urlscan.io logo urlscan.io
SecurityTrails logo

defi-mining.biz Open in urlscan Pro
192.124.249.119  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://defi-mining.biz/
Effective URL: https://defi-mining.biz/index.html
Submission: On October 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 20 HTTP transactions. The main IP is 192.124.249.119, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is defi-mining.biz.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 14th 2022. Valid for: a year.
This is the only time defi-mining.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
2 10 192.124.249.119 30148 (SUCURI-SEC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 163.171.133.124 54994 (QUANTILNE...)
6 43.152.56.130 139341 (ACE-AS-AP...)
1 120.26.1.94 37963 (ALIBABA-C...)
20 6
10    192.124.249.119 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10119.sucuri.net
defi-mining.biz
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    163.171.133.124 (France)

ASN54994 (QUANTILNETWORKS, US)
static.meiqia.com
6    43.152.56.130 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
edge-api.meiqia.com
new-api.meiqia.com
camorope-client-a.meiqia.com
1    120.26.1.94 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cdn.dcloud.net.cn
Apex Domain
Subdomains		 Transfer
10 meiqia.com
static.meiqia.com — Cisco Umbrella Rank: 278818
edge-api.meiqia.com — Cisco Umbrella Rank: 264367
new-api.meiqia.com — Cisco Umbrella Rank: 199132
camorope-client-a.meiqia.com — Cisco Umbrella Rank: 228186
265 KB
10 defi-mining.biz
defi-mining.biz
221 KB
1 dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 78585
579 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
335 KB
20 4
Domain Requested by
10 defi-mining.biz 2 redirects defi-mining.biz
4 static.meiqia.com defi-mining.biz
static.meiqia.com
3 new-api.meiqia.com static.meiqia.com
2 edge-api.meiqia.com static.meiqia.com
1 camorope-client-a.meiqia.com static.meiqia.com
1 cdn.dcloud.net.cn defi-mining.biz
1 cdn.jsdelivr.net defi-mining.biz
20 7

This site contains no links.

Subject Issuer Validity Valid
defi-mining.biz
Go Daddy Secure Certificate Authority - G2		 2022-09-14 -
2023-09-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.meiqia.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-06-20 -
2023-07-21		 a year crt.sh
*.dcloud.net.cn
Certum Domain Validation CA SHA2		 2022-07-21 -
2023-08-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://defi-mining.biz/index.html
Frame ID: BDCA44FDB7BB3CD46DC54307FCBA328C
Requests: 18 HTTP requests in this frame

Frame: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/app-v1.0.111.20221018_2.js
Frame ID: B3EFE13AD52880B6AA4B494D98C7B2C4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DeFI

Page URL History Show full URLs

  1. http://defi-mining.biz/ HTTP 301
    https://defi-mining.biz/ HTTP 302
    https://defi-mining.biz/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

7
Subdomains

6
IPs

4
Countries

820 kB
Transfer

2866 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://defi-mining.biz/ HTTP 301
    https://defi-mining.biz/ HTTP 302
    https://defi-mining.biz/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
defi-mining.biz/
Redirect Chain
  • http://defi-mining.biz/
  • https://defi-mining.biz/
  • https://defi-mining.biz/index.html
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
a3820d606f8949ce3ac78bdb2fb5aee548bb7cf4e43ac65a12b29cd22f627902
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
1471
content-security-policy
upgrade-insecure-requests;
content-type
text/html
date
Tue, 18 Oct 2022 13:49:36 GMT
etag
"5bf-5e96347f97622"
last-modified
Sat, 24 Sep 2022 02:45:02 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
REVALIDATED
x-sucuri-id
15019
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-encoding
gzip
content-length
204
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 18 Oct 2022 13:49:35 GMT
location
https://defi-mining.biz/index.html
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
EXPIRED
x-sucuri-id
15019
x-xss-protection
1; mode=block
web3.min.js
cdn.jsdelivr.net/npm/web3@latest/dist/ 		1 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d532f1e74af7c10e763a5026e6349fa53c1b37d309e75372b1f2e6b179943c39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23073
x-jsd-version
1.8.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA, cache-itm18843-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"16648f-R4utnSEtvhWVM9OqI1HDr78PS7g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uccqSMleq2fdQn81imJQgZYB9%2BzWGXXjYN8lX7sLIGK5O63vDa63mKM6NHA3rtZ5VeuM540MVINj21IH5u%2Fe8ekbt1rR%2FQtWDj98arfUzQDZYN%2B%2FqQAFpTfl0%2Fo%2Bw%2BqT919CMAujc%2B2XAH6Etdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75c1bcfbcf75bbf8-FRA
index.b0707a6a.css
defi-mining.biz/static/ 		92 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://defi-mining.biz/static/index.b0707a6a.css
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
2e58934882da710837ec1f0255b4bdc5b4824eadb66d0ca1aa970a65f9cbdc8d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:36 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
gzip
x-sucuri-cache
MISS
content-length
25813
x-xss-protection
1; mode=block
last-modified
Sat, 24 Sep 2022 02:45:02 GMT
server
nginx
etag
"17111-5e96347f97622-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-vendors.2d8bdd46.js
defi-mining.biz/static/js/ 		468 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://defi-mining.biz/static/js/chunk-vendors.2d8bdd46.js
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
020b09e7ede253842983f0f627d39a7552a9b6b4d8c4e45ef1e50e71afcb8bb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:36 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
gzip
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
last-modified
Sat, 24 Sep 2022 02:45:01 GMT
server
nginx
etag
"751e8-5e96347f4b359-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.439645e1.js
defi-mining.biz/static/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://defi-mining.biz/static/js/index.439645e1.js
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
6e70a839f63ce25eb09b98e6ad14a8ad9d46a38f62fd62026e00474d2c52eb59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:36 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
gzip
x-sucuri-cache
MISS
content-length
7217
x-xss-protection
1; mode=block
last-modified
Sat, 24 Sep 2022 02:45:01 GMT
server
nginx
etag
"6155-5e96347f4b359-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
meiqia.js
static.meiqia.com/dist/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/dist/meiqia.js
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.133.124 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9e7d8a474a88edcc8d707634588cb717b8271d1b81ebf7fc5116037a4e215d09
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:36 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
62D97249BFA7DB325E075199
content-md5
iN2q9daE1kbetuljDigTSQ==
age
1
x-via
1.1 PSfgblPAR2ff185:1 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2dz77:5 (Cdn Cache Server V2.0)
content-length
14695
x-oss-object-type
Normal
last-modified
Thu, 21 Jul 2022 02:39:16 GMT