maliyeistrgov503.com Open in urlscan Pro
190.14.39.122 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://maliyeistrgov503.com/
Submission: On February 17 via api (February 17th 2023, 3:13:52 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 190.14.39.122, located in Panama and belongs to Offshore Racks S.A, PA. The main domain is maliyeistrgov503.com.

This is the only time maliyeistrgov503.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Turkish Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
18	190.14.39.122 190.14.39.122		52469 (Offshore ...) (Offshore Racks S.A)
2	2607:f8b0:400... 2607:f8b0:4006:816::2008		15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003		15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e		15169 (GOOGLE) (GOOGLE)
26	4

18 190.14.39.122 (Panama)

ASN52469 (Offshore Racks S.A, PA)
PTR: cpanel16.offshoreracks.com

maliyeistrgov503.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	maliyeistrgov503.com maliyeistrgov503.com	762 KB
4	gstatic.com fonts.gstatic.com	55 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	43 KB
26	4

	Domain	Requested by
18	maliyeistrgov503.com	maliyeistrgov503.com
4	fonts.gstatic.com	maliyeistrgov503.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	maliyeistrgov503.com
26	4

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://maliyeistrgov503.com/
Frame ID: AD89D7372D524C95ADF782A623A70923
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-Devlet | Aidat İade Sistemi

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

31 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

881 kB
Transfer

973 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
maliyeistrgov503.com/ 8 KB
8 KB 341ms
84ms Document
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: be2ac0a722b9052251602587a0f9e47ccc7515e5ab7aa9d3cc4e531baa2b42df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Feb 2023 15:13:47 GMT
Keep-Alive: timeout=3, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 404
Not Found gtm.js.indir
maliyeistrgov503.com/index_files/ 0
0 89ms
83ms Script
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/gtm.js.indir
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bootstrap.min.css
maliyeistrgov503.com/index_files/ 0
0 88ms
84ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/bootstrap.min.css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found font-awesome.min.css
maliyeistrgov503.com/index_files/ 0
0 167ms
83ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/font-awesome.min.css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found flaticon.css
maliyeistrgov503.com/index_files/ 0
0 170ms
85ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/flaticon.css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK css
maliyeistrgov503.com/index_files/ 31 KB
31 KB 170ms
84ms Stylesheet
text/plain 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 608ff39d81bf3098a9db9aaea1c56c59773d04db4bdb4567500842cc9f1431cb

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 31432

GET
H/1.1 404
Not Found style.css
maliyeistrgov503.com/index_files/ 0
0 172ms
85ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/style.css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found default.css
maliyeistrgov503.com/index_files/ 0
0 172ms
85ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/default.css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-3.2.1.min.js.indir Show response
maliyeistrgov503.com/index_files/ 85 KB
85 KB 342ms
90ms Script
application/javascript 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/jquery-3.2.1.min.js.indir
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 86659

GET
H/1.1 200
OK jquery.creditCardValidator.js.indir Show response
maliyeistrgov503.com/index_files/ 8 KB
9 KB 344ms
83ms Script
application/javascript 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/jquery.creditCardValidator.js.indir
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 8625

GET
H/1.1 200
OK bootstrap.min(1).css
maliyeistrgov503.com/index_files/ 163 KB
163 KB 170ms
85ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/bootstrap.min(1).css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 0a0a376dc5ee222a63ee133b4ae1dc75a8655ae493139aa478d7a0dc64755a39

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 167154

GET
H/1.1 200
OK font-awesome.min(1).css
maliyeistrgov503.com/index_files/ 38 KB
38 KB 254ms
82ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/font-awesome.min(1).css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 2f499490b865ea22b5a1efdeade6d8b977073b0642238b51109cd202167d173e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 38634

GET
H/1.1 200
OK flaticon(1).css
maliyeistrgov503.com/index_files/ 2 KB
2 KB 255ms
83ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/flaticon(1).css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: b86d0b93e4e11cf1a09e3a7efe97c0faa07a335bd100b85f2ce7655942da1894

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 1638

GET
H/1.1 200
OK style(1).css
maliyeistrgov503.com/index_files/ 66 KB
66 KB 256ms
84ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/style(1).css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: cb409ca7227f6ea8937b56b2c90284afe4f0596944940317b3fb7bb8444a69b2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 67403

GET
H/1.1 200
OK default(1).css
maliyeistrgov503.com/index_files/ 154 B
417 B 255ms
83ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/default(1).css
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: cbb81f38ee322ed3d62af6bb700def6a6be839b1edafcb6261fc2a78ed4ffdb3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 154

GET
H/1.1 200
OK logo-2.png
maliyeistrgov503.com/index_files/ 11 KB
11 KB 91ms
91ms Image
image/png 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://maliyeistrgov503.com/index_files/logo-2.png
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 257461ed4d440311ffc7147309e879bc3ea33dc97c7f7cd15e17bc5ab0dd538e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 10879

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 94ms
34ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174934473-1

