URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Submission: On February 01 via automatic, source openphish

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 217.116.198.169, located in Ankara, Turkey and belongs to HOSTHANE, TR. The main domain is corumgroup.com.tr.
This is the only time corumgroup.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 217.116.198.169 49879 (HOSTHANE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
28 3
Apex Domain
Subdomains
Transfer
22 corumgroup.com.tr
corumgroup.com.tr
535 KB
5 gstatic.com
fonts.gstatic.com
67 KB
1 googleapis.com
fonts.googleapis.com
795 B
28 3
Domain Requested by
22 corumgroup.com.tr corumgroup.com.tr
5 fonts.gstatic.com corumgroup.com.tr
1 fonts.googleapis.com corumgroup.com.tr
28 3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.markavinci.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
*.google.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh

This page contains 1 frames:

Primary Page: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Frame ID: 87CDF1C7AD8AF2979F4336D4698A8D55
Requests: 28 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[\/\w-]+\/js/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[\/\w-]+\/js/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[\/\w-]+\/js/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[\'"][^']+revslider[\/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
  • script /\/revslider\/[\/\w-]+\/js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

21 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

603 kB
Transfer

1217 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request update.htm
corumgroup.com.tr/wp-admin/user/M&T/
58 KB
12 KB
Document
General
Full URL
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PHP/7.2.22
Resource Hash
45c3edec683714eba59b146ff98b87e0d5633408029135ce3f9744a3ec96d893

Request headers

Host
corumgroup.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
nginx
Date
Sat, 01 Feb 2020 00:17:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding User-Agent
X-Powered-By
PHP/7.2.22
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<http://corumgroup.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding
gzip
style.min.css
corumgroup.com.tr/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jan 2020 18:48:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5e34766b-a1fb"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
styles.css
corumgroup.com.tr/wp-content/plugins/contact-form-7/includes/css/
2 KB
951 B
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jan 2020 18:34:22 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5e34732e-66d"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
settings.css
corumgroup.com.tr/wp-content/plugins/revslider/public/assets/css/
39 KB
10 KB
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.4
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
d32e90e67625a7fd39a1d85256ce180f27de7a2b5e1d4c96ab156a3dcafa2100

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b05221e-9bd7"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
css
fonts.googleapis.com/
6 KB
795 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C700%7CLato%3A400%2C700&subset=latin&ver=5.3.2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff2646a65cf40a0cfb61bef08e000777fe1aecaafc26cc7b45fd8e4f25535ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 01 Feb 2020 00:13:37 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 01 Feb 2020 00:13:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 01 Feb 2020 00:13:37 GMT
style.min.css
corumgroup.com.tr/wp-content/themes/Impreza/css/
230 KB
42 KB
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza/css/style.min.css?ver=5.2.1
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
4bdbf6655a40365afef577ee36779952c3f542cb2f31b619a1af9e3308f15403

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jun 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b16459e-398c3"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
responsive.min.css
corumgroup.com.tr/wp-content/themes/Impreza/css/
22 KB
5 KB
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza/css/responsive.min.css?ver=5.2.1
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
64fdefbad83dd3453d6f936365a9d2d9e82f5dae18116b45a1afc1cbe68878df

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jun 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b16459e-58c1"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
corumgroup.com.tr/wp-content/themes/Impreza-child/
851 B
726 B
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza-child/style.css?ver=5.2.1
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
a70a447bf59c6e917194c08e4f2970cd5cddd706cfc3edb4c00134a754c76552

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jul 2018 10:42:54 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"353-570cb068b0780-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
381
Defaults.css
corumgroup.com.tr/wp-content/uploads/smile_fonts/Defaults/
27 KB
5 KB
Stylesheet
General
Full URL
http://corumgroup.com.tr/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.3.2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Jul 2018 12:37:00 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b4356ec-6bf7"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery.js
corumgroup.com.tr/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jan 2020 18:48:12 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5e34766c-17a69"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery.themepunch.tools.min.js
corumgroup.com.tr/wp-content/plugins/revslider/public/assets/js/
108 KB
38 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.4
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b05221e-1afe4"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery.themepunch.revolution.min.js
corumgroup.com.tr/wp-content/plugins/revslider/public/assets/js/
63 KB
18 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.4
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
8c0089569c5ceaf1e1dcfc22c2285ca01a05599563b72035bc84a2357f8ca965

