Submitted URL: http://94.102.68.90/
Effective URL: https://94.102.68.90/Index.asp
Submission: On October 26 via manual from DE

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 30 HTTP transactions. The main IP is 94.102.68.90, located in Turkey and belongs to DORUKNET, TR. The main domain is 94.102.68.90.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 1st 2017. Valid for: a year.
This is the only time 94.102.68.90 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 94.102.68.90 8685 (DORUKNET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
30 4
Domain Requested by
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com 94.102.68.90
30 2

This site contains links to these domains. Also see Links.

Domain
www.romaplastik.com
tr-tr.facebook.com
Subject Issuer Validity Valid
*.romaplastik.com
COMODO RSA Domain Validation Secure Server CA
2017-12-01 -
2018-12-02
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://94.102.68.90/Index.asp
Frame ID: E666FFC01BAE5A08F6D96B5A8AEE4015
Requests: 30 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://94.102.68.90/ HTTP 302
    https://94.102.68.90/Index.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

30
Requests

13 %
HTTPS

75 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

899 kB
Transfer

963 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://94.102.68.90/ HTTP 302
    https://94.102.68.90/Index.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set Index.asp
94.102.68.90/
Redirect Chain
  • http://94.102.68.90/
  • https://94.102.68.90/Index.asp
21 KB
22 KB
Document
General
Full URL
https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ecf3de20f116fe9ba6894c188832b26d36d4d27cf798a7b77f6e72f8da89078e

Request headers

Host
94.102.68.90
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
member=zwart; ASPSESSIONIDQQDBSDBR=OBGLELGDDNBEKAEINPMJIKMK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Length
21846
Content-Type
text/html
Server
Microsoft-IIS/7.5
Set-Cookie
member=zwart; path=/; HttpOnly ASPSESSIONIDQUDBSDBR=PBGLELGDFJOPEOHMBNLLJMKO; secure; path=/
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:52 GMT

Redirect headers

Cache-Control
private
Content-Length
151
Content-Type
text/html
Location
https://94.102.68.90/Index.asp
Server
Microsoft-IIS/7.5
Set-Cookie
member=zwart; path=/; HttpOnly ASPSESSIONIDQQDBSDBR=OBGLELGDDNBEKAEINPMJIKMK; path=/
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:52 GMT
bootstrap.min.css
94.102.68.90/css/
127 KB
127 KB
Stylesheet
General
Full URL
https://94.102.68.90/css/bootstrap.min.css
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ee3be8db1206a2e6f203280b21b97d22c5968d81473b26d106339fba409be755

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:52 GMT
Last-Modified
Thu, 14 Sep 2017 12:06:42 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"6a8046ed512dd31:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
129704
style.css
94.102.68.90/css/
9 KB
9 KB
Stylesheet
General
Full URL
https://94.102.68.90/css/style.css
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
af4fb4855bcc4fc5210bbd58c35c323f82481c30535ff4cbc206575fe5a32592

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:52 GMT
Last-Modified
Fri, 03 Feb 2017 10:04:53 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"76da39f747ed21:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
8705
responsiveslides.css
94.102.68.90/css/
464 B
739 B
Stylesheet
General
Full URL
https://94.102.68.90/css/responsiveslides.css
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
5070fb54356d4f55b6a6ba8522d957dafc588fb62c71a54663bf8d70aa6829b9

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:52 GMT
Last-Modified
Mon, 24 Oct 2016 09:38:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ff4f153da2dd21:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
464
slide.css
94.102.68.90/css/
3 KB
4 KB
Stylesheet
General
Full URL
https://94.102.68.90/css/slide.css
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
62be37b3e00b053b8961ad7cc6b32224fbc9b16aa686eb35aa146b6405fa7335

