www.girisyap-papara.org Open in urlscan Pro
93.89.224.197  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.girisyap-papara.org/	17 KB 6 KB	302ms 112ms	Document text/html	93.89.224.197 TR-FBS
General Check archive.org Show headers Download Go to Full URL http://www.girisyap-papara.org/ Protocol HTTP/1.1 Server 93.89.224.197 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS 93-89-224-197.fbs.com.tr Software LiteSpeed / Resource Hash dbec51dd03ddd4041db0baae8b3eceebf9722b78a73f677a5a750eb4eb8b4c62 Request headers Host www.girisyap-papara.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 6013 Content-Encoding gzip Vary Accept-Encoding Date Wed, 04 Nov 2020 07:04:33 GMT Server LiteSpeed
GET H2	200	bootstrap.min.css cdn.papara.com/web/Assets/css/app/	139 KB 24 KB	79ms 24ms	Stylesheet text/css	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/css/app/bootstrap.min.css Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 75f3f9ed09ad086c8926b4541985168a1eb683b4f4822a4d0fced99d9ac9b6b5 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:39:57 GMT content-encoding gzip last-modified Fri, 30 Oct 2020 14:02:16 GMT server AmazonS3 age 59079 etag W/"e8c9cc5010ebd7922e572cc248832cea" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id uHXZQEUMiUPKsXVLivmbfAEgo6zf2HN1 status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type text/css x-amz-cf-id EVJSVTJTJcS7lzgBeju61KZdpF4TvfuporQreZ9SFlOtzGBWXLMLlg== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	app.css cdn.papara.com/web/Assets/css/app/	446 KB 64 KB	92ms 37ms	Stylesheet text/css	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c439f5c2723d750c9b1759e9f824e2de8ee4cb2c1169bbcafe212f64b51b1629 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 18:45:21 GMT content-encoding gzip last-modified Fri, 30 Oct 2020 14:02:16 GMT server AmazonS3 age 44355 etag W/"4544f633e8917d17ff3fbe6f83c0814c" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id TV7boJ1sGPzSqFehxSAtC5x1JumC5cLA status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type text/css x-amz-cf-id 8HHYHYQ4Ed5fOAmMeoQVzer1e0aduwPMsbL9pbev93hCiBdmDIJA9Q== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	29ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 04 Nov 2020 07:04:35 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx status 200 etag W/"5eb09f0f-15d84" vary Accept-Encoding x-hw 1604473475.dop134.fr8.t,1604473475.cds288.fr8.hn,1604473475.cds142.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H/1.1	200 OK	loading.gif www.girisyap-papara.org/	194 KB 195 KB	130ms 109ms	Image image/gif	93.89.224.197 TR-FBS
General Check archive.org Show headers Download Go to Show image Full URL http://www.girisyap-papara.org/loading.gif Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol HTTP/1.1 Server 93.89.224.197 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS 93-89-224-197.fbs.com.tr Software LiteSpeed / Resource Hash 77804107ff28f9a30d88544a12f0d976253ad6289924fa2e080f8901805ea937 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 04 Nov 2020 07:04:34 GMT Last-Modified Wed, 09 Sep 2020 05:12:16 GMT Server LiteSpeed Content-Type image/gif Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 199051 Expires Wed, 11 Nov 2020 07:04:34 GMT
GET H2	200	papara.svg cdn.papara.com/web/logo/	4 KB 2 KB	104ms 51ms	Image image/svg+xml	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/logo/papara.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 88b302c9e10c3d4b7af3aad16b7eb9100692b3d39640bd1659f2b3fad95bac9f Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:39:57 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59079 etag W/"e6a07cb2e845d11d575d0c30040747c8" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id 83UJ0HaucJNiFy_jsLhT.VQoRJDEjFU3 status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type image/svg+xml x-amz-cf-id 5IemzdVuufXY5x4BGIEPrEsTqXfFW0dJABUgHD18dPLCH-wgpdYXcw== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H/1.1	200 OK	back.svg www.girisyap-papara.org/Assets/img/icon/	1 KB 940 B	144ms 124ms	Image image/svg+xml	93.89.224.197 TR-FBS
