2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn
Open in
urlscan Pro
103.24.55.250
Public Scan
Effective URL: https://2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/mobileweb/home?wechatapp_id=455012&channel_id=348059&channel_key=348059zj09&kefu_uid=8100058...
Submission Tags: phishingrod
Submission: On May 10 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.
This is the only time 2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.24.55.186 103.24.55.186 | 7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.) | |
1 17 | 103.24.55.250 103.24.55.250 | 7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.) | |
17 | 163.181.130.166 163.181.130.166 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 43.152.26.58 43.152.26.58 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
2 | 14.215.182.140 14.215.182.140 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
1 | 47.246.2.90 47.246.2.90 | () () | |
38 | 7 |
ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com |
ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
h5cdn.xiaokefu.com.cn |
ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
xiaokefu.com.cn
h5cdn.xiaokefu.com.cn |
528 KB |
17 |
kfsqhw.cn
1 redirects
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn |
11 KB |
2 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10507 |
12 KB |
1 |
zhimakefu.com
img.zhimakefu.com |
3 KB |
1 |
qq.com
res.wx.qq.com — Cisco Umbrella Rank: 11520 |
13 KB |
1 |
askroblox.com
sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com |
242 B |
38 | 6 |
Domain | Requested by | |
---|---|---|
17 | h5cdn.xiaokefu.com.cn |
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn
h5cdn.xiaokefu.com.cn |
17 | 2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn |
1 redirects
sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com
h5cdn.xiaokefu.com.cn |
2 | hm.baidu.com |
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn
|
1 | img.zhimakefu.com | |
1 | res.wx.qq.com |
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn
|
1 | sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com | |
38 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com R3 |
2024-05-10 - 2024-08-08 |
3 months | crt.sh |
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn R3 |
2024-04-29 - 2024-07-28 |
3 months | crt.sh |
*.xiaokefu.com.cn Certum Domain Validation CA SHA2 |
2024-05-03 - 2025-06-02 |
a year | crt.sh |
res.wx.qq.com DigiCert Secure Site CN CA G3 |
2023-08-04 - 2024-09-03 |
a year | crt.sh |
baidu.com GlobalSign RSA OV SSL CA 2018 |
2023-07-06 - 2024-08-06 |
a year | crt.sh |
img.zhimakefu.com Encryption Everywhere DV TLS CA - G2 |
2024-04-28 - 2025-04-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/mobileweb/home?wechatapp_id=455012&channel_id=348059&channel_key=348059zj09&kefu_uid=810005898&key=108247vtqo
Frame ID: B4A53EAEA0632FDF9ADEA4255E8C54FF
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
在线客服Page URL History Show full URLs
- https://sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com/ Page URL
-
https://2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/s/108247vtqo
HTTP 302
https://2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/mobileweb/home?wechatapp_id=455012&channel_id=348059&channel_key=348059z... Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Baidu Analytics (百度统计) (Analytics) Expand
Detected patterns
- hm\.baidu\.com/hm\.js
Clipboard.js (Miscellaneous) Expand
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
Moment.js (JavaScript Libraries) Expand
Detected patterns
- moment(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com/ Page URL
-
https://2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/s/108247vtqo
HTTP 302
https://2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/mobileweb/home?wechatapp_id=455012&channel_id=348059&channel_key=348059zj09&kefu_uid=810005898&key=108247vtqo Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com/ |
104 B 242 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
home
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/mobileweb/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer.min.css
h5cdn.xiaokefu.com.cn/static/imcdn/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.min.js
h5cdn.xiaokefu.com.cn/static/libs/antd/ |
52 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zh-cn.js
h5cdn.xiaokefu.com.cn/static/libs/antd/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jweixin-1.3.2.js
res.wx.qq.com/open/js/ |
12 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.723297e857d83ea4dd8e35e73323ae4b.css
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/css/ |
182 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
h5cdn.xiaokefu.com.cn/static/libs/jquery/1.12.4/ |
98 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer.min.js
h5cdn.xiaokefu.com.cn/static/imcdn/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localforage.min.js
h5cdn.xiaokefu.com.cn/static/imcdn/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reconnecting-websocket.min.js
h5cdn.xiaokefu.com.cn/static/imcdn/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bscroll.min.js
h5cdn.xiaokefu.com.cn/static/imcdn/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iscroll.js
h5cdn.xiaokefu.com.cn/static/imcdn/ |
63 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
h5cdn.xiaokefu.com.cn/static/libs/clipboard/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.3753d8f8e0a9d8f6d962_20230217.js
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.8670cc328dd3ecba36d4_20230217.js
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/js/ |
350 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.9b7988475b06956ccbed_20230217.js
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/js/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.5040f4b28a0df96bb05b_20230217.js
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/js/ |
709 KB 237 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.8c1f1b8b071ebca863b0_20230217.js
