![](/screenshots/7b12fbf3-4113-48a6-8a41-1973e632d063.png)
lienquan.garenia.vn
Open in
urlscan Pro
103.200.23.222
Malicious Activity!
Public Scan
Submission: On April 04 via api from US — Scanned from US
Summary
This is the only time lienquan.garenia.vn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 103.200.23.222 103.200.23.222 | 135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80d::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:81e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:807::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
5 | 45.119.240.104 45.119.240.104 | 131418 (VIETNAMES...) (VIETNAMESPORTS-AS-VN Vietnam Esports Development Joint Stock Company) | |
2 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 103.60.18.132 103.60.18.132 | 131435 (HOABINH-A...) (HOABINH-AS-VN Vietnam Esports and Entertainment Joint Stock Company) | |
38 | 11 |
ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: host222.vietnix.vn
lienquan.garenia.vn |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN131418 (VIETNAMESPORTS-AS-VN Vietnam Esports Development Joint Stock Company, VN)
cdn.vn.garenanow.com |
ASN131435 (HOABINH-AS-VN Vietnam Esports and Entertainment Joint Stock Company, VN)
lienquan.member.garena.vn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
garenia.vn
lienquan.garenia.vn |
950 KB |
5 |
garenanow.com
cdn.vn.garenanow.com — Cisco Umbrella Rank: 76755 |
173 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 229 |
89 KB |
3 |
gstatic.com
fonts.gstatic.com |
42 KB |
2 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2381 |
37 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45 ajax.googleapis.com — Cisco Umbrella Rank: 280 |
32 KB |
1 |
garena.vn
1 redirects
lienquan.member.garena.vn |
152 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70 |
38 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39 |
20 KB |
1 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 585 |
1 KB |
38 | 10 |
Domain | Requested by | |
---|---|---|
19 | lienquan.garenia.vn |
lienquan.garenia.vn
|
5 | cdn.vn.garenanow.com |
lienquan.garenia.vn
|
4 | cdnjs.cloudflare.com |
lienquan.garenia.vn
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | stackpath.bootstrapcdn.com |
lienquan.garenia.vn
|
1 | lienquan.member.garena.vn | 1 redirects |
1 | www.googletagmanager.com |
lienquan.garenia.vn
|
1 | www.google-analytics.com |
lienquan.garenia.vn
|
1 | ajax.googleapis.com |
lienquan.garenia.vn
|
1 | static.xx.fbcdn.net |
lienquan.garenia.vn
|
1 | fonts.googleapis.com |
lienquan.garenia.vn
|
38 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
d.facebook.com |
member.garena.vn |
www.garena.vn |
vetv.vn |
www.tencent.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-01-11 - 2022-04-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
cdn.vn.garenanow.com SSL.com RSA SSL subCA |
2021-11-17 - 2022-11-17 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://lienquan.garenia.vn/
Frame ID: C806F0996760297BEE77DEBD6C37E5B1
Requests: 39 HTTP requests in this frame
Screenshot
![](/screenshots/7b12fbf3-4113-48a6-8a41-1973e632d063.png)
Page Title
Liên Quân MembershipDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
![](/vendor/wappa/icons/Popper.png)
Detected patterns
- /popper\.js/([0-9.]+)
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Quên máºt khẩu?