General Check archive.org Show headers Download Go to Show image Full URL http://www.girisyap-papara.org/Assets/img/icon/back.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol HTTP/1.1 Server 93.89.224.197 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS 93-89-224-197.fbs.com.tr Software LiteSpeed / Resource Hash 18e24b9bb36ca8cbe24ab3572b3cdb2340453fd38fc8bcf2c0014d2f5f5b958c Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 04 Nov 2020 07:04:34 GMT Content-Encoding gzip Last-Modified Thu, 27 Aug 2020 05:21:34 GMT Server LiteSpeed Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 597 Expires Wed, 11 Nov 2020 07:04:34 GMT
GET H/1.1	200 OK	loginpage.png www.girisyap-papara.org/Assets/img/	160 KB 161 KB	136ms 115ms	Image image/png	93.89.224.197 TR-FBS
General Check archive.org Show headers Download Go to Show image Full URL http://www.girisyap-papara.org/Assets/img/loginpage.png Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol HTTP/1.1 Server 93.89.224.197 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS 93-89-224-197.fbs.com.tr Software LiteSpeed / Resource Hash b8e887125d17aea4771833a86fde2a2a8170c781a429778da2586a485dc7f41b Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 04 Nov 2020 07:04:34 GMT Last-Modified Thu, 27 Aug 2020 05:19:42 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 164277 Expires Wed, 11 Nov 2020 07:04:34 GMT
GET H2	200	browser.svg cdn.papara.com/web/icon/	6 KB 3 KB	81ms 28ms	Image image/svg+xml	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/browser.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4963e4a5a3f8e55d4200c8716996dbba49a6b3056d697ff0643e10a43042b706 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag W/"536c5b1601e0cdac5b9cdb70d2408d15" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id 9tIFbpI5TBcI3hrXisI6bFrxE1qUOW_X status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type image/svg+xml x-amz-cf-id HdvAANyka765V0WKfMfX9q7GnpLJgEAEIuu2j85jjtzD6Np1KO39OQ== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	appstore.svg cdn.papara.com/web/icon/	8 KB 4 KB	102ms 50ms	Image image/svg+xml	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/appstore.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4ef92cf53ee6a7c117984bc8aacb603d4809fe77c7b2ca265b8a582bf843f8d8 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag W/"0cf58c702dc79e046fc0a9a06808f903" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id KC5yKC5xRkj...ht9XcMa.pLubxrQisH status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type image/svg+xml x-amz-cf-id NAYsKA9UgrhF6Hy5P9RdNTlHOw3FHVqCAq6SpZLd9zR-tgZYXesJBQ== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	googleplay.svg cdn.papara.com/web/icon/	7 KB 3 KB	101ms 50ms	Image image/svg+xml	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/googleplay.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 275b7366caa31008554a3289859e6a1f6938f76553d4b3722a90f1ef19fffaaf Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag W/"3ef87f42b1024b785d01d6b27e6e7663" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id G41NBwx1nPqBuZBt1Y4fHNmgwSTnvrQL status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type image/svg+xml x-amz-cf-id xdc9ecxZWhEwsidJ6RrsmgfzCzNs-K8Tdy-V4Y70m_85dP8_BqZeoA== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	bkm.svg cdn.papara.com/web/icon/	8 KB 3 KB	38ms 37ms	Image image/svg+xml	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/bkm.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 39a99c002ec8369061f1dd3067f5a73f6e38d08553b4f207d650356fa23843e9 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag W/"8d928dfa3fce3dc5d9b91734c75b308e" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id nqg6OoAN3opoo7CtEyq7ydo7yeqI__LT status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type image/svg+xml x-amz-cf-id vkM9x_Y4IClH38E_-v53YjGTvrEenpS29YnZvmvqEo6QrbLmrz_7fw== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	mastercard.svg cdn.papara.com/web/icon/	4 KB 2 KB	39ms 38ms	Image image/svg+xml	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/mastercard.svg Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash db9634c15a4e776e15991ba615ae46cd74f5deeeed9cf65e6bb616345539bbe9 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag W/"0f39ac3b296f7aabcb46410cb8eaa87d" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id FpC.kaVRVIRPROIHXlzFTQWiCekMQFWZ status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 content-type image/svg+xml x-amz-cf-id Azc7mc2qCPKqjL9saTXF-e4RuUyzuXxpLe5NDgCiPtDT2n8dVTixhA== via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront)