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b05221e-fdcb"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
wp-emoji-release.min.js
corumgroup.com.tr/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jan 2020 18:48:12 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5e34766c-362a"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
logo-1024x431.png
corumgroup.com.tr/wp-content/uploads/2019/10/
111 KB
111 KB
Image
General
Full URL
http://corumgroup.com.tr/wp-content/uploads/2019/10/logo-1024x431.png
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
35eba5c99501c9dcdd4485c4b6341a9b34f2afc92d959e3eeb051bb57a58f9d7

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
ETag
"5d9f1e46-1ba59"
Last-Modified
Thu, 10 Oct 2019 12:04:22 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113241
logo-2.png
corumgroup.com.tr/wp-content/uploads/2018/07/
17 KB
18 KB
Image
General
Full URL
http://corumgroup.com.tr/wp-content/uploads/2018/07/logo-2.png
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
913c73e7c764b98d9dada71567b9a54d3d962e4f94d1d8e39cebe091cd37212f

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
ETag
"5b436446-455d"
Last-Modified
Mon, 09 Jul 2018 13:33:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17757
en.png
corumgroup.com.tr/wp-content/plugins/sitepress-multilingual-cms/res/flags/
600 B
901 B
Image
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Last-Modified
Sun, 01 Jul 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"258-56feb9fa5e380"
Vary
User-Agent
Content-Type
image/png
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
600
tr.png
corumgroup.com.tr/wp-content/plugins/sitepress-multilingual-cms/res/flags/
317 B
618 B
Image
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/sitepress-multilingual-cms/res/flags/tr.png
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
f9702551ec8535a7c5bb8187220d0c327e954a2f5f840d1b7d8658fc07dee194

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Last-Modified
Sun, 01 Jul 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"13d-56feb9fa5e380"
Vary
User-Agent
Content-Type
image/png
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
317
scripts.js
corumgroup.com.tr/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jan 2020 18:34:22 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5e34732e-3868"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
us.core.min.js
corumgroup.com.tr/wp-content/themes/Impreza/js/
102 KB
24 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza/js/us.core.min.js?ver=5.2.1
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
7d7831a95222d4de7262e6eca1e80159f87d41249c055ec4ddee88da80764427

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jun 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5b16459e-197b9"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
wp-embed.min.js
corumgroup.com.tr/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://corumgroup.com.tr/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jan 2020 18:48:12 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5e34766c-577"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
fa-solid-900.woff2
corumgroup.com.tr/wp-content/themes/Impreza/fonts/
63 KB
63 KB
Font
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza/fonts/fa-solid-900.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Origin
http://corumgroup.com.tr

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
ETag
"5b16459e-fbac"
Last-Modified
Tue, 05 Jun 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64428
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C700%7CLato%3A400%2C700&subset=latin&ver=5.3.2
Origin
http://corumgroup.com.tr

Response headers

date
Thu, 23 Jan 2020 22:35:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
697093
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 22 Jan 2021 22:35:24 GMT
fa-brands-400.woff2
corumgroup.com.tr/wp-content/themes/Impreza/fonts/
60 KB
60 KB
Font
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza/fonts/fa-brands-400.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
911c9e4a18166ae4b0ff905a0141335fbf88c3c69edf8d621a18906877983ee4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Origin
http://corumgroup.com.tr

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
ETag
"5b16459e-ef58"
Last-Modified
Tue, 05 Jun 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61272
va9B4kDNxMZdWfMOD5VnLK3eRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6Xl7Glw.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c03d09c7c1cf3c86111f528e2d120592aaef6354ceb55c8e406319c30a765ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C700%7CLato%3A400%2C700&subset=latin&ver=5.3.2
Origin
http://corumgroup.com.tr