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
getWhiteList
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/zhima/api/ |
44 B 262 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
getGlobalConfig
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/ |
4 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
show
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/kf/shortCut/ |
50 B 375 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
show
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/kf/yunh5Menu/ |
20 B 348 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
authInfo
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/kf/sendVideoAuthority/ |
63 B 389 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
getGlobalConfig
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/api/ |
7 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/ |
7 B 225 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
info
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/zhima/yun/yunChannel/ |
3 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bind
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/zhima/api/ |
309 B 431 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
request
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/zhima/api/ |
59 B 276 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
getEnquireFormConfForC
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/Api/ |
60 B 603 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
history
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/zhima/yun/yunMessage/ |
47 B 262 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/static/im-h5/dist/ |
7 B 225 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guess-default.45095a8.png
h5cdn.xiaokefu.com.cn/static/im-reconstitutionH5/dist/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
810005898_2023_12_23_17_05_49ma7kz.jpg
img.zhimakefu.com/wechatapp/customer_service/admin/2023/12/23/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
SetCMessageRead
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/Api/ |
25 B 243 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
SetCMessageRead
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/Api/ |
25 B 243 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| viewport function| moment object| jWeixin object| wx object| _hmt function| $ function| jQuery function| Viewer object| localforage function| ReconnectingWebSocket function| BScroll function| IScroll function| webpackJsonp object| __core-js_shared__ boolean| _bdhm_loaded_c0af941dc5b11c6ccf7dfa77fc3e3c24 object| mini_tangram_log_xgga96 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/ | Name: yii_zhima_session Value: uug6nopi5h7usfvghq750524hi |
|
.hm.baidu.com/ | Name: HMACCOUNT_BFESS Value: 112853830905B571 |
|
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/ | Name: zhimaid Value: h5c8cac-1715309650156-88625 |
|
.2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/ | Name: Hm_lvt_c0af941dc5b11c6ccf7dfa77fc3e3c24 Value: 1715309650 |
|
.2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/ | Name: Hm_lpvt_c0af941dc5b11c6ccf7dfa77fc3e3c24 Value: 1715309650 |
|
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn/ | Name: client_id Value: ac109df10b5b00bdaf8d |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2mllf.k17g6.com-8thf2.mebjv.kfsqhw.cn
h5cdn.xiaokefu.com.cn
hm.baidu.com
img.zhimakefu.com
res.wx.qq.com
sdx35da.s6eas3.d3ee.s3x.aee.x3a.askroblox.com
103.24.55.186
103.24.55.250
14.215.182.140
163.181.130.166
43.152.26.58
47.246.2.90
096197b0d08771c9523986e3693b2d418f669b69a898c1e60fa31522e1d424a0
0b28b9f627f8f58fae90c315a43f7bf0f510f1e89aaca98d7b2ebe060cfc7393
0cf8e5646c8ea78be0aa2d1871061a2784fb2bc8a5e668335229ca2bc8ca6aca
0e9f0a7ba4a879b1344ce1de07930ee566c4d04861c24ec6345b00027837e58d
0f118b0d96ebd458f7e856926673c19b7b2475ceb5f6e1e086e6588052ce8d6a
131fbe8d0f7e3d8d766bf81d23ea02c4dfa2b1165a5ba6998532d3409a0e15d8
132b5c292178d4fd5d69f0c9d1089e07af3a59f521ac68329a1a21d49cebb516
1f52d0e6260d66d3346d5b830515a1a81a771c65b3f747891e5b6ccd7c9b44f0
26239a2e6c0f1750e812993f0625e86f46674856ce07b85d7953641f285d1a15
2f077f2a08b66f730f2019fb94d662721aa18331b319e1b77aa66895da0fb6a1
2fd0a7e9960dfb0c94f8daeb48856effa98ab4b56a410f7c63328aedd80c013b
3791b45c51194d2e286a67a465fd5d2efa84762ff5e373fc2dcb40577e4a23d2
3b62e090314e0b353de167ccc8d345f2e19751ef37622d86c187f7ef7b9b1277
3d5c5adc8f3f52f0b958dbdabb87175f68b18aa71ea0447eeefd0b2d357f837c
4bda3b8d06f49e206cd29da56445dce845adbaa4c43191fed3d86633dba17425
53138532aad7c571af10cf6b17a678552e9a9e7ef5014d250f97af8dc61ae6e1
5845e73cb33fb3a0cbc35cb51b3aa4b8069dcf807c9285c9d3b7423017eaa587
6818fc6bbb074a19f02afc3dafb2b9ecf72a5f1b13a8a4579ee47a6a8b896ef5
6e10cbd37ccd7bc7195c7b0877b186f458a66c4342787460a5ce3f1eb3962e8b
780dd1e543c13157f9b6499d83aef05e983df802c889e4409a1ce8026659916b
8970d87dc5fb273b406c465a1e68e46b577dc447ee9f80b9f13f062d72badd9b
8be279bec2008c22383242aba5a8d7c592d63dc9eac1a14d4cf80209f9e5c8af
8ffede2baa030f16251c4727aa70a3f9c547d1a1fe40fd6fae9e1bc8bdc26ece
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b4676a627ba24447cb494e79944ec35ffe6a3b6b863b6f0ffe414b2fc695f032
b56bcbb714ca592612bdd936eb0d4d7f781ec38c0525a244d4f84dc119765882
c228a8e12e33827977851a6b9dde862feba61ac34c5ad5bc675e55603754d770
c4710be8aa38af4519f7c75e1479e06a8f359606df1a319191e5b9aa1a465d93
cb7692974b3e2d42e1f25eb781f84b4fd091988470d889249a167faed5e53238
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d659250543a112d00f6b5afbf2bd555a6f717efc35e251a0dba5590689cfd38f
d922b51f0f9e6c5a548ac471186b8aaabde10e170b85183d88a824f48c8e06c7
dcfaf8f947980c68e5870cc28666d7a7552c9be3704424c84a2d718bbda685e3
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e7d2f9b85bec0632463583fb3b48b91c7a0b2f6bb82b11b519f5c3bbdb01b800
f3382cc987cf2705fc70304ad01fee4a41a1dceeff0045d50b87e9cdc99294fe
fb659e85415f144c85c1e154af606b3c3202ecaf1026e806eeb28980b661342e
fb78ce43f72e8dad02d9ea514b55f0e3d1f7b202b106f4588c30dbd3dbcf39a7