GET H2	200	visa.png cdn.papara.com/web/icon/	2 KB 3 KB	39ms 38ms	Image image/png	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/visa.png Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1492f54afa9ca3361e253a8607aad6fe1255b53583746044a1946d844595f2d1 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront) last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag "4ae1ed003cf5896954b2ed8705799b46" x-cache Hit from cloudfront x-amz-version-id P.bq64tVbQVkicDhf.7FIRF9805JOOud status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 accept-ranges bytes content-type image/png content-length 2329 x-amz-cf-id LuqauJlTFxCVb2NXPXq3KQqgipXQbnTfX5mC9Pl0bnQU2PvSZRV7Hw==
GET H2	200	tcmb.png cdn.papara.com/web/icon/	1 KB 2 KB	39ms 39ms	Image image/png	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.papara.com/web/icon/tcmb.png Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 84915889e83bb60558ed7a55c17cff1b48d10a88a8675ad6966088d96294afa8 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 03 Nov 2020 14:40:00 GMT via 1.1 85daad39dc083a1e2c1e2c6d1d6698e3.cloudfront.net (CloudFront) last-modified Thu, 16 Apr 2020 14:27:47 GMT server AmazonS3 age 59076 etag "4812a2e33533137f3cd74df6605f485e" x-cache Hit from cloudfront x-amz-version-id Z2JXgRlpnSUYfiC0Kx3BM68Ro8eTMVY3 status 200 cache-control max-age=31536000 x-amz-cf-pop CDG50-C1 accept-ranges bytes content-type image/png content-length 1522 x-amz-cf-id siozJYUxIpLGaT7URdnFhokOoZ2I0NL2MBrD0dzBRZS9I3z6XTDmUA==
GET H/1.1	200 OK	js.js Show response www.girisyap-papara.org/	5 KB 2 KB	67ms 63ms	Script application/javascript	93.89.224.197 TR-FBS
General Check archive.org Show headers Download Go to Full URL http://www.girisyap-papara.org/js.js Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol HTTP/1.1 Server 93.89.224.197 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS 93-89-224-197.fbs.com.tr Software LiteSpeed / Resource Hash 2325f9067ec5174ba012528bb387815be749458b2e0350f4b57f1ad90f2ce869 Request headers Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 04 Nov 2020 07:04:33 GMT Content-Encoding gzip Last-Modified Wed, 09 Sep 2020 13:20:40 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1703 Expires Wed, 11 Nov 2020 07:04:33 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 43CC	0 0	44ms 25ms	Document text/html	2a00:1450:4001:81a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1GZAUAAAAANqa6afQLYloepMSnjjD89Tz3wZr&co=aHR0cHM6Ly93d3cucGFwYXJhLmNvbTo0NDM.&hl=tr&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=rnl2wlgpcq9m Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zvxmLJDu2stB3Hmc1cSUWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6Le1GZAUAAAAANqa6afQLYloepMSnjjD89Tz3wZr&co=aHR0cHM6Ly93d3cucGFwYXJhLmNvbTo0NDM.&hl=tr&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=rnl2wlgpcq9m pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.girisyap-papara.org/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.girisyap-papara.org/ Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 04 Nov 2020 07:04:35 GMT content-security-policy script-src 'report-sample' 'nonce-zvxmLJDu2stB3Hmc1cSUWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10921 server GSE alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	login_button.php www.facebook.com/v3.1/plugins/ Frame A3F7	0 0	56ms 44ms	Document text/html	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v3.1/plugins/login_button.php?app_id=1854851424773875&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a783a34ca99a8%26domain%3Dwww.papara.com%26origin%3Dhttps%253A%252F%252Fwww.papara.com%252Ff113338e0136888%26relation%3Dparent.parent&container_width=0&locale=tr_TR&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=large&use_continue_as=true&width=100%25 Requested by Host: www.girisyap-papara.org URL: http://www.girisyap-papara.