www.8848bet365.com
Open in
urlscan Pro
103.112.28.53
Malicious Activity!
Public Scan
Effective URL: https://www.8848bet365.com:8989/
Submission: On March 06 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2019. Valid for: 3 months.
This is the only time www.8848bet365.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bet365 (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 103.112.28.53 103.112.28.53 | 135026 (THINKDREA...) (THINKDREAM-AS-AP ThinkDream Technology Limited) | |
36 | 163.171.132.119 163.171.132.119 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
44 | 3 |
ASN135026 (THINKDREAM-AS-AP ThinkDream Technology Limited, HK)
www.8848bet365.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
fsigbk.com
0btgia.fsigbk.com |
626 KB |
8 |
8848bet365.com
www.8848bet365.com |
112 KB |
44 | 2 |
Domain | Requested by | |
---|---|---|
36 | 0btgia.fsigbk.com |
www.8848bet365.com
0btgia.fsigbk.com |
8 | www.8848bet365.com |
www.8848bet365.com
0btgia.fsigbk.com |
44 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
get.adobe.com |
leadin.chatazure.com |
www.3265.cc |
Subject Issuer | Validity | Valid | |
---|---|---|---|
8848bet365.com Let's Encrypt Authority X3 |
2019-11-19 - 2020-02-17 |
3 months | crt.sh |
*.fsigbk.com Sectigo RSA Domain Validation Secure Server CA |
2019-07-17 - 2020-07-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.8848bet365.com:8989/
Frame ID: AF0A542F51C4C8437651EEB495A0A867
Requests: 47 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.8848bet365.com/ Page URL
- https://www.8848bet365.com:8989/ Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: 开启或下载安装Adobe Flash Player
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.8848bet365.com/ Page URL
- https://www.8848bet365.com:8989/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.8848bet365.com/ |
90 B 319 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.8848bet365.com/ |
298 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-base.css
0btgia.fsigbk.com/ftl/commonPage/themes/ |
71 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-skin-default.css
0btgia.fsigbk.com/ftl/commonPage/themes/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
0btgia.fsigbk.com/ftl/bet365_1150/themes/ |
43 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-dialog.min.css
0btgia.fsigbk.com/ftl/bet365_1150/themes/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
0btgia.fsigbk.com/ftl/bet365_1150/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-casino.jpg
0btgia.fsigbk.com/ftl/bet365_1150/images/ |
38 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-lottery.jpg
0btgia.fsigbk.com/ftl/bet365_1150/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-game.jpg
0btgia.fsigbk.com/ftl/bet365_1150/images/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads1.png
www.8848bet365.com/ftl/commonPage/zh_CN/pubads/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads2.png
www.8848bet365.com/ftl/commonPage/zh_CN/pubads/images/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
0btgia.fsigbk.com/ftl/commonPage/js/jquery/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
float.js
0btgia.fsigbk.com/ftl/commonPage/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idangerous.swiper.min.js
0btgia.fsigbk.com/ftl/commonPage/js/ |
44 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Comet.js
0btgia.fsigbk.com/ftl/commonPage/js/websocket/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PopUp.js
0btgia.fsigbk.com/ftl/commonPage/js/websocket/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
message_zh_CN.js
www.8848bet365.com/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-base.js
0btgia.fsigbk.com/ftl/commonPage/js/ |
60 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-dialog.min.js
0btgia.fsigbk.com/ftl/commonPage/js/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
0btgia.fsigbk.com/ftl/commonPage/js/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.super-marquee.js
0btgia.fsigbk.com/ftl/commonPage/js/jquery/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.nicescroll.min.js
0btgia.fsigbk.com/ftl/commonPage/js/jquery/ |
63 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.js
0btgia.fsigbk.com/010711/rcenter/common/js/jquery/plugins/jquery.validate/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.extend.msites.js
