www.xn--binnce-rhc.com
Open in
urlscan Pro
Puny
www.binȃnce.com IDN
198.54.115.205
Malicious Activity!
Public Scan
Submission: On December 22 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on February 6th 2018. Valid for: 2 years.
This is the only time www.xn--binnce-rhc.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Binance (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 198.54.115.205 198.54.115.205 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
8 | 185.35.139.238 185.35.139.238 | 62454 (ZYZTM) (ZYZTM) | |
2 2 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
2 | 192.0.77.2 192.0.77.2 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
7 | 2606:4700::68... 2606:4700::6810:7891 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
39 | 6 |
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server199-3.web-hosting.com
www.xn--binnce-rhc.com |
ASN62454 (ZYZTM, NL)
PTR: 185-35-139-238.v4.as62454.net
www.binance.exchange2018.support |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
secure.gravatar.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com
i1.wp.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn-images-1.medium.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
xn--binnce-rhc.com
www.xn--binnce-rhc.com |
159 KB |
8 |
exchange2018.support
www.binance.exchange2018.support |
597 KB |
7 |
medium.com
cdn-images-1.medium.com |
12 KB |
2 |
wp.com
i1.wp.com |
555 B |
2 |
gravatar.com
2 redirects
secure.gravatar.com |
468 B |
1 |
youtube.com
www.youtube.com |
|
39 | 6 |
Domain | Requested by | |
---|---|---|
21 | www.xn--binnce-rhc.com |
www.xn--binnce-rhc.com
|
8 | www.binance.exchange2018.support |
www.xn--binnce-rhc.com
|
7 | cdn-images-1.medium.com |
www.xn--binnce-rhc.com
|
2 | i1.wp.com |
www.xn--binnce-rhc.com
|
2 | secure.gravatar.com | 2 redirects |
1 | www.youtube.com |
www.xn--binnce-rhc.com
|
39 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.binance.com |
support.binance.com |
www.binance.exchange2018.support |
www.facebook.com |
twitter.com |
www.linkedin.com |
plus.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web-hosting.com COMODO RSA Domain Validation Secure Server CA |
2018-02-06 - 2020-04-04 |
2 years | crt.sh |
binance.exchange2018.support cPanel, Inc. Certification Authority |
2018-12-01 - 2019-03-01 |
3 months | crt.sh |
*.wp.com Go Daddy Secure Certificate Authority - G2 |
2018-04-10 - 2020-05-11 |
2 years | crt.sh |
*.medium.com DigiCert SHA2 Secure Server CA |
2018-07-31 - 2020-09-09 |
2 years | crt.sh |
*.google.com Google Internet Authority G3 |
2018-12-04 - 2019-02-26 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.xn--binnce-rhc.com/
Frame ID: 902F72CEFC229C1C3FD0553B9761DB8F
Requests: 39 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/9R9LrKgL__A
Frame ID: AF42CC9338303A971817A076C9C3D070
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
YouTube (Video Players) ExpandDetected patterns
- html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Sign in
Search URL Search Domain Scan URL
Title: Submit Request
Search URL Search Domain Scan URL
Title: click here
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Google+
Search URL Search Domain Scan URL
Title: Binance
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://secure.gravatar.com/avatar/0d74e9834aaaaf69a85a5682aa72e20b?default=https%3A%2F%2Fassets.zendesk.com%2Fhc%2Fassets%2Fdefault_avatar.png&r=g HTTP 302
- https://i1.wp.com/assets.zendesk.com/hc/assets/default_avatar.png?ssl=1
- https://secure.gravatar.com/avatar/3be00edba5be2f6bcceda18842ced6da?default=https%3A%2F%2Fassets.zendesk.com%2Fhc%2Fassets%2Fdefault_avatar.png&r=g HTTP 302
- https://i1.wp.com/assets.zendesk.com/hc/assets/default_avatar.png?ssl=1
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.xn--binnce-rhc.com/ |
69 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-be7996635be623dcfc7e4f8f27ad7084.css
www.xn--binnce-rhc.com/static.zdassets.com/hc/assets/ |
91 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font.css
www.binance.exchange2018.support/files/ |
91 KB 91 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.binance.exchange2018.support/files/ |
68 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.binance.exchange2018.support/files/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
www.binance.exchange2018.support/files/ |
19 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.xn--binnce-rhc.com/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
119 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.xn--binnce-rhc.com/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
www.binance.exchange2018.support/files/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
37x37.png
www.binance.exchange2018.support/files/ |
957 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_3ruWvtbrptdhH8-dw4KiSw.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_bIYsSY1dtJT2ElrXzh-i0g.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0_PoF3xcLYYEfTm4cc.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_OTwcY9LPKy8lJFHuEZjgBw.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default_avatar.png
i1.wp.com/assets.zendesk.com/hc/assets/ Redirect Chain
|
154 B 359 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_sJmXCAUePbiaEv4x1TiHfg.png
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
988 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*xA25663laNALuFI5.
cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_Sa0mAmuWbB7skMihYTGWsA%402x.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_s-waJVlb9uTkFdrc74lgKw.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
www.xn--binnce-rhc.com/image.ibb.co/dNDgLH/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_UJwkCh1ysFr3x2gMNYlOGw.png
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_JlSJzUqW22vi8oFHPgVWTg.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*7pafb8a4qAm1QM5a.
cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default_avatar.png
i1.wp.com/assets.zendesk.com/hc/assets/ Redirect Chain
|
154 B 196 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_AAF140VnMw31m2jvSMDEiA.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*AoMDKkks4UDFBMcW.
cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*KUBwc57sl9FkiQuh.
cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_s-dsMWkjyRnCru88HZgLig.png
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
927 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_mDX1QKWgcaZOm-MHx58B6w.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0_2uHRJUVfDYFayb8o.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
974 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*mldBiJ7WaHRFnUjB.
cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_JNC-AvVUilpG52FZnaHo3A%402x.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*j6C9f5BtVtfNHSLV.
cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_IkZH-WtIwYWT4DhtwL2cBg.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*1mpfOwyXAPNaJcsZ.
cdn-images-1.medium.com/fit/c/36/36/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_egwsi23m8qdrKIoYlkug4Q.jpg
www.xn--binnce-rhc.com/cdn-images-1.medium.com/fit/c/36/36/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en-us-0e52ebc0192643ee8ae55b6ed50b3a3f.js
www.binance.exchange2018.support/files/ |
75 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hc_enduser-465b986ff5f84c8f12d1b57aaf24212b.js
www.binance.exchange2018.support/files/ |
246 KB 246 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9R9LrKgL__A
www.youtube.com/embed/ Frame AF42 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Binance (Crypto Exchange)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery19104164038917931865 boolean| articlevote function| voteup function| votedown function| voteup_comments function| votedown_comments object| thiscomment function| webpackJsonp object| core object| __core-js_shared__4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: PREF Value: f1=50000000 |
|
.youtube.com/ | Name: YSC Value: EXAEFbEhifc |
|
.youtube.com/ | Name: GPS Value: 1 |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: tjXkNQTjr5w |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-images-1.medium.com
i1.wp.com
secure.gravatar.com
www.binance.exchange2018.support
www.xn--binnce-rhc.com
www.youtube.com
185.35.139.238
192.0.77.2
198.54.115.205
2606:4700::6810:7891
2a00:1450:4001:819::200e
2a04:fa87:fffe::c000:4902
044d78c85037c76246949c3e03392f6226596aa4b50d9749b78afcbe801cc198
0670809b590c2282734df8b1089b7b17315dc1e3f04476d42b7dde22147e2729
0e6673aa855054da2607ea7a12b92e7e44ff905af9dd08bf8d356ba61922d0fd
1673760281b49381301798fa50b08f05bd31906a929cc7afecc5ae83c70e273c
1c96f65ab021fccdb778aa55a4056c3754a0828273f3f53e048c040708d2e5b3
1d060cb5967541215bdaa31a34ef1d5481f5aa3c5df7c3650eb1e2215a8b89ac
1ff4ae3648f3eaf581493764db91cfbcde6a275d7d0a4af21e5a159a5ab8f920
2bf2b344a2112e0dead9427236f89205415e2d59451b0db76c3c42ccb255d754
3e74d1111621c38587e9db34719e6306f730de9e92ff3de3a0cf6a7af2f425c5
416b26420b98280a68e5eb9dfb37190a7ee492635b852f9394a63778ade71e47
457477c9e4a8d2405ae05cdf37b66efc2452951b538f8895978e75850a29d406
46110273638345d886ce5398f8e81a9c72aa61fd7f92441921e98dfda38531a3
50d5b516d840c7f050b44630b17a495e6549316b53c4a81bff2c8d11f1f0500e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5bb3be2074e3210d782c57a447e8f0035b96c5f766534840808f158d186374f6
77438bb0cac72173465df6b787d5a7b2043217e10d89fc0690287278aed81b13
7f516a34ba1bd1a50c6040864b8bcc7295146313f009a7285db4e5410cfd92e4
814ff2863101208eabca0137cead52c94eb13e088587899dbd8e0b7eed95621d
817c144a7de95c03dd00337f2e6c0011e9afa24044999d4c52615ee90a6765a8
88e862db7b8a1de4673700fa514e111df57632873d5e2a305867127cd95a882c
93a3698d1fb83d2d83d603e6f53b3a95a62875b3c45b7e0f2d3b9ee5a0325ad6
9955a7b391d806b91cd9dd948e1872f40c2101ae72252808e1c97fbd81296a64
a867a6d780cbce10f31eac465f92bf3b0a0405afc88b67418dc1625096a0b086
a8ab9d5edddc0bfc04ef5e52b9b2693b869d580698bfa27b49442c4ef4f3def7
b32c1cffe580aeaeea1a01c770873f62c9075f175663a21f410836331813ac10
b8fab6d5ad25f0042cabb140ebc7c5a5ecfdbc2a7d2170e544079b1f0427ae8e
c134a0fff45c0a75ac233c8c1695e8647ecbf476c015137f03bfcafcd9531faa
c644115e3f7d0e18582b296b9cf705901e0cf0d65650a71c92e0a8c187a91e0f
cc11813b12c4be220aba6eaaea59635c5b9bb1e308b7d01d605c234ca3aa5390
cffe77d359c73e61dc21cad7b00c261150fe8cacd95a2d3f25d7fa58948e89a3
d506607c5ed2056a33e675173cc874325a7b2baeeb87bbfe458f84a8080cb232
d5558da17796243480841c14132d8ad800e4dac51c87e7c6462d7877e44eae31
dd73651dcc3623387764d8d09ae4d8c41ed7a3171a9675ca9d1651f8d5d52cd0
ddaee9a408cf6d63e2f947bfcf7b90a3ed82e2399429f1bfdd865a8b25890bae
f449db6051701c42b20cb571f05697e59c8e895c481530e26fb9d2b5ff47cd64
f5481e7557f66f07559c2f1e852cac9cdfd291802f29a6a4e95df8486fbec1e3
f7f2ffc3afb19e2a478c88e3fd4ab1a359010a3548d32eb6cb26cfdbf81bab3d
fc0466b4432f389e7f04193452bed0a3f91b41fb145d2f7e3995f3160c284a12