Requested by

Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e4d6a69f14e30749ffb192e73ac1a16b06d8865339e2a0211bc0fc36eb35f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:13:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Feb 2023 15:13:47 GMT

GET
H/1.1 200
OK creditly.js.indir Show response
maliyeistrgov503.com/index_files/ 14 KB
14 KB 84ms
83ms Script
application/javascript 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://maliyeistrgov503.com/index_files/creditly.js.indir
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 87f22c41dbcb26bad91fbaf973d978ab76cd68a768ad20b3a3596c9277cb113c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 14054

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 89ms
30ms Script
text/html 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-TAGCODE
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H/1.1 200
OK bg-image.jpeg
maliyeistrgov503.com/img/ 334 KB
335 KB 92ms
90ms Image
image/jpeg 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://maliyeistrgov503.com/img/bg-image.jpeg
Requested by: Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/index_files/style(1).css
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 09187608a5398d067af1e1ce53a11bdddbaf297ae4b3fd888aa2e6f5b808aafe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/index_files/style(1).css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:13:47 GMT
Last-Modified: Fri, 17 Feb 2023 11:23:48 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 342468

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v16/ 14 KB
14 KB 33ms
15ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/index_files/css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maliyeistrgov503.com/
Origin: http://maliyeistrgov503.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:34:13 GMT
x-content-type-options: nosniff
age: 59974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14380
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:34:13 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 18ms
11ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/index_files/css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maliyeistrgov503.com/
Origin: http://maliyeistrgov503.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:14:30 GMT
x-content-type-options: nosniff
age: 97157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15056
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:14:30 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 18ms
13ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/index_files/css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maliyeistrgov503.com/
Origin: http://maliyeistrgov503.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 19:22:04 GMT
x-content-type-options: nosniff
age: 157903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14880
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 19:22:04 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v16/ 11 KB
12 KB 8ms
8ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: maliyeistrgov503.com
URL: http://maliyeistrgov503.com/index_files/css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maliyeistrgov503.com/
Origin: http://maliyeistrgov503.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:44:11 GMT
x-content-type-options: nosniff
age: 66576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:13:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:44:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
4ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174934473-1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://maliyeistrgov503.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 14:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1583
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 16:47:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 20ms
19ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1993444215&t=pageview&_s=1&dl=http%3A%2F%2Fmaliyeistrgov503.com%2F&ul=en-us&de=UTF-8&dt=e-Devlet%20%7C%20Aidat%20%C4%B0ade%20Sistemi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1682566736&gjid=974948177&cid=2010117797.1676646828&tid=UA-174934473-1&_gid=988833337.1676646828&_r=1&gtm=457e32f0&z=298201214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://maliyeistrgov503.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://maliyeistrgov503.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Turkish Government (Government)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| dataLayer function| $ function| jQuery function| validate function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| Creditly object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.maliyeistrgov503.com/	1970-01-20 19:20:06	Name: _ga Value: GA1.2.2010117797.1676646828
			.maliyeistrgov503.com/	1970-01-20 09:45:33	Name: _gid Value: GA1.2.988833337.1676646828
			.maliyeistrgov503.com/	1970-01-20 09:44:06	Name: _gat_gtag_UA_174934473_1 Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://maliyeistrgov503.com/index_files/gtm.js.indir Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://maliyeistrgov503.com/index_files/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TAGCODE Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://maliyeistrgov503.com/index_files/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://maliyeistrgov503.com/index_files/flaticon.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://maliyeistrgov503.com/index_files/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://maliyeistrgov503.com/index_files/default.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
maliyeistrgov503.com
www.google-analytics.com
www.googletagmanager.com
190.14.39.122
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::2008
2607:f8b0:4006:81d::200e
09187608a5398d067af1e1ce53a11bdddbaf297ae4b3fd888aa2e6f5b808aafe
0a0a376dc5ee222a63ee133b4ae1dc75a8655ae493139aa478d7a0dc64755a39
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
257461ed4d440311ffc7147309e879bc3ea33dc97c7f7cd15e17bc5ab0dd538e
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2f499490b865ea22b5a1efdeade6d8b977073b0642238b51109cd202167d173e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
608ff39d81bf3098a9db9aaea1c56c59773d04db4bdb4567500842cc9f1431cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87f22c41dbcb26bad91fbaf973d978ab76cd68a768ad20b3a3596c9277cb113c
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
b86d0b93e4e11cf1a09e3a7efe97c0faa07a335bd100b85f2ce7655942da1894
be2ac0a722b9052251602587a0f9e47ccc7515e5ab7aa9d3cc4e531baa2b42df
c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079
cb409ca7227f6ea8937b56b2c90284afe4f0596944940317b3fb7bb8444a69b2
cbb81f38ee322ed3d62af6bb700def6a6be839b1edafcb6261fc2a78ed4ffdb3
d9e4d6a69f14e30749ffb192e73ac1a16b06d8865339e2a0211bc0fc36eb35f9