0btgia.fsigbk.com/010711/rcenter/common/js/gamebox/common/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moment.js
0btgia.fsigbk.com/ftl/commonPage/js/ |
105 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc.css
0btgia.fsigbk.com/ftl/commonPage/themes/hb/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hongbao.css
0btgia.fsigbk.com/ftl/commonPage/themes/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-layer.css
0btgia.fsigbk.com/ftl/commonPage/themes/ |
47 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-bg.gif
0btgia.fsigbk.com/ftl/bet365_1150/themes/images/ |
758 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_header_bg.jpg
0btgia.fsigbk.com/ftl/bet365_1150/themes/images/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sec-nav-bg-grad.gif
0btgia.fsigbk.com/ftl/bet365_1150/themes/images/ |
376 B 837 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sports-infos-bg.png
0btgia.fsigbk.com/ftl/bet365_1150/themes/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
484 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-products.gif
0btgia.fsigbk.com/ftl/bet365_1150/themes/images/ |
21 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
260 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui.ttf
0btgia.fsigbk.com/ftl/commonPage/themes/fonts/gui-fonts/ |
282 KB 282 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
special_3.jpg
0btgia.fsigbk.com/ftl/commonPage/zh_CN/mobileTopic/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.css
0btgia.fsigbk.com/ftl/commonPage/js/theme/default/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getAppsUrl.html
www.8848bet365.com/index/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
848 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1568708665159.png
0btgia.fsigbk.com/fserver/files/gb/1150/floatImage/203/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1568708665274.png
0btgia.fsigbk.com/fserver/files/gb/1150/floatImage/203/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1568708665387.png
0btgia.fsigbk.com/fserver/files/gb/1150/floatImage/203/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1568708665498.png
0btgia.fsigbk.com/fserver/files/gb/1150/floatImage/203/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getUserTimeZoneDate.html
www.8848bet365.com/index/ |
119 B 433 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headerInfo.html
www.8848bet365.com/ |
111 B 414 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bet365 (Entertainment)143 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| imgRoot string| apiRoot boolean| hasHg function| $ function| jQuery function| Swiper function| MSiteComet function| MSitePopUp function| showDialog string| resRoot string| wsRoot string| mdRoot string| fltRootPath string| language object| message function| responsive function| iealert function| blink function| textBlink object| carousels string| userAgent boolean| isChrome undefined| myFlash object| jQuery1113015865650566817746 function| BootstrapDialog object| layer object| NiceScroll function| moment function| canShowLottery function| closePage function| openRule function| closeRule function| lottery function| showLotteryMessage function| onceAgain string| imgPath function| homeDialog function| getUpdateTime function| getMultiADContent function| getSingleADContent function| layerMultiDialogIndex function| loadImage function| getLink boolean| isOpenCaptcha string| timezoneTran string| dateTimeFromat number| userTimeTimerId undefined| balanceQueryTriggerLimitTimer undefined| balanceAutoRefreshTimer string| HIDE_BALANCE_COOKIE_KEY string| REFRESH_BALANCE_TIME string| PAGE_LANGUAGE function| delateTip string| current_language function| transWebUrlSlide function| floatPics function| initMenuEvents function| createDesktop function| doSave function| SetHome function| AddFavorite function| noticeDialog function| noticeChangePageAjax function| setCookie function| getCookie function| closeIframeAlert function| getlocationParam function| maintainCheck function| handleMt function| maintainInfo function| transTimeZone function| closeFloatPic function| transWebUrlTag function| getApiName function| openNewPopWindow function| forgetUsername function| support function| getCustomerService function| balanceRefresh function| getApiBalance function| getNotAutoPayApiBalance function| userTime function| changeTimeTimer