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:52 GMT
Last-Modified
Tue, 12 Sep 2017 12:05:30 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"481126ebf2bd31:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3389
jquery.min.js
94.102.68.90/js/
95 KB
95 KB
Script
General
Full URL
https://94.102.68.90/js/jquery.min.js
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:59 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"24f6ac388c2bd21:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
97166
bootstrap.min.js
94.102.68.90/js/
36 KB
36 KB
Script
General
Full URL
https://94.102.68.90/js/bootstrap.min.js
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:58 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ce4af3378c2bd21:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
37051
responsiveslides.min.js
94.102.68.90/js/
3 KB
4 KB
Script
General
Full URL
https://94.102.68.90/js/responsiveslides.min.js
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c6205b591ecf8c530f702ea1596c7d1861cda7b9f67d585ba627ab11101c32dd

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:59 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"653ebb388c2bd21:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
3403
logo.png
94.102.68.90/images/
7 KB
7 KB
Image
General
Full URL
https://94.102.68.90/images/logo.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b9ec84cd3c69b308e725cefa5c9c98afe21a40dd10e42fd438ac3c110042d973

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 25 Aug 2017 09:32:42 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ba738d19851dd31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7083
kenarbandi.png
94.102.68.90/images/
23 KB
23 KB
Image
General
Full URL
https://94.102.68.90/images/kenarbandi.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
21f8675f2d3e76dda24d116ac711f4d2d0f7be628cfcb309712ecd5f267f1603

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:33 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"2c46a298c2bd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
23222
12032018154422.jpg
94.102.68.90/resimler/
76 KB
76 KB
Image
General
Full URL
https://94.102.68.90/resimler/12032018154422.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
50ec574141556fec71dbbc67dc63c2ddf17ca27aac7e04a43d3facde487c2bef

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Mon, 12 Mar 2018 13:44:23 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"cca9df3a8bad31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
77980
13102016154729.jpg
94.102.68.90/resimler/
66 KB
66 KB
Image
General
Full URL
https://94.102.68.90/resimler/13102016154729.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1041ce7e52e1e250e156459f3c1909eda93b0bfb13aeef5b1a9b1bb0d7ddc561

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:11:09 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"baa157d38b2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
67805
13102016154123.jpg
94.102.68.90/resimler/
60 KB
60 KB
Image
General
Full URL
https://94.102.68.90/resimler/13102016154123.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
06380e17d01163e762054b6b1772491622ca6e3ea5fe948b987fcfd108f3e9e3

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:11:10 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"4869d3d38b2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
61399
20102016120724.jpg
94.102.68.90/resimler/
73 KB
73 KB
Image
General
Full URL
https://94.102.68.90/resimler/20102016120724.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0010e27315af2c5589a0df09e39502881d5965de4afd339df2230ba988a8bb88

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:10:34 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ed1448be8b2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
74677
14102016101359.jpg
94.102.68.90/resimler/
31 KB
31 KB
Image
General
Full URL
https://94.102.68.90/resimler/14102016101359.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
38a12a620696fb343a2c6b61bcb8bbe4ca58cbc81fdbeaeff79d0cc88e0d8322

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:10:56 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"59b9b7cb8b2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
31684
14102016101015.jpg
94.102.68.90/resimler/
25 KB
25 KB
Image
General
Full URL
https://94.102.68.90/resimler/14102016101015.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
01efa864afe344d0f3bdd87d22bdfa6e8d2666b6b423c684f17d063ccbe37105

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:10:56 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"209df5cb8b2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
25544
edgebandwizard.jpg
94.102.68.90/images/
43 KB
44 KB
Image
General
Full URL
https://94.102.68.90/images/edgebandwizard.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ce06c9f47039fb59fe2a5e8d6f83ec490e3813590b9ef8712b51852892e61f9c

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:30 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"23e644278c2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
44438
mavi-facebook.png
94.102.68.90/images/
18 KB
18 KB
Image
General
Full URL
https://94.102.68.90/images/mavi-facebook.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ec8551c5864771e085a608a6aab09fba7f54587854c597be620e4cdbd15b129c

