![](/screenshots/791f2f17-f2b2-45f9-9316-979585854a44.png)
premunion.com
Open in
urlscan Pro
2a02:4780:27:1090:0:fd4:60a9:2
Malicious Activity!
Public Scan
Submission: On April 05 via api from US — Scanned from US
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 1st 2024. Valid for: 3 months.
This is the only time premunion.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: HSBC (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2a02:4780:27:... 2a02:4780:27:1090:0:fd4:60a9:2 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 1 | 23.44.203.27 23.44.203.27 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 18.164.124.88 18.164.124.88 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a02:6ea0:c40... 2a02:6ea0:c400::11 | 60068 (CDN77 _) (CDN77 _) | |
24 | 154.49.245.45 154.49.245.45 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 172.67.38.66 172.67.38.66 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 52.29.116.227 52.29.116.227 | 16509 (AMAZON-02) (AMAZON-02) | |
42 | 6 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-27.deploy.static.akamaitechnologies.com
cdn.hsbc.com.hk |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-88.jfk50.r.cloudfront.net
www.hsbc.com.hk |
ASN60068 (CDN77 _, GB)
www.smartsuppchat.com | |
widget-v3.smartsuppcdn.com | |
translations.smartsuppcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-116-227.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
premunion.com
premunion.com |
2 MB |
5 |
smartsuppcdn.com
widget-v3.smartsuppcdn.com — Cisco Umbrella Rank: 69624 translations.smartsuppcdn.com — Cisco Umbrella Rank: 75115 |
97 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com — Cisco Umbrella Rank: 65471 bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 59986 |
6 KB |
2 |
hsbc.com.hk
1 redirects
cdn.hsbc.com.hk — Cisco Umbrella Rank: 475981 www.hsbc.com.hk — Cisco Umbrella Rank: 156815 |
3 KB |
1 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 10112 |
|
42 | 5 |
Domain | Requested by | |
---|---|---|
33 | premunion.com |
premunion.com
|
4 | widget-v3.smartsuppcdn.com |
www.smartsuppchat.com
|
1 | translations.smartsuppcdn.com |
widget-v3.smartsuppcdn.com
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | embed.tawk.to |
premunion.com
|
1 | www.smartsuppchat.com |
premunion.com
|
1 | www.hsbc.com.hk |
premunion.com
|
1 | cdn.hsbc.com.hk | 1 redirects |
42 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
premunion.com ZeroSSL RSA Domain Secure Site CA |
2024-04-01 - 2024-06-30 |
3 months | crt.sh |
*.smartsuppchat.com RapidSSL TLS RSA CA G1 |
2023-12-04 - 2024-12-28 |
a year | crt.sh |
tawk.to GTS CA 1P5 |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
*.smartsuppcdn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-10-23 - 2024-11-16 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://premunion.com/home.php
Frame ID: 671A352FEFF96F24E824CDC3661E1F53
Requests: 38 HTTP requests in this frame
Frame:
https://widget-v3.smartsuppcdn.com/assets/main-9d823c49.js
Frame ID: EA44F9F61D9D6306B73C655DC39494B3
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/791f2f17-f2b2-45f9-9316-979585854a44.png)
Page Title
Home - Prem UnionDetected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/TawkTo.png)
Detected patterns
- //embed\.tawk\.to
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://cdn.hsbc.com.hk/content/dam/hsbc/hk/images/hongkong-hsbc-logo-en.svg HTTP 301
- https://www.hsbc.com.hk/content/dam/hsbc/hk/images/hongkong-hsbc-logo-en.svg
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
home.php
premunion.com/ |
23 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css327d.css
premunion.com/ |
2 KB 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
premunion.com/front/css/ |
159 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
premunion.com/front/css/ |
633 KB 102 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hongkong-hsbc-logo-en.svg