Response headers

date
Thu, 23 Jan 2020 22:35:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:08 GMT
server
sffe
age
697112
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15372
x-xss-protection
0
expires
Fri, 22 Jan 2021 22:35:05 GMT
fa-regular-400.woff2
corumgroup.com.tr/wp-content/themes/Impreza/fonts/
76 KB
76 KB
Font
General
Full URL
http://corumgroup.com.tr/wp-content/themes/Impreza/fonts/fa-regular-400.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
HTTP/1.1
Server
217.116.198.169 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.markavinci.com
Software
nginx / PleskLin
Resource Hash
4039460e181605090fc6f0d5d1679b2c05f4639ef114d1c158ae48647f7109a9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Origin
http://corumgroup.com.tr

Response headers

Date
Sat, 01 Feb 2020 00:17:06 GMT
ETag
"5b16459e-12e9c"
Last-Modified
Tue, 05 Jun 2018 08:11:10 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77468
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C700%7CLato%3A400%2C700&subset=latin&ver=5.3.2
Origin
http://corumgroup.com.tr

Response headers

date
Wed, 22 Jan 2020 18:18:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:53 GMT
server
sffe
age
798932
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15212
x-xss-protection
0
expires
Thu, 21 Jan 2021 18:18:05 GMT
S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v16/
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C700%7CLato%3A400%2C700&subset=latin&ver=5.3.2
Origin
http://corumgroup.com.tr

Response headers

date
Fri, 31 Jan 2020 23:23:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:44 GMT
server
sffe
age
3012
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
2888
x-xss-protection
0
expires
Sat, 30 Jan 2021 23:23:25 GMT
va9B4kDNxMZdWfMOD5VnLK3eSBf6Xl7Gl3LX.woff2
fonts.gstatic.com/s/firasans/v10/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eSBf6Xl7Gl3LX.woff2
Requested by
Host: corumgroup.com.tr
URL: http://corumgroup.com.tr/wp-admin/user/M&T/update.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c9a8dbcdcc255f72be8c655508d24f59e4a1489f36c726da96f0c558942bb54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C700%7CLato%3A400%2C700&subset=latin&ver=5.3.2
Origin
http://corumgroup.com.tr

Response headers

date
Thu, 23 Jan 2020 22:32:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:13 GMT
server
sffe
age
697269
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20600
x-xss-protection
0
expires
Fri, 22 Jan 2021 22:32:28 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery undefined| oldgs object| punchgs object| _gsScope undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue object| root function| setREVStartSize object| $us object| wpcf7 function| EventEmitter object| eventie function| imagesLoaded object| jQuery1124021001555883624068

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corumgroup.com.tr
fonts.googleapis.com
fonts.gstatic.com
217.116.198.169
2a00:1450:4001:808::2003
2a00:1450:4001:81b::200a
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2c03d09c7c1cf3c86111f528e2d120592aaef6354ceb55c8e406319c30a765ed
2c9a8dbcdcc255f72be8c655508d24f59e4a1489f36c726da96f0c558942bb54
35eba5c99501c9dcdd4485c4b6341a9b34f2afc92d959e3eeb051bb57a58f9d7
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
4039460e181605090fc6f0d5d1679b2c05f4639ef114d1c158ae48647f7109a9
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
45c3edec683714eba59b146ff98b87e0d5633408029135ce3f9744a3ec96d893
4bdbf6655a40365afef577ee36779952c3f542cb2f31b619a1af9e3308f15403
64fdefbad83dd3453d6f936365a9d2d9e82f5dae18116b45a1afc1cbe68878df
7d7831a95222d4de7262e6eca1e80159f87d41249c055ec4ddee88da80764427
8c0089569c5ceaf1e1dcfc22c2285ca01a05599563b72035bc84a2357f8ca965
911c9e4a18166ae4b0ff905a0141335fbf88c3c69edf8d621a18906877983ee4
913c73e7c764b98d9dada71567b9a54d3d962e4f94d1d8e39cebe091cd37212f
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
a70a447bf59c6e917194c08e4f2970cd5cddd706cfc3edb4c00134a754c76552
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
d32e90e67625a7fd39a1d85256ce180f27de7a2b5e1d4c96ab156a3dcafa2100
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
f9702551ec8535a7c5bb8187220d0c327e954a2f5f840d1b7d8658fc07dee194
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad
ff2646a65cf40a0cfb61bef08e000777fe1aecaafc26cc7b45fd8e4f25535ee4