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Thu, 01 Dec 2016 12:32:05 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"aff03edce4bd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
18068
gtm.js
www.googletagmanager.com/
72 KB
29 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MWT4PRW
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/Index.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4d2e89d004ded0d41a54983d16d3ebf416caad5b4c515c9eee287d9c1038971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 14:00:55 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29084
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Oct 2020 14:00:55 GMT
1.jpg
94.102.68.90/images/
20 KB
20 KB
Image
General
Full URL
https://94.102.68.90/images/1.jpg
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7fe8babf93e072218477844e45262e1793ca845800f01a4d19700f7086843fd1

Request headers

Referer
https://94.102.68.90/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:30 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"482072278c2bd21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20335
buyuk_beyaz.png
94.102.68.90/images/
16 KB
16 KB
Image
General
Full URL
https://94.102.68.90/images/buyuk_beyaz.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
60da3dc477b56bac30aec2e1bd16d74d640d58a488fbda8afc8077456f81bc61

Request headers

Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"9648d288c2bd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16476
kucuk_gri.png
94.102.68.90/images/
16 KB
16 KB
Image
General
Full URL
https://94.102.68.90/images/kucuk_gri.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
90a911230a38ef7693248a8d21553cd24bae081cd525cad224386b0cba87158b

Request headers

Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"f7bf5278c2bd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16468
buyuk_gri.png
94.102.68.90/images/
16 KB
16 KB
Image
General
Full URL
https://94.102.68.90/images/buyuk_gri.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
5d143429cd345c42455843d56129cc683836d9042c5d6bc74b0d7a23f7b7d2ff

Request headers

Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"44e67288c2bd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16538
kucuk_mavi.png
94.102.68.90/images/
16 KB
16 KB
Image
General
Full URL
https://94.102.68.90/images/kucuk_mavi.png
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ca878dfd9a79a9b037c3664a906642a2fc596f4167fbeebafec8b059e6b5f55e

Request headers

Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"9bc018288c2bd21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16463
glyphicons-halflings-regular.woff2
94.102.68.90/fonts/
0
0
Font
General
Full URL
https://94.102.68.90/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Origin
https://94.102.68.90
Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1129
Content-Type
text/html
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWT4PRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
2707
date
Mon, 26 Oct 2020 13:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Mon, 26 Oct 2020 15:15:48 GMT
collect
www.google-analytics.com/j/
1 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=2030189298&t=pageview&_s=1&dl=https%3A%2F%2F94.102.68.90%2FIndex.asp&ul=en-us&de=UTF-8&dt=Pvc%2C%20Melamin%2C%20PMMA%2C%20Al%C3%BCminyum%20Kenarbantlar%C4%B1%20-%20ROMA%20PLAST%C4%B0K%20SAN.%20T%C4%B0C.%20A.%C5%9E.%20-%20Kenarbantlar%C4%B1%2C%20Kenar%20Bantlar%C4%B1%2C%20Kenarband%C4%B1%2C%20Kenar%20Band%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1938836330&gjid=1491774884&cid=835425022.1603720855&tid=UA-56350679-12&_gid=833673411.1603720855&_r=1&gtm=2wgae1MWT4PRW&z=939998272
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Oct 2020 14:00:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://94.102.68.90
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
406 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=2030189298&t=pageview&_s=1&dl=https%3A%2F%2F94.102.68.90%2FIndex.asp&ul=en-us&de=UTF-8&dt=Pvc%2C%20Melamin%2C%20PMMA%2C%20Al%C3%BCminyum%20Kenarbantlar%C4%B1%20-%20ROMA%20PLAST%C4%B0K%20SAN.%20T%C4%B0C.%20A.%C5%9E.%20-%20Kenarbantlar%C4%B1%2C%20Kenar%20Bantlar%C4%B1%2C%20Kenarband%C4%B1%2C%20Kenar%20Band%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=803482530&gjid=336145850&cid=835425022.1603720855&tid=UA-56350679-21&_gid=833673411.1603720855&_r=1&gtm=2wgae1MWT4PRW&z=2017315854
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://94.102.68.90/Index.asp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Oct 2020 14:00:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://94.102.68.90
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
glyphicons-halflings-regular.woff
94.102.68.90/fonts/
0
0
Font
General
Full URL
https://94.102.68.90/fonts/glyphicons-halflings-regular.woff
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Origin
https://94.102.68.90
Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1129
Content-Type
text/html
glyphicons-halflings-regular.ttf
94.102.68.90/fonts/
44 KB
45 KB
Font
General
Full URL
https://94.102.68.90/fonts/glyphicons-halflings-regular.ttf
Requested by
Host: 94.102.68.90
URL: https://94.102.68.90/css/bootstrap.min.css
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
94.102.68.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS
form01.romaplastik.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e395044093757d82afcb138957d06a1ea9361bdcf0b442d06a18a8051af57456

