www.patraglobal.com
Open in
urlscan Pro
45.196.103.238
Malicious Activity!
Public Scan
Effective URL: http://www.patraglobal.com/2016/1219/c7998a84208/page.htm
Submission Tags: @ipnigh
Submission: On January 23 via api from GB
Summary
This is the only time www.patraglobal.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bet365 (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 34 | 45.196.103.238 45.196.103.238 | 134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service) | |
18 | 202.195.176.21 202.195.176.21 | 4538 (ERX-CERNE...) (ERX-CERNET-BKB China Education and Research Network Center) | |
1 | 2606:4700:303... 2606:4700:3032::681f:42c1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 103.235.46.191 103.235.46.191 | 55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.) | |
2 | 61.135.185.248 61.135.185.248 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
38 | 5 |
ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
patraglobal.com | |
www.patraglobal.com |
ASN4538 (ERX-CERNET-BKB China Education and Research Network Center, CN)
PTR: qzlx.njmu.edu.cn
www.njmu.edu.cn |
ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
push.zhanzhang.baidu.com | |
api.share.baidu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
patraglobal.com
19 redirects
patraglobal.com www.patraglobal.com |
55 KB |
18 |
njmu.edu.cn
www.njmu.edu.cn |
416 KB |
4 |
baidu.com
hm.baidu.com push.zhanzhang.baidu.com api.share.baidu.com |
15 KB |
1 |
36bet.org
www.36bet.org |
|
38 | 4 |
Domain | Requested by | |
---|---|---|
33 | www.patraglobal.com |
18 redirects
www.patraglobal.com
www.njmu.edu.cn |
18 | www.njmu.edu.cn |
www.patraglobal.com
|
2 | hm.baidu.com |
www.patraglobal.com
|
1 | api.share.baidu.com |
www.patraglobal.com
|
1 | push.zhanzhang.baidu.com |
www.patraglobal.com
|
1 | www.36bet.org |
www.patraglobal.com
|
1 | patraglobal.com | 1 redirects |
38 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni254516.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-26 - 2020-07-03 |
6 months | crt.sh |
baidu.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-01-13 - 2020-06-25 |
5 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://www.patraglobal.com/2016/1219/c7998a84208/page.htm
Frame ID: 436A8B682CD4010EA3868528999416B6
Requests: 37 HTTP requests in this frame
Frame:
https://www.36bet.org/
Frame ID: A0C643BBABC4EFF8F013636CF44AB306
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://patraglobal.com/2016/1219/c7998a84208/page.htm
HTTP 301
http://www.patraglobal.com/2016/1219/c7998a84208/page.htm Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://patraglobal.com/2016/1219/c7998a84208/page.htm
HTTP 301
http://www.patraglobal.com/2016/1219/c7998a84208/page.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- http://www.patraglobal.com/_js/jquery.min.js HTTP 302
- http://www.njmu.edu.cn/_js/jquery.min.js
- http://www.patraglobal.com/_js/jquery.sudy.wp.visitcount.js HTTP 302
- http://www.njmu.edu.cn/_js/jquery.sudy.wp.visitcount.js
- http://www.patraglobal.com/_js/_portletPlugs/datepicker/js/jquery.datepicker.js HTTP 302
- http://www.njmu.edu.cn/_js/_portletPlugs/datepicker/js/jquery.datepicker.js
- http://www.patraglobal.com/_js/_portletPlugs/datepicker/js/datepicker_lang_HK.js HTTP 302
- http://www.njmu.edu.cn/_js/_portletPlugs/datepicker/js/datepicker_lang_HK.js
- http://www.patraglobal.com/_js/_portletPlugs/sudyNavi/jquery.sudyNav.js HTTP 302
- http://www.njmu.edu.cn/_js/_portletPlugs/sudyNavi/jquery.sudyNav.js
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/extends/extends.js HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/extends/extends.js
- http://www.patraglobal.com/_upload/site/00/09/9/logo.png HTTP 302
- http://www.njmu.edu.cn/_upload/site/00/09/9/logo.png
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/images/bx.png HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/bx.png
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/js/comcus.js HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/comcus.js
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/js/list.js HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/list.js
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/js/main.js HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/main.js