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /v3.1/plugins/login_button.php?app_id=1854851424773875&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a783a34ca99a8%26domain%3Dwww.papara.com%26origin%3Dhttps%253A%252F%252Fwww.papara.com%252Ff113338e0136888%26relation%3Dparent.parent&container_width=0&locale=tr_TR&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=large&use_continue_as=true&width=100%25 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.girisyap-papara.org/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.girisyap-papara.org/ Response headers status 200 vary Accept-Encoding pragma no-cache content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-cache, no-store, must-revalidate content-encoding br strict-transport-security max-age=15552000; preload x-content-type-options nosniff x-xss-protection 0 expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v3.2 content-type text/html; charset="utf-8" x-fb-debug 0E5ybYifVOnzIwWQ543Z1520bT3lsXW/4NHqS2AcBzWQ892rWSD+pZi6MTtS2/iy75C5uG70s+KG/d6VAFcZog== date Wed, 04 Nov 2020 07:04:35 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
GET H2	200	averta-bold-webfont.woff2 cdn.papara.com/web/Assets/fonts/	35 KB 35 KB	153ms 119ms	Font application/octet-stream	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/fonts/averta-bold-webfont.woff2 Requested by Host: cdn.papara.com URL: https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 879203352fe9c403a9c6609c5ba0fa18a13773ae17de684e7e0d2e3b070ce233 Request headers Origin http://www.girisyap-papara.org Referer https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 04 Nov 2020 07:04:36 GMT via 1.1 20b61f8a897671342027285e75830e4e.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop CDG50-C1 x-cache Miss from cloudfront status 200 content-length 35516 last-modified Fri, 30 Oct 2020 14:02:27 GMT server AmazonS3 etag "f4745d74ac79a2245da766ec2c88bd01" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id LFGT_hknZ6FEkISDX95o8jNKGWx4uADS access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-type application/octet-stream x-amz-cf-id DDr5KaBx6Gxi_GgK2PP7YD8JnmsJZa4TmAl1UxhzfYPZuDTepyXbxA==
GET H2	200	averta-regular-webfont.woff2 cdn.papara.com/web/Assets/fonts/	35 KB 35 KB	138ms 103ms	Font application/octet-stream	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/fonts/averta-regular-webfont.woff2 Requested by Host: cdn.papara.com URL: https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6a87b3261886a5f0018a9b231046b75e6f097de418dfa43f4124336159ca6900 Request headers Origin http://www.girisyap-papara.org Referer https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 04 Nov 2020 07:04:36 GMT via 1.1 20b61f8a897671342027285e75830e4e.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop CDG50-C1 x-cache Miss from cloudfront status 200 content-length 35512 last-modified Fri, 30 Oct 2020 14:02:32 GMT server AmazonS3 etag "9c130cd9c549d8ff2c98bfb92284f264" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id .piMD7VqrRKbVex6NuOxiqdCHlXDdjsR access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-type application/octet-stream x-amz-cf-id M4cHBhRaW2zHF0HkB_01SRq3CBX2JWcrqiIrsA4Ry_XrX12LWSenag==
GET H2	200	averta-semibold-webfont.woff2 cdn.papara.com/web/Assets/fonts/	33 KB 34 KB	143ms 110ms	Font application/octet-stream	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/fonts/averta-semibold-webfont.woff2 Requested by Host: cdn.papara.com URL: https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 070f61f5375bbc912157698d389a73927673fd7b5b9cef708be36ab4d06b38e2 Request headers Origin http://www.girisyap-papara.org Referer https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 04 Nov 2020 07:04:36 GMT via 1.1 20b61f8a897671342027285e75830e4e.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop CDG50-C1 x-cache Miss from cloudfront status 200 content-length 33936 last-modified Fri, 30 Oct 2020 14:02:34 GMT server AmazonS3 etag "7d33efdf06b0b6592a499a916e886ce0" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id AxZnKtLZoziV06uwZS1nU7Ve6pcEk6Ih access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-type application/octet-stream x-amz-cf-id Ls7-NfZJW6UDoGFrakIxojlZd0plZFR26Ca4rHafNaMJsI87ykj6ew==
GET H2	200	averta-light-webfont.woff2 cdn.papara.com/web/Assets/fonts/	35 KB 36 KB	170ms 138ms	Font application/octet-stream	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/fonts/averta-light-webfont.woff2 Requested by Host: cdn.papara.com URL: https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 37af6686eb0da080937f4da5abcf9f17874fa3e200a828573c9c43b4afdf88cd Request headers Origin http://www.girisyap-papara.org Referer https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 04 Nov 2020 07:04:36 GMT via 1.1 20b61f8a897671342027285e75830e4e.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop CDG50-C1 x-cache Miss from cloudfront status 200 content-length 36084 last-modified Fri, 30 Oct 2020 14:02:30 GMT server AmazonS3 etag "8ddd1d305e8cd748857f8404473d7ed7" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id og6.aun0oU5t36yx.3wXlmUCys1ul6kY access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-type application/octet-stream x-amz-cf-id Y9-I_w0MjvsJDlVvPkoW99LfvVhjsEOA-cAHJ0WNA6LJunhInlTyGQ==