Request headers

Origin
https://94.102.68.90
Referer
https://94.102.68.90/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Mon, 26 Oct 2020 14:00:53 GMT
Last-Modified
Fri, 21 Oct 2016 11:13:48 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"674347328c2bd21:0"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
45404

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| jQuery1124014627136209731795 object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
94.102.68.90/ Name: _gat_UA-56350679-21
Value: 1
94.102.68.90/ Name: _gat_UA-56350679-12
Value: 1
94.102.68.90/ Name: _gid
Value: GA1.4.833673411.1603720855
94.102.68.90/ Name: _ga
Value: GA1.4.835425022.1603720855

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.google-analytics.com
www.googletagmanager.com
2a00:1450:4001:809::200e
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
94.102.68.90
0010e27315af2c5589a0df09e39502881d5965de4afd339df2230ba988a8bb88
01efa864afe344d0f3bdd87d22bdfa6e8d2666b6b423c684f17d063ccbe37105
06380e17d01163e762054b6b1772491622ca6e3ea5fe948b987fcfd108f3e9e3
1041ce7e52e1e250e156459f3c1909eda93b0bfb13aeef5b1a9b1bb0d7ddc561
21f8675f2d3e76dda24d116ac711f4d2d0f7be628cfcb309712ecd5f267f1603
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
38a12a620696fb343a2c6b61bcb8bbe4ca58cbc81fdbeaeff79d0cc88e0d8322
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
5070fb54356d4f55b6a6ba8522d957dafc588fb62c71a54663bf8d70aa6829b9
50ec574141556fec71dbbc67dc63c2ddf17ca27aac7e04a43d3facde487c2bef
5d143429cd345c42455843d56129cc683836d9042c5d6bc74b0d7a23f7b7d2ff
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60da3dc477b56bac30aec2e1bd16d74d640d58a488fbda8afc8077456f81bc61
62be37b3e00b053b8961ad7cc6b32224fbc9b16aa686eb35aa146b6405fa7335
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7fe8babf93e072218477844e45262e1793ca845800f01a4d19700f7086843fd1
90a911230a38ef7693248a8d21553cd24bae081cd525cad224386b0cba87158b
af4fb4855bcc4fc5210bbd58c35c323f82481c30535ff4cbc206575fe5a32592
b9ec84cd3c69b308e725cefa5c9c98afe21a40dd10e42fd438ac3c110042d973
c4d2e89d004ded0d41a54983d16d3ebf416caad5b4c515c9eee287d9c1038971
c6205b591ecf8c530f702ea1596c7d1861cda7b9f67d585ba627ab11101c32dd
ca878dfd9a79a9b037c3664a906642a2fc596f4167fbeebafec8b059e6b5f55e
ce06c9f47039fb59fe2a5e8d6f83ec490e3813590b9ef8712b51852892e61f9c
e395044093757d82afcb138957d06a1ea9361bdcf0b442d06a18a8051af57456
ec8551c5864771e085a608a6aab09fba7f54587854c597be620e4cdbd15b129c
ecf3de20f116fe9ba6894c188832b26d36d4d27cf798a7b77f6e72f8da89078e
ee3be8db1206a2e6f203280b21b97d22c5968d81473b26d106339fba409be755