www.hsbc.com.hk/content/dam/hsbc/hk/images/ Redirect Chain
|
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
premunion.com/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer-for-new-investment-customer.jpg
premunion.com/front/ |
78 KB 78 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-eli-online-platform.jpg
premunion.com/front/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.min.js
premunion.com/front/js/ |
988 KB 280 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
premunion.com/front/js/ |
63 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg-image-12.jpg
premunion.com/front/images/ |
112 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg-image-9.jpg
premunion.com/front/images/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-7.png
premunion.com/front/images/ |
744 B 793 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-8.png
premunion.com/front/images/ |
704 B 754 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-9.png
premunion.com/front/images/ |
584 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-quote.png
premunion.com/front/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-11.png
premunion.com/front/images/ |
795 B 845 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-12.png
premunion.com/front/images/ |
735 B 785 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-13.png
premunion.com/front/images/ |
830 B 881 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-14.png
premunion.com/front/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tDbD2oWUg0MKqScQ6A.ttf
premunion.com/s/arvo/v14/ |
37 KB 21 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tDbM2oWUg0MKoZw1-LPK9g.ttf
premunion.com/s/arvo/v14/ |
36 KB 21 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2_v%3d4.5.man
premunion.com/front/fonts/ |
65 KB 65 KB |
Font
application/x-troff-man |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
premunion.com/s/opensans/v28/ |
31 KB 20 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fl-flat-icons-set-2.woff
premunion.com/front/fonts/ |
4 KB 4 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf
premunion.com/s/opensans/v28/ |
31 KB 20 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf
premunion.com/s/opensans/v28/ |
33 KB 21 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4iCv6KVjbNBYlgoCjC3jsGyI.ttf
premunion.com/s/ubuntu/v19/ |
72 KB 35 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1fmuelujp
embed.tawk.to/61b994f1a/ |
0 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4f707abbfaca38064dcb11b1667b5e2a41078e07.json
bootstrap.smartsuppchat.com/widget/ |
1 KB 677 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fl-bigmug-line.woff
premunion.com/front/fonts/ |
21 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MaterialIcons-Regular.html
premunion.com/front/fonts/ |
36 KB 36 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bann1.jpg
premunion.com/front/images/ |
446 KB 446 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg2.jpg
premunion.com/front/images/ |
180 KB 180 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg-image-3.png
premunion.com/front/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.json
widget-v3.smartsuppcdn.com/ |
2 KB 826 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
premunion.com/front/images/ |
320 B 383 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-9d823c49.js
widget-v3.smartsuppcdn.com/assets/ Frame EA44 |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-7c63ec1d.js
widget-v3.smartsuppcdn.com/assets/ Frame EA44 |
160 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-39cdd505.css
widget-v3.smartsuppcdn.com/assets/ Frame EA44 |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaults
translations.smartsuppcdn.com/api/v1/widget/translations/lang/en/ Frame EA44 |
