garena.fvplcup.vn
Open in
urlscan Pro
103.200.23.160
Malicious Activity!
Public Scan
Effective URL: https://garena.fvplcup.vn/loginn
Submission: On April 30 via manual from IL — Scanned from IL
Summary
TLS certificate: Issued by R3 on April 10th 2024. Valid for: 3 months.
This is the only time garena.fvplcup.vn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Garena Free Fire (Gaming)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.200.23.160 103.200.23.160 | 135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP) | |
18 | 202.81.112.197 202.81.112.197 | 58521 (GARENA-SG...) (GARENA-SG Garena Online Pte Ltd) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.238 142.250.185.238 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.36 142.250.186.36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
1 | 18.66.102.48 18.66.102.48 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.122.18 18.66.122.18 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 142.250.185.227 142.250.185.227 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.194.34.243 18.194.34.243 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 125.212.198.219 125.212.198.219 | 38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd) | |
31 | 12 |
ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: host160.vietnix.vn
garena.fvplcup.vn |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
apis.google.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-48.fra56.r.cloudfront.net
js.captcha-display.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-18.fra60.r.cloudfront.net
js.datadome.co |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-34-243.eu-central-1.compute.amazonaws.com
api-js.datadome.co |
ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)
cdn.vn.garenanow.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
garena.com
sso.garena.com — Cisco Umbrella Rank: 758246 |
149 KB |
2 |
datadome.co
js.datadome.co — Cisco Umbrella Rank: 5342 api-js.datadome.co — Cisco Umbrella Rank: 4941 |
28 KB |
2 |
google.com
apis.google.com — Cisco Umbrella Rank: 127 www.google.com — Cisco Umbrella Rank: 2 |
22 KB |
1 |
garenanow.com
cdn.vn.garenanow.com — Cisco Umbrella Rank: 304643 |
12 KB |
1 |
gstatic.com
www.gstatic.com |
204 KB |
1 |
captcha-display.com
js.captcha-display.com — Cisco Umbrella Rank: 16152 |
5 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 767 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
9 KB |
1 |
fvplcup.vn
garena.fvplcup.vn |
3 KB |
31 | 9 |
Domain | Requested by | |
---|---|---|
18 | sso.garena.com |
garena.fvplcup.vn
sso.garena.com |
1 | cdn.vn.garenanow.com | |
1 | api-js.datadome.co |
js.datadome.co
|
1 | www.gstatic.com |
www.google.com
|
1 | js.datadome.co |
garena.fvplcup.vn
|
1 | js.captcha-display.com |
garena.fvplcup.vn
|
1 | code.jquery.com |
garena.fvplcup.vn
|
1 | www.google.com |
garena.fvplcup.vn
|
1 | apis.google.com |
garena.fvplcup.vn
|
1 | cdnjs.cloudflare.com |
garena.fvplcup.vn
|
1 | garena.fvplcup.vn | |
31 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
platform.garena.vn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
garena.fvplcup.vn R3 |
2024-04-10 - 2024-07-09 |
3 months | crt.sh |
*.garena.com GeoTrust TLS RSA CA G1 |
2023-08-11 - 2024-08-11 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.apis.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.captcha-display.com Amazon RSA 2048 M03 |
2024-01-14 - 2025-02-11 |
a year | crt.sh |
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3 |
2023-10-10 - 2024-11-09 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
cdn.vn.garenanow.com ZeroSSL RSA Domain Secure Site CA |
2024-03-09 - 2024-06-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://garena.fvplcup.vn/loginn
Frame ID: CA52EC79CAD82309A3D00EF6743C7AB8
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
Garena Account CenterPage URL History Show full URLs
-
http://garena.fvplcup.vn/loginn
HTTP 307
https://garena.fvplcup.vn/loginn Page URL
Detected technologies
Google Sign-in (Social logins) ExpandDetected patterns
- apis\.google\.com/js/platform\.js
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Datadome (Miscellaneous) Expand
Detected patterns
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://garena.fvplcup.vn/loginn
HTTP 307
https://garena.fvplcup.vn/loginn Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
loginn
