leesangku.com
Open in
urlscan Pro
211.202.2.42
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On August 17 via api from GB
Summary
This is the only time leesangku.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Societe Generale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 211.202.2.42 211.202.2.42 | 9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd) | |
33 | 193.178.154.160 193.178.154.160 | 3296 (SOCIETE-G...) (SOCIETE-GENERALE) | |
2 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 193.178.154.164 193.178.154.164 | 3296 (SOCIETE-G...) (SOCIETE-GENERALE) | |
1 | 199.34.228.59 199.34.228.59 | 27647 (WEEBLY) (WEEBLY - Weebly) | |
1 2 | 34.246.143.222 34.246.143.222 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
39 | 6 |
ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
PTR: web-42.blueweb.co.kr
leesangku.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN27647 (WEEBLY - Weebly, Inc., US)
PTR: pages-custom-15.weebly.com
www.thealternateroot.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-143-222.eu-west-1.compute.amazonaws.com
logs128.xiti.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
societegenerale.fr
static.societegenerale.fr particuliers.secure.societegenerale.fr |
186 KB |
2 |
xiti.com
1 redirects
logs128.xiti.com |
500 B |
2 |
jquery.com
code.jquery.com |
42 KB |
1 |
thealternateroot.com
www.thealternateroot.com |
|
1 |
leesangku.com
leesangku.com |
33 KB |
39 | 5 |
Domain | Requested by | |
---|---|---|
33 | static.societegenerale.fr |
leesangku.com
|
2 | logs128.xiti.com |
1 redirects
leesangku.com
|
2 | code.jquery.com |
leesangku.com
|
1 | www.thealternateroot.com |
leesangku.com
|
1 | particuliers.secure.societegenerale.fr |
leesangku.com
|
1 | leesangku.com | |
39 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
particuliers.societegenerale.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
static.societegenerale.fr DigiCert SHA2 Extended Validation Server CA |
2018-07-20 - 2020-07-20 |
2 years | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
particuliers.secure.societegenerale.fr DigiCert SHA2 Extended Validation Server CA |
2018-05-31 - 2019-09-19 |
a year | crt.sh |
*.xiti.com Thawte RSA CA 2018 |
2019-03-12 - 2020-05-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://leesangku.com/pruboard/technote/board/gener/sg/e3f4d7e2d0a163a021cbe1dbc9a99865/authen.html
Frame ID: 158CAB293DD89BD19976F8C7B7A589F2
Requests: 39 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: cliquez ici
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 36- https://logs128.xiti.com/hit.xiti?s=412253&s2=19&p=mon_profil::moyens_de_securite::activer_pass_securite&di=0&vrn=1&mc=&at&at=452671a7dabac0e45fa82f339b5942ea&lng=en-US&idp=1522378698945&jv=0&re=1600x1200&vtag=4.7.0&hl=15x22x37&r=1600x1200x24x24&rn=1566048157182&ref= HTTP 302
- https://logs128.xiti.com/hit.xiti?s=412253&s2=19&p=mon_profil::moyens_de_securite::activer_pass_securite&di=0&vrn=1&mc=&at&at=452671a7dabac0e45fa82f339b5942ea&lng=en-US&idp=1522378698945&jv=0&re=1600x1200&vtag=4.7.0&hl=15x22x37&r=1600x1200x24x24&rn=1566048157182&ref=&Rdt=On
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
authen.html
leesangku.com/pruboard/technote/board/gener/sg/e3f4d7e2d0a163a021cbe1dbc9a99865/ |
33 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ephox_commun_defaut.css
static.societegenerale.fr//pri/themes/defaut/css/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contenus_pap_defaut.css
static.societegenerale.fr//pri/themes/defaut/css/ |
58 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contenus_defaut.css
static.societegenerale.fr//pri/themes/defaut/css/ |
182 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid_commun_defaut.css
static.societegenerale.fr//pri/themes/defaut/css/ |
52 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid_p1_defaut.css
static.societegenerale.fr//pri/themes/defaut/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.0.min.js
code.jquery.com/ |
94 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate-1.2.1.min.js
code.jquery.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_header_refonte_2010.gif
static.societegenerale.fr//pri/PRI/Multimedias/logo_et_copyright/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
relatorJS.js
static.societegenerale.fr//pri/ctn/ |
987 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_menu_haut.js
static.societegenerale.fr//pri/contenu/js/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_dcr_mon_profil.js
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/Menu_DCR_mon_profil/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fancybox130.js
static.societegenerale.fr/pri/jquery/plugin/ |