6 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: HSBC (Banking)50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| _smartsupp function| smartsupp boolean| SMARTSUPP_LOADED object| $smartsupp object| bootstrap function| $ function| jQuery object| device function| Popper undefined| regulaModules object| regula boolean| isWebkit function| RDInputLabel function| Swiper function| WOW object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| PhotoSwipe function| PhotoSwipeUI_Default function| RDNavbar function| JQClass function| moment object| ProgressBar function| PreventGhostClick function| Hammer object| Highcharts string| userAgent object| initialDate object| $document object| $window object| $html object| $body boolean| isRtl boolean| isDesktop boolean| isIE boolean| isMobile object| plugins object| Tawk_API object| Tawk_LoadStart function| onloadCaptchaCallback1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
premunion.com/ | Name: PHPSESSID Value: 424c84df1b5921e8d579fb8c995c63ec |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bootstrap.smartsuppchat.com
cdn.hsbc.com.hk
embed.tawk.to
premunion.com
translations.smartsuppcdn.com
widget-v3.smartsuppcdn.com
www.hsbc.com.hk
www.smartsuppchat.com
154.49.245.45
172.67.38.66
18.164.124.88
23.44.203.27
2a02:4780:27:1090:0:fd4:60a9:2
2a02:6ea0:c400::11
52.29.116.227
009382b54a6d7c6ca089a826f3071c4939defc0c12580c456e844ddd9bcfbbba
03ce635565283bea4eb9888f87f2c7e88fb685987e1901713d90bd877998961d
10ddf462646b66b7ee64b694388fb90b2d9beac0ad13b1a36210f299eeb75d57
160079f963636b2d971601ee80fd46a71db693f744ec8a30e0fe29cdc0bd0c32
1f83cd76cd25508d18c8958235f717ad12b88fa14aa2a7c03f54ca13b52cc92e
30a4ec40e9b13a0a40872ff08152064eb8b2410e1bdff56bd30f234755d6c2fa
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
3ad872beb47b4b3aca9d8f37b065b7e031bfee265aef4d5db60e224c39a7dcd1
3d2c8d02d7994e45bf0948a1896b07af8b40c7a9eaee2e7bc8816a0300768b93
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3db5bd8ea58737d31f3c450555579807bae6fb67d2175bd40dfffab5072ad9f0
4018360bd9e4cd641626de9513a66a190e028a7fbe497df2d056f86ca4b50012
48f089986cecc1af51e32adc60b4559c1e25eafecd8f2dd1b7efca29f760ada7
50d94f8262f73dbea0c4e89cc67bc8c432c9f8baba9d97e8f5cf47939acf0375
517bc74e892d08f345bc124b9a11bed306a5b024b9fd2f59642072fbfc95e9cb
5786a9c1562ee4f5379dbfcac32b29e986fada646f1423ddbf5fe1607ae0e7c4
5d74e883a6cf20992fedf26d49fa38b0fbd82d960691cc99e618ef6421db61a4
6237979e7c25add0e1d540e1f4d9152f3439068d71b2e7fa131b8eaea2a7af6e
62a8bbbaf808ef9a553b97cd578b2804013b4ab2e820fa2fe382d2b16f0eae1f
6661de57e1ff5e55e920869cef31c29560de9245912e1698afb0f33268685ebd
6a5f3437e7d7c886feaee8f77133c71208181bbb90e30423035d99b053a6c41c
6fc95e4faf90ed6616718d1310584c8957dcf78726bb1b7db094d95051b66554
71ab4858bd79a67b5c489a4e440cee8bd46bda4357ee7123df2bbf211fa35eb9
71c9e058f724fca2b1a86d10f96aa5c8837c592bbf4adb14d45256be49d82491
733db5a3f4944bf739069c7843551220bfbe5f8638eb1d10bde872375fe32829
771983ad6787dd5fc2b2932975fb7721a5ab57a5abb40b4578696d3e6c99c54f
790c14e07c1ab63c533e1e707a31ee462f289a466ea35173c3c3027d855bdc0d
7b7624c21f309a075b9179bccb0903102884ce40aaeb2e5ce78f229dae32045b
81516506b816ed00adabedabed2a790b5dcebe951d72957458ef4675d748cf48
858bf50f99b1138d14b11dfd6e399244467371c3775f8e6f8dd5c6d0f595df5a
8b7631d903c1b281d1fc128cf3a2cd19b43502fcadfd0448fa44a8c9e4ba1c02
92dc69e4c9263c2cac784811f6e27d7665f0c82b9e9e8764a3102d7c0e4c7272
933d73f915b0257d11be9e11d6c9ed8d09594998b41c57ded9ef1fd726cf9048
93429cc811196b0375f0e34a08446f9ed9c6a530192245960003a63a968a8948
9b6a9f07c92d3666693e13d14959dcf4ae5d99b3cf1d46d955ba330ff697cc16
a25a7c01dffc3b69e6a3f45bd63e6751e526e5c37dc7ac6bd33db7d985802b00
b87414f5436a7d4083af6f44cb7c9d53478c375111ad79d9e5ecace263b08d06
bf25159774bfcbc9412f2c9bbb4bd0d2d69b5d872aca2f4791e6269f3c4eb9fc
e2fe43f7de64cbf243ff07ccaf65e9bfabc2de279a9445238e58f6890584371d
e62d94375f4860cbeb0e9aa36ab12fbb45d3de73304533ad665ffd2dab74f2e4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995