garena.fvplcup.vn/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso.css
sso.garena.com/css/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shopee-captcha-main.css
sso.garena.com/css/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.min.js
sso.garena.com/js/ |
91 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
crypto.js
sso.garena.com/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
countries.js
sso.garena.com/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
locales.js
sso.garena.com/js/ |
856 B 728 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vi_f.js
sso.garena.com/i18n/sso/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/1.1.3/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
55 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 856 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fetch.umd.min.js
sso.garena.com/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
captcha-sdk-v2.0.1.js
sso.garena.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shopee-captcha-bundle.js
sso.garena.com/js/ |
126 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.cookie.js
sso.garena.com/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
settings.js
sso.garena.com/js/sso/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils.js
sso.garena.com/js/sso/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
captcha.js
sso.garena.com/js/sso/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content.js
sso.garena.com/js/sso/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
register.js
sso.garena.com/js/sso/ |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso.js
sso.garena.com/js/ |
37 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_garena_logo.png
sso.garena.com/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xhr_tag.js
js.captcha-display.com/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
sso.garena.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tags.js
js.datadome.co/ |
148 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ |
529 KB 204 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
6afdc763-56bb-4bd1-bf58-91d9fdeed20e
https://garena.fvplcup.vn/ |
597 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.datadome.co/js/ |
231 B 409 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
earth.png
sso.garena.com/images/ |
522 B 807 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
cdn.vn.garenanow.com/web/fo4vn/Khoa/2023/T9/FCO/ |
12 KB 12 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sso.garena.com
- URL
- https://sso.garena.com/i18n/sso/vi_f.js?v=0.58
- Domain
- sso.garena.com
- URL
- https://sso.garena.com/js/captcha-sdk-v2.0.1.js?v=0.02
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Garena Free Fire (Gaming)141 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ddCaptchaOptions boolean| ddCbh function| displayDataDomeCaptchaPage function| displayDataDomeResponsePage function| $ function| jQuery object| CryptoJS object| COUNTRY_LIST object| LOCALE_LIST function| axios string| ddjskey object| ddoptions object| gapi object| ___jsl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| WHATWGFetch string| SHOPEE_CAPTCHA_DOMAIN string| SHOPEE_CAPTCHA_GENERATE_URL string| SHOPEE_CAPTCHA_VERIFY_URL string| SHOPEE_CAPTCHA_REPORT_URL boolean| dataDomeProcessed object| dataDomeOptions boolean| ddShouldSkipFingerPrintReq object| recaptcha object| regeneratorRuntime object| captchaMobileVanilla function| Cookies object| SETTINGS string| captcha_key object| mobile_register_request string| SSO_SERVER_URL string| SSO_URL_API_PRELOGIN string| SSO_URL_API_LOGIN string| SSO_URL_API_LOGOUT string| SSO_URL_UI_REGISTER string| SSO_URL_API_AUTH string| SSO_URL_OAUTH_TOKEN_FACEBOOK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_VK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_LINE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_GOOGLE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_HUAWEI_EXCHANGE string| SSO_URL_OAUTH_TOKEN_APPLE_EXCHANGE_WEB string| SSO_URL_OAUTH_TOKEN_TWITTER_EXCHANGE string| SSO_URL_OAUTH_TWITTER_REQUEST_TOKEN string| SSO_URL_OAUTH_TOKEN_PGS_EXCHANGE string| SSO_URL_API_REG string| SSO_URL_API_REG_PREPARE string| SSO_URL_API_REG_CHECK string| SSO_URL_API_SEND_SMS_OTP string| SSO_URL_API_SEND_EMAIL_OTP string| DEFAULT_REDIRECT_URL string| FACEBOOK_OAUTH_URL string| VK_OAUTH_URL string| GOOGLE_OAUTH_URL string| LINE_OAUTH_URL string| HUAWEI_OAUTH_URL