Search URL Search Domain Scan URL
Title: member.garena.vn
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://lienquan.member.garena.vn//vendor.js?c6ebc46374ef3ce10b5c HTTP 302
- https://cdn.vn.garenanow.com/web/kg/member//vendor.js?c6ebc46374ef3ce10b5c
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
lienquan.garenia.vn/ |
40 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1001 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k97pj8-or6s.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ |
809 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
fonts.gstatic.com/s/bevietnampro/v8/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
fonts.gstatic.com/s/bevietnampro/v8/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QdVPSTAyLFyeg_IDWvOJmVES_Hw4BXoKZA.woff2
fonts.gstatic.com/s/bevietnampro/v8/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dev-welcome.js
cdn.vn.garenanow.com/web/lol/assets/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ |
138 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
cdn.vn.garenanow.com/web/kg/member// Redirect Chain
|
400 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
browser.css
lienquan.garenia.vn/ |
89 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
lienquan.garenia.vn/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-gg.png
lienquan.garenia.vn/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-fb.png
lienquan.garenia.vn/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user-ico.png
lienquan.garenia.vn/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spin_arr.png
lienquan.garenia.vn/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-garena.png
cdn.vn.garenanow.com/web/kg/sukien39/images/pc/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-vnes.png
cdn.vn.garenanow.com/web/kg/sukien39/images/pc/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-tengames.png
cdn.vn.garenanow.com/web/kg/sukien39/images/pc/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sweetalert2@10.js
lienquan.garenia.vn/js/ |
63 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rotate.js
lienquan.garenia.vn/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-bg.png
lienquan.garenia.vn/images/ |
319 KB 320 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oswald-Bold.woff
lienquan.garenia.vn/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IcoMoon-Ultimate.woff
lienquan.garenia.vn/fonts/ |
171 KB 171 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oswald-Light.woff
lienquan.garenia.vn/fonts/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oswald-Medium.woff
lienquan.garenia.vn/fonts/ |
47 KB 47 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oswald-Regular.woff
lienquan.garenia.vn/fonts/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
active_point.png
lienquan.garenia.vn/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spin_router.png
lienquan.garenia.vn/images/ |
225 KB 225 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt_line.png
lienquan.garenia.vn/images/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oswald-Bold.ttf
lienquan.garenia.vn/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer function| Popper object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal boolean| IE object| Wilq32 function| sweetalertclick function| login function| close_modal function| click_login object| webpackChunknode_graphql_kit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lienquan.garenia.vn/ | Name: PHPSESSID Value: 8d2d7f401e3749c7a07e66bb37295dab |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.vn.garenanow.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lienquan.garenia.vn
lienquan.member.garena.vn
stackpath.bootstrapcdn.com
static.xx.fbcdn.net
www.google-analytics.com
www.googletagmanager.com
103.200.23.222
103.60.18.132
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4006:807::200e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::200a
2a03:2880:f012:8:face:b00c:0:1
45.119.240.104
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16f092100f1433b665faf2404df46f0b5878b4248bf82398e75d0868514bcb98
1cd13caecaa69d72797ba72d83b6e4289f026e6d5f1f74e765c1f1323e2b9728
27e681d55f921a1cdb462c4e65f71f62f306cefcae4f764438de7022fa36743a
2b723f01609c831aa2d8df86b3156e72de7ac57b36d4ffbaee2ac4a44d28a5c8
30d6db28d95ed25285c1d53776e37019a5c0b1ac60e470b4e267b6098b813484
34de026b9d3f8be6d3a101bdfcf0d75820876d89bffa27b4ebf6dca850506452
359156397e135d68b0681af8cd67b57897ee93c14ca21ac9e2a5c88ba4814b28
3e0573c88cfdd1e44a0925fe3728f06f25ee36ab114f044c1957484877a77002
4c35609a68cdc6bc237c02e4dadd76b444b20bcfac6c742a683be331c3733033
5089932a425db8912573a4808c785d2881ce9089791752eccd8d5d839c212acf
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6ad74d7eb1b620d0997a7b20636eecf32366855a14fe1b1d379e2c47db94a57b
6df1a5191301e0079943aad1780e1b763953528b3f13112f9c343331c2324324
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7e200d0551f7d87d4c1a32ba265186be23494477b64a48accbf6198fe6e79956
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
962f92aff3579af9d46cefb33680f4f6855ca83f5d777d882c477e3a8e195dd9
968b84dc305863061f282278e2b0b87d87ff619ec3c86220967325c3557a96e9
9da320861b9a2fa3e9de086c9002bf2a6457e7228b9afb7431ff273d047b653d
9f7876ed0753c7eb8ad25999ff2cdcfe98be5570c2956d67456c068bab0799a1
a0e0a40837a5fe7e4f65017e18e64f371c93589521aca584a3a97e75589a55bd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c68094eece21a91d1509a9a501b2259047c1eec6d06e1d3c0c932c6bd18ddb
a2f95e9ffc3b2d9f6697b096f7cd6ecde02ec3a86f8269ecdc66aa68f0fe07a9
a509b3cd5765a5515e7f4524aeab36fcbb1f74a87683b379117eb932136e893e
a7441a682f7e3187b638ca7919ae65bdea6dabeffa563c57f9fb59ad5481ecfe
aae01b98c10deeefcaa60ef76d1cd65c106c66fb7b92c8f77a3b8d3d8c4b353f
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82
b792ed9a5ef03131891ff85adea16b92a29ea75320efce5d50ac1ad1e8bee6f8
d064a1593ac048b449cde59ff3a6312c124868f5649d02bf071d9fc7cd1d2d0e
e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae
f1fdce137e8782594a5c531326e299c2d2f0d769159d804081cdefdaa25272b1
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e