15 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_popin_toolbox.js
static.societegenerale.fr/pri/contenu/js/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visuel_btn_services_urgences.gif
static.societegenerale.fr//pri/PRI/Repertoire_par_type_de_contenus/Visuel/contenu_lien/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trans.gif
particuliers.secure.societegenerale.fr/img/commun/ |
49 B 283 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_pied_visuel.jpg
static.societegenerale.fr//pri/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_pied_copyright.gif
static.societegenerale.fr//pri/PRI/Multimedias/logoetcopyright/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_recherche.js
static.societegenerale.fr//pri/contenu/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2gMesureAudienceUtil.js
static.societegenerale.fr//pri/contenu/js/ |
36 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xtcore.js
static.societegenerale.fr//pri/ |
25 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_fond_site.jpg
static.societegenerale.fr/pri/PRI/Themes/defaut/img/refonte/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_mire_connexion_titre_co.gif
static.societegenerale.fr/pri/themes/defaut/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_mire_connexion_form_bg_co.gif
static.societegenerale.fr/pri/themes/defaut/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_mire_connexion_btn_deco.gif
static.societegenerale.fr/pri/themes/defaut/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_mire_connexion_liste_bg_co.gif
static.societegenerale.fr/pri/themes/defaut/img/ |
732 B 944 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_mire_connexion_puce.gif
static.societegenerale.fr/pri/themes/defaut/img/ |
99 B 310 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_dcr_mon_profil.css
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/Menu_DCR_mon_profil/css/ |
2 KB 992 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_Pages_Pass_Securite_Activation.css
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/OOB_DCR/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_menu_haut_sprite.png
static.societegenerale.fr//pri/themes/defaut/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_cdf_titre_fond.gif
static.societegenerale.fr//pri/Repertoire_par_type_de_contenus/Visuel/Chemin_de_fer/ |
442 B 654 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_btn_assurance_prevoyance.gif
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/01-Pages/00-perennes/01-LGN/Synthese_contrat/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_btn_contacts.gif
static.societegenerale.fr//pri/themes/defaut/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bstn_valider.gif
www.thealternateroot.com/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_pied_separateur_liens.jpg
static.societegenerale.fr//pri/themes/defaut/img/ |
285 B 498 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_profil_sprite.gif
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/Menu_DCR_mon_profil/images/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n2g_menu_monprofil_bg_li-link.gif
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/Menu_DCR_mon_profil/images/ |
131 B 343 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hit.xiti
logs128.xiti.com/ Redirect Chain
|
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alerte_message_img_cross.png
static.societegenerale.fr/pri/PRI/Repertoire_par_type_de_contenus/Type_de_contenu/01-Pages/00-perennes/charte_cookies/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Societe Generale (Banking)163 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| lgn1_isRubriqueRelator object| lgn2_isRubriqueRelator undefined| $jRelator function| actionRelator undefined| $jMenuHaut undefined| menuHautShadowDropped function| menuHautDropShadow function| menuHautRefresh function| menuTimeout undefined| interruption undefined| slide undefined| defaultpos object| c_link function| jq function| n2gPopinDisplay string| n2g_url_nous_contacter function| n2gPopinCheckData function| n2gPopinGetAndDisplayRessource function| openWindow1 undefined| $jRecherche function| suggest_bypass function| n2g_lancerRecherche function| loadFromArray function| bindReady function| toastCnil function| masquerFenetreDepotCookie function| createCookie function| readCookie string| _site string| _siteUrl object| __r2 number| __lgRPC string| hh undefined| a function| _gtt function| myGetCookie2 function| mySetCookie2 function| isFirstCall2 function| __yah function| __ogaux function| __og3 function| __og2 function| __og0 function| __og function| __ogtrt function| rCallbackTRT function| rCallback number| eza