string| TWITTER_OAUTH_URL string| APPLE_OAUTH_URL string| GAS_APP_URL string| GAS_IOS string| GAS_ANDROID string| CAPTCHA_SERVICE string| CAPTCHA_SERVICE_TEST string| DEFAULT_LOCALE string| ACCOUNT_CENTER_URL string| ACCOUNT_CENTER_TEST_URL string| ACCOUNT_CENTER_RECOVERY_URL string| ACCOUNT_CENTER_RECOVERY_TEST_URL string| FB_PLATFORM_MODE number| KEY_CODE_ENTER number| PLATFORM_GARENA number| PLATFORM_BEETALK number| PLATFORM_FACEBOOK number| PLATFORM_VK number| PLATFORM_LINE number| PLATFORM_HUAWEI number| PLATFORM_GOOGLE number| PLATFORM_APPLE number| PLATFORM_TWITTER number| PLATFORM_PGS number| OTP_SMS_INTERVAL number| OTP_EMAIL_INTERVAL number| OTP_REGISTER_INTERVAL function| isMobile function| _ function| getLocale function| getCurrentBaseUrl function| getUrlParams function| getRequestParams function| getRequestParam function| getRequestFragments function| getRequestFragment function| getRedirectUriWithParms function| redirect function| redirectWithFragments function| setCookie function| removeCookie function| changePlatform function| requestJsonp function| requestJson function| showCaptcha function| getCookie function| uuid function| refreshCaptcha function| hideCaptcha object| ReCaptchaWidgetIDMap function| renderRecaptcha function| getRecaptchaWrapperID function| getGacaptchaWrapperID function| getShopeeCaptchaWrapperID function| centralizeCaptchaDialog function| initCaptchaDialog function| hideAllCaptchaWrapper function| hideCaptchaDialog function| getCaptchaID function| showDataDomeDialog function| ReCaptchaVerifyCallback function| showReCaptchaDialog function| showGarenaCaptchaDialog function| showShopeeCaptchaDialog function| requestJsonWithCaptchaDialogProtection function| clearPage function| centralizeContent function| showContent function| appendClearDiv function| clearMessage function| showMessage function| showMobileRegisterAlert function| showSuccess function| showError function| centralizeDialog function| removeDialog function| showDialog function| showPageDialog function| checkPasswordValid function| showRegisterPage function| showRegisterFinishPage object| SSO_SERVER1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fvplcup.vn/ | Name: datadome Value: 2cw~MI9yaG_JA7LkSrAY3X1le6VSHCoAUjOSddYJ~L0QrnVW0BteLlkJ_zcqWv_6ihwp3dW1xM2qokqsTn5Fz2ur1zRGyiwE0vH6qPLVwlVyD41eAQNOp_CXwO08LeJM |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-js.datadome.co
apis.google.com
cdn.vn.garenanow.com
cdnjs.cloudflare.com
code.jquery.com
garena.fvplcup.vn
js.captcha-display.com
js.datadome.co
sso.garena.com
www.google.com
www.gstatic.com
sso.garena.com
103.200.23.160
104.17.24.14
125.212.198.219
142.250.185.227
142.250.185.238
142.250.186.36
151.101.2.137
18.194.34.243
18.66.102.48
18.66.122.18
202.81.112.197
0a62cae9a473535230c2b017d8bd2794e536f649bc653da0ea78869d31bbd0a6
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263
1b38a4324d01fc2c721f51b04d8e9476bb43b7b19362da3db89788adaf434105
26aa3c85cede3634b92b7fb8cd6b941abfe1dfff30ec6933a6779c6b9a64f147
2703e86009fe561e1111c9a1ba3162943bc6ed9c3d6c2e6d4ca4e0f105b1335f
421d77a0e489b592870e4bb5379191960c6168f5f25372ee8859f4a09f592fe9
47fffe9cb26cb2202e5417bc993429c7ac998207d4b192a4d096376ae752fe96
4a99de6633d97c0ee02d122bae1f5e18e51080cbcbaa786dba60649151717b43
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
6d526fd8ed7efb090207e7f90f3e5d256e9abedcbb4e2feafc5050edfb9ade30
83962cc0615bd59aef1546ab40bc1870eb9487d10b1c817c18af5d9ca98e74ad
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c
870ccc11c716eef14e1c515aed13acfedfd486cd6213b67a032065397e660bb1
87815e8484a9445d01005526e7a86c40ec3aef73674871fb20f660093b44ce0d
8a61dcc3d3782dd66699ceb450d63ee1e5bf77e429ac4d3c613b52a1d6f8c98f
8f9c931f2c3086e38706ce79ee5af03173936106b88e0bc75edd8b6345be10bb
9dd195372c0aee175cee07ecb8c6a14d6013870db0d75d8807354722e5178bf0
ba23bffc36efb30892b6cca21b76dbb4372852a40818abd1cd1e9f7df21bbecd
bdd9f47e03d99d4445fb9b996db8148b566e4d62a6cbab5770c6a0e94330cec7
c08d15ff96eda7cf8b58ce5caac9482ae826147ed87f2eeee1684cfb676bb64c
c43f2ece6372930adab6073229f1d207b038763a126c94bd1e201c390961fc21
ef9f7a97112b56337060a43385cfa2ac084652cea78e9df94a7546411bd86a62
f044c6db150819618ec646c5dba0f9b9dd5fedc650cf0700a60853f43465bee0
fdee1a2ea7277beafba671cd09db7eeb0fbc08d1103521801b6e1d5c121c7cf0
fef0188f689fda271c9aaaa77ae94225f3d31a4fede8921ebb38e9bb3f627629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e