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/js/app.js HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/app.js
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/extends/libs/jquery.sudy.js HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/extends/libs/jquery.sudy.js
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/images/top.png HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/top.png
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/css/img/menu-icon-arrow-white.png HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/css/img/menu-icon-arrow-white.png
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/images/logo-bg.png HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/logo-bg.png
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/images/sous.png HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/sous.png
- http://www.patraglobal.com/_upload/tpl/04/24/1060/template1060/images/nav.png HTTP 302
- http://www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/nav.png
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
page.htm
www.patraglobal.com/2016/1219/c7998a84208/ Redirect Chain
|
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
system.css
www.patraglobal.com/_css/_system/ |
30 B 539 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.css
www.patraglobal.com/_upload/site/1/style/1/ |
16 B 527 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
18.css
www.patraglobal.com/_upload/site/00/09/9/style/18/ |
16 B 527 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simplenews.css
www.patraglobal.com/_js/_portletPlugs/simpleNews/css/ |
18 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker.css
www.patraglobal.com/_js/_portletPlugs/datepicker/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sudyNav.css
www.patraglobal.com/_js/_portletPlugs/sudyNavi/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.njmu.edu.cn/_js/ Redirect Chain
|
92 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.sudy.wp.visitcount.js
www.njmu.edu.cn/_js/ Redirect Chain
|
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.datepicker.js
www.njmu.edu.cn/_js/_portletPlugs/datepicker/js/ Redirect Chain
|
26 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker_lang_HK.js
www.njmu.edu.cn/_js/_portletPlugs/datepicker/js/ Redirect Chain
|
973 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.sudyNav.js
www.njmu.edu.cn/_js/_portletPlugs/sudyNavi/ Redirect Chain
|
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extends.js
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/extends/ Redirect Chain
|
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.patraglobal.com/_upload/tpl/04/24/1060/template1060/ |
36 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
www.patraglobal.com/_upload/tpl/04/24/1060/template1060/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
media.css
www.patraglobal.com/_upload/tpl/04/24/1060/template1060/ |
14 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jq.js
www.patraglobal.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.njmu.edu.cn/_upload/site/00/09/9/ Redirect Chain
|
227 KB 227 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bx.png
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/ Redirect Chain
|
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comcus.js
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/ Redirect Chain
|
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list.js
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/ Redirect Chain
|
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/ Redirect Chain
|
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/js/ Redirect Chain
|
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_visitcount
www.patraglobal.com/ |
189 B 189 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
system_editor.css
www.patraglobal.com/_css/_system/ |
57 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extends.css
www.patraglobal.com/_upload/tpl/04/24/1060/template1060/extends/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.sudy.js
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/extends/libs/ Redirect Chain
|
26 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.36bet.org/ Frame A0C6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