GET H2	200	fontawesome-webfont.woff2 cdn.papara.com/web/Assets/fonts/	75 KB 76 KB	160ms 129ms	Font application/octet-stream	2600:9000:2117:1600:14:51cc:5fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.papara.com/web/Assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdn.papara.com URL: https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2117:1600:14:51cc:5fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Origin http://www.girisyap-papara.org Referer https://cdn.papara.com/web/Assets/css/app/app.css?v=-8586033260254775808 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 04 Nov 2020 07:04:36 GMT via 1.1 20b61f8a897671342027285e75830e4e.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop CDG50-C1 x-cache Miss from cloudfront status 200 content-length 77160 last-modified Fri, 30 Oct 2020 14:02:37 GMT server AmazonS3 etag "af7ae505a9eed503f8b8e6982036873e" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id hd47v8kxmHyUMxR5uwjUGRbAOu131YF1 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-type application/octet-stream x-amz-cf-id zld13xnrVo_nWQ8UlOAtaMcEbaMvHGsn8zYgSJe1zAHb-JFHO0Y6ww==
GET H/1.1	200 OK	/ Show response api.ipify.org/	22 B 261 B	397ms 102ms	XHR application/json	50.19.98.74 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.19.98.74 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-19-98-74.compute-1.amazonaws.com Software Cowboy / Resource Hash 92a2fc6cc9cd39249eebb8dab7e6c26275727e0779deefb14cc6a07bf44b0555 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer http://www.girisyap-papara.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 04 Nov 2020 07:04:35 GMT Via 1.1 vegur Server Cowboy Vary Origin Content-Type application/json Access-Control-Allow-Origin http://www.girisyap-papara.org Connection keep-alive Content-Length 22

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Papara (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| trustedTypes function| $ function| jQuery number| page number| onayla1 function| ony1 number| saniye number| dakika number| saat function| bak number| saniye1 number| dakika1 number| saat1 function| bakim string| ip function| baitSender

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.papara.com
code.jquery.com
www.facebook.com
www.girisyap-papara.org
www.google.com
2001:4de0:ac19::1:b:1a
2600:9000:2117:1600:14:51cc:5fc0:93a1
2a00:1450:4001:81a::2004
2a03:2880:f11c:8183:face:b00c:0:25de
50.19.98.74
93.89.224.197
070f61f5375bbc912157698d389a73927673fd7b5b9cef708be36ab4d06b38e2
1492f54afa9ca3361e253a8607aad6fe1255b53583746044a1946d844595f2d1
18e24b9bb36ca8cbe24ab3572b3cdb2340453fd38fc8bcf2c0014d2f5f5b958c
2325f9067ec5174ba012528bb387815be749458b2e0350f4b57f1ad90f2ce869
275b7366caa31008554a3289859e6a1f6938f76553d4b3722a90f1ef19fffaaf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
37af6686eb0da080937f4da5abcf9f17874fa3e200a828573c9c43b4afdf88cd
39a99c002ec8369061f1dd3067f5a73f6e38d08553b4f207d650356fa23843e9
4963e4a5a3f8e55d4200c8716996dbba49a6b3056d697ff0643e10a43042b706
4ef92cf53ee6a7c117984bc8aacb603d4809fe77c7b2ca265b8a582bf843f8d8
6a87b3261886a5f0018a9b231046b75e6f097de418dfa43f4124336159ca6900
75f3f9ed09ad086c8926b4541985168a1eb683b4f4822a4d0fced99d9ac9b6b5
77804107ff28f9a30d88544a12f0d976253ad6289924fa2e080f8901805ea937
84915889e83bb60558ed7a55c17cff1b48d10a88a8675ad6966088d96294afa8
879203352fe9c403a9c6609c5ba0fa18a13773ae17de684e7e0d2e3b070ce233
88b302c9e10c3d4b7af3aad16b7eb9100692b3d39640bd1659f2b3fad95bac9f
92a2fc6cc9cd39249eebb8dab7e6c26275727e0779deefb14cc6a07bf44b0555
b8e887125d17aea4771833a86fde2a2a8170c781a429778da2586a485dc7f41b
c439f5c2723d750c9b1759e9f824e2de8ee4cb2c1169bbcafe212f64b51b1629
db9634c15a4e776e15991ba615ae46cd74f5deeeed9cf65e6bb616345539bbe9
dbec51dd03ddd4041db0baae8b3eceebf9722b78a73f677a5a750eb4eb8b4c62
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d