function| apiLogin function| unLoginLottery function| gameMessage function| apiLoginDemo function| lotteryDemo function| createFreeAccount function| currentPage function| getXjPage function| apiLoginReal function| changeBalanceHide function| balanceStatus function| hideBalanceIfModeHide function| enterLogin object| loginObj function| changeLoginStatus function| game_demo function| afterLogin function| login function| openVerify function| verify function| openSecondVerify function| doSecondVerify function| importPlayer function| cancelVerify function| dropdownOpen function| Logout function| liveAccordion function| loginPlayer function| recoveryApi function| isAllowRecoveryApi function| autoGetApiBalance function| getSingleApiBalance function| getAllApiBalance function| dialogMsg function| showAnnouncement function| maxGameTag function| gameCollect function| gameScore function| gameTagList function| myCollectList function| myRecentlyList function| layerDialogNormal function| closeIframeLayerDialog function| layerDialogDownload function| layerDialogForgetAccount function| layerDialogNotice function| layerDialogRegister function| getQRcode function| qrcode string| rgb function| PlaySound function| StopSound boolean| isLogin function| rebate string| REGSTER_SEND_EMAIL_TIME string| REGSTER_SEND_PHONE_TIME function| init object| captcha_box2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.8848bet365.com/ | Name: REFRESH_BALANCE_TIME Value: 0 |
|
www.8848bet365.com/ | Name: route Value: 336c541ca0f91b64d84cce77db221a13 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0btgia.fsigbk.com
www.8848bet365.com
103.112.28.53
163.171.132.119
01cf3c6ca09d7b6003faf27cdf6ff31dc52ec67f73070a6c81bfcb50b7b9ea4c
03dcf565eeaea248ffd33979a18c59ae8eac6a7d77a4ffaa286e3115269db5c8
07a76f57d27ffc173dc76840e2f8b49c6c8d2ef245fb96c3426ebf4c793a3f3b
13e5348ceb8b66112851439602497e44bcb574bf16794598bce46340f784d533
1694db51d04b5d207f7bc4ca11a7fcd2ca171b2f4c2c2b12d1c75e5cb3dbe20f
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f
2e8f81261f0d7231634f8e8b7e04232d47d9cba968a9c840b67112b3f4660e1e
305ee32a91850ceed409200a0d6ed8c81569cf9f8ffe9c5dac52a64269ffdd16
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
407a52c81c586cc43bf617deb30e8fb77625e53ab288483775ad0366faefe403
44b54c6aaf67120587b036b6ed8e168421e740f56b4b309417111cbfe155dfe7
49b693dd9d589058c48223c383efa39f9d523ceae799718bc1fa792941afd672
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
5010f299823e3a93cb177a1985e75bbcb595ec827ffe90fc8bcdabc35b1e5c0d
527228714a2a640b71788550f8dcd2c0964ee13fdfddc1c57ff377134f8fcecb
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
61d4a0798fb66523d363428f184df2f131773bf1c3b8b7ad0aaaccf2caf73e79
6cff75537c35a2a855cafaf1d2d45767867dbc28774da40ed8c4fd4f4f74a813
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
73500ead881aa273814d982b0a0e78dc29ebf04f37b5932667785f6f7c45a664
81c2e3ba043ed04fbd4c2135686ed57c0fd28cda682d9519dfbf4fdcd7981e63
842b5cf1574a2a243862cbd62021490029943bcf42ca7385cbe9ffed711499d1
88daf45680ee6c5fa1889aac31983ee279d67dc056ab625595a1552faee5fbea
8d5cdae066e58aa2dea89e52ab0ae34129b926f9a7bbfc7fd76166230701aa44
90d11a9b139c13db4014333200a51e160febd2c5d5d1ca4e82d230d1efc7cfe2
9920acda506d326945d86c4bbc435d77b53a5a5eda5eb15c0f92b0e4465d91be
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
b136864ffef1cf1bca9a4106031e7f247fb62bb717db1a495c96c7d8b5b77da3
b140ca5338387b3eb57031c638f186e998ce5f984810135ef3fae7bb354a376b
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708
c84bb2ad716cd73e1f30f6dba8de50ed6dc780f3a23ae5c9cb8eb396eeb8258f
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4
cd548d38e7e22e8597da17809e9dd1ee020cfe72288ac55fdb14c9b4130d9e92
cd58d657e3d79583a5722257d8770e3b5f620f1d58e392f1d9460cc89ac485fa
cd80efb67f4179932da096b3d331f9bb18017d6ccc4c5eab513fb75c4480d9d4
dbddab3a290b16fc7b43e0a1093ffdec6a2ff91c104f9eff21df181a5336118c
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
de200fb96f787a050c7eb1dcb44abb6fdcba565f2bc820b7ef68e342fc206d39
e2d6dc41a46d52785066f64aaa078ad6736d23741333d9f335be74ad0b77c7f1
e86e3afd834a8412cae16da4bbeb2b04eea33a3ab4d7508a26d3063157c76212
f1d54b7d245fdddbca96006d6031722a422658369c7bbba0e4adb761db3030a1
f9b50670a93fcef81c4f838f7da60d397994bea07f83af0f51ae89d670f1189c
fc5d1b966bd73ca1e73eccfea043f045b8a975a57c8b3bfca3d45ac862940256