push.js
push.zhanzhang.baidu.com/ |
281 B 752 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top.png
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/ Redirect Chain
|
946 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu-icon-arrow-white.png
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/css/img/ Redirect Chain
|
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-bg.png
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/ Redirect Chain
|
935 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sous.png
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/ Redirect Chain
|
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav.png
www.njmu.edu.cn/_upload/tpl/04/24/1060/template1060/images/ Redirect Chain
|
935 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
_visitcountdisplay
www.patraglobal.com/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
api.share.baidu.com/ |
0 116 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bet365 (Entertainment)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| V_PATH function| $ function| jQuery object| i18n function| runJs function| loadJs function| Imgpd function| getImgJson string| EXTEND_PATH object| exScripts string| uu number| aa string| ss object| hmt function| SDAPP object| jQuery171026318741017107716 boolean| _bdhm_loaded_8bdb4b7e552d8a3cb45fb7ba6ecacf50 object| _hmt object| mini_tangram_log_i50odg3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.patraglobal.com/ | Name: Hm_lpvt_8bdb4b7e552d8a3cb45fb7ba6ecacf50 Value: 1579784277 |
|
.www.patraglobal.com/ | Name: Hm_lvt_8bdb4b7e552d8a3cb45fb7ba6ecacf50 Value: 1579784277 |
|
www.patraglobal.com/ | Name: PHPSESSID Value: oi2oj3eqahan4v98qc0rbmmtg5 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.share.baidu.com
hm.baidu.com
patraglobal.com
push.zhanzhang.baidu.com
www.36bet.org
www.njmu.edu.cn
www.patraglobal.com
103.235.46.191
202.195.176.21
2606:4700:3032::681f:42c1
45.196.103.238
61.135.185.248
0027529cf6a7f92973a325ec492dae9dfe3ec216ae9ca121eb11b7ed68e89c65
1273a3eb268268d560575318a578f8704c1cf47e5fb57549bd0f006814366e9d
1b8ecac67c18d02270997de58e5e476d822cb13aa62c6ad398c43421118b13be
1f0db7e2ccf5ac5631cae1c3cbc1982b3053330f9bca4212c79b74f496f0bb8f
29878360fd0b70b8dc22895a08c876358d6a7f49aa053581d77168a5add6d0ea
2f1af937439a5e44d5937e3409dcd93c7ae1dc5560b305f4207a5331009d3b8f
466304970f8ec06645255466cc26222fcb0477e4abfb1807fdc55885925c3656
48ff48c9f5ee148356163feae8daa755a2f58c8840d442a915b915119430ce60
505c7de74a72a64317fc9e0a8958930faf5957f3a3bb7f50a2c7b7db634aafdd
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6a3b26d64215961450d042d6fb1df10518035e0c09f0ba95a538398f37494555
6ade0512ca71f95e377044192be0608d5b731df4797bd0f71120ac114f2f2d3b
734f3013e12cddf5f38bcc3959576b71aa44f12fbd6d926f48355ddf5d590223
73fbffdd1fddf444753ebe6594d185bbbed1f109449ed2baf9ef9d83da263310
7f794a36b80c90d82ec5714cc8eb8a3002b43235966d76c7bdd0b154ff741c60
848c4f09f7240db20c24088f54372ddec47d51c3784f930e67bdf7562d7781c5
8ddace15ae47e074d6bc28a1d1f1cc22ed7bdac59c34ba4a37c8727126dfb4bd
90bba4baacd4b5f3a67da81a2934a5c9aa0164f333538f4467cb7dbe432419a1
aa3241d6752dafe8a2e26c414fbcb73967ad3f2ca67e8cf90bedc1f45cc7109f
af6855f0e9c09f3ca0041da6fb97a3b0cf9d942123f32bc4feaff45d9c8eb1fc
b2fff121d872bd475b4753a8bcf2d8370fd83e4d34a1d42a605a4b9c52cb916e
baa9211d9773ec0aa242e8d8046baf55c66d5047a4a97ae70a3739848ce8bc35
bd706ee45cddea06fc6501614209624073cd584d282fc75c9ff8f3088f6bed2f
c3a0f17d4a0ee278de3f8f064b998ebb58672378ae37220f52217f47df988291
c539d71a50aec120843a1e6d7a9416a2f86c2192d7758efe3396f35f6c44f5e8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd3467f713b7725a661440073c9e7275b2b13eab1c6ee7ff39268f43693c715
d3fe29d35a26212a03ce00f5972ee274cbaff894df4a6a47ac09cdcdf29824d2
d645991c9250ead8d283d022bb7bbdc1b64ef483c49d0e36ca274fc104e115b4
db866557e1f640cfbdcd9bea77a46361efd334d0251c82961af1426843070850
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e947190f73d01ac09f1a5e178dc4f2c6580a0e543ea760ee292ec9d1f6d34d
eb07a2399baf9f55e8aa1a9766b333bb4e2ec2af6e2439112b790c3a77f723c1
f114e670bb5e996ca34ca9a8cd670b95d39bc63d94c9dc951eb23f7a4afa5abe
fd17d29c22d0227a636ef27f8dc2cbb1255b20af7fbf038740e0dad2dcc6ad8e