c569b4b76c038
2fc8c7cb39825b0c5fcf608136ac9c79aced90c297c0db611b0412848078e48e
508fda10fff8691a6f29ad6127bad2792a41a4f916ff341d958538d833109b31
618deac9a06cc3097f4de134668a0a5a0aca9ef989ee7bfc38f1921be76ddfc1
645fd2f904fb3258fc81305236ee729f3399989ae13ec25c117650411181e9b7
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84650b184120dd856fbcc3e3cd07ea63d9b3045498d107d12463d4ef72476991
890021a3ea413a6c660bb2ef593d6ce930a8cb34de5a577e26f8d8b88a5e142b
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9
a6d30d7aca5dae971dfdb4468d4b6bab39accdf0be08d397e7bf536a15f2ff77
b09380da2adb104d08c7a827ec30bebd986dc7f792427f7a0fde12ce9e4df94c
c1d884d3ec81418e30c138a59f0d83b91173d7df6b6c9020a06e5a5f0885c2cf
e46b148fc456754e7377bc0f6c08be769b8f7fd8014c5fd2212be4a46d085199
f6286c2a6644c311c8086a066941043d30ac1bf83b23029e31f6b7353b1d88b4
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427