function| __yaa number| ezb function| __yab number| ezi function| __yai function| __yak function| __yaj function| __yal function| __yal2 function| __yaz function| __yaz2 function| __yam number| sgo function| __sgo number| ezl function| __yall number| yat number| eze function| __zae function| __getInfo function| __isSpecialF function| __isSpecialI function| __isSpecialIF function| __isSpecialEM function| __yae number| ezm2 function| __yam2 function| __b12 function| __b14 function| __b15 function| n2gCompareUrls function| n2gAppelXiti function| n2gVarXiti function| xtTraiter function| Xt_med_flash function| Xt_med function| n2gPerfClic function| n2gPerfCom function| n2gAudienceComs number| ezh object| DomReady number| ezk number| ezj number| ezl2 number| ezz number| ezz2 number| ezm number| ezc number| ezd string| xt_at string| xtparam string| deb_ati string| nxt_ati string| xiti_xtati string| xiti_xtnv string| xiti_xsite string| xiti_xtsd string| xiti_xtn2 string| xiti_xtpage string| xiti_xtdi string| mc string| xtnv string| xtsite string| xtsd string| xtn2 string| xtpage string| xtdi object| Xtconf object| ATInternet function| Xtcore function| ATWebo function| ATTvTracking string| xtLogDom number| xttredir object| xw object| xd string| xtv string| xt1 string| xt7 string| xt8 string| xt9 string| xt8b string| xtp string| xt44 object| xt21 function| xtf1 function| xt_addchain function| wck function| xtf3 function| xt_mvt function| xt_med boolean| xtfirst function| xt_ad function| xt_adi function| xt_adc function| xt_click function| xt_form function| xt_rm string| xtidpg string| xt16 function| xt_addProduct function| xt_rd function| xt_addProduct_v2 function| xt_addProduct_load function| xt_ParseUrl function| xt_ParseUrl3 object| AT_click object| AT_hit string| xtvid object| xt29 string| Xt_id object| attag number| ezp21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
leesangku.com/ | Name: isFC Value: -ZZ8 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
leesangku.com
logs128.xiti.com
particuliers.secure.societegenerale.fr
static.societegenerale.fr
www.thealternateroot.com
193.178.154.160
193.178.154.164
199.34.228.59
2001:4de0:ac18::1:a:3b
211.202.2.42
34.246.143.222
014c1cc04f3c3cbb5cf966d636a38806800b14f7a6e36d02d2956c270ab51e13
06d46c1f5091bfb47e918d593e57417559dad7c62c5bf494480c3caa82b7aa2c
078bab98bff4eb419c3522c94605f66a241ae9a93db685230327479cf87f8848
07e7baab5e0aa9612ae023b21fa9e7792bd2a9ffad1c1143c06260a53d0a2181
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
291a64e7062107170be9701ca9d678c8c7750a679349048f2e0d8995edb3a3c8
2a1073358218e46e82d316192cf6242dd206d727abad66c33c03d75ee9adf155
35008c2fd7232744993336456f1f30cb3c78b924363be2b478ac295981d398c7
36d5ca3f589d6396374e86fbfe642cb02ed169fc3e4fc1de5e02c9fb27df0b28
3820d299b33f93e284ba35e39c1b970d162d574d06c63ea3bf4b0913a68a33db
3901776833fdc494c42afd4d63213330a39485df79b6bda9353bc7771d90e9a0
3c5b83e390d046c3623c4b8e35b58aaf64a7481bb2372fb51ae2e0e7818f7407
45419874c88ea9e0ad895f016cec87a38a5110a15825739c210b15e4245fa983
4cffcc1f0aa9346f23bcfa5d064e70af59ca97402c699a901c45b602c846e907
5e7fb0bf5ea4d9c97ed9d813062b2827f40675ec7216e439316689c9c03df4ce
6998a94f72092b19f69c1cdeeeae9ade8c4ffbbf30fd3d5f69ec2f1cb835b37e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
766c04b4b554407bbd40947cfbaf1788062830593ed3fc7304504475fd8f2014
79024397d54dc78ced5e531d5a501cf45a42a22970f8777630d0f091e776a4a8
810e571f8bcb295a609fb04119bd5bf60846d31bbe9d4169f6f36f905e3926c2
843fadcf58544c1b1c7d187eb9d5fa9fcc5ff391af0d069fe58a3a99b860ddf3
8bb45c5ca1340ddfac42d05232dd66cb1c0ee4b23e2f0fde9ff0256eaddde6b7
9a5176950dd5e2ea5899843b5a7040f9054b10bdd79dbf12a276b359bf0eba92
9b9e48e2a83d4451ad3ee0898dc1d1bd035593ed5fb7a0c8ca89d8d1fcee8bcd
9c4ee7673eed399c3acc4cd52bae8d2e8021bc69d5729c7d1676db1082ae9c8b
9da354f0bbc1cdd64a6a9955c47003f109a9600b46f470a0bd25983060f946fe
9df0ebbf3712e21ab8e566f7436c7aae9df3c7edab0e9bbb816eb51b36a46437
af69af653e8e7905671553cadef1ff00c76cb61bb7badf7d0594027744a5b52e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2e301ee3b36cf1592e643aae5c2701d5c99fe13af0b497773a0873c2f86bf92
c3f32874ffc6de24e1f2bfcff522a6ee428805e73a86cddfe3d98dd3489c41b4
c5bfbe323fc1c8367f2a4908833a3497936903bc6bbb733b69dbb4a485715d02
cb8edc194b19d3d98529d605bed3c18a2bbcda6959a5886aa157473b6d2f6f78
de48737861defacd602d0b8656abecf2400c6c265c62b0927ccfa8c767e9fff3
e3624b05f45d848974e3efa74a5430414ce6b8cf5cd311f8b16588b70079d9f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f74bb888544f56807a8e9d7bf0b221872221d63c8888f8ce26690b1edddb61e0
fc491fc0cd8529f75bafca0871ab175cb10498b699ab9e530d0ccd7cfa171d75
ff6fe9cee09e5c51cc9bc362b1ac44a70f80e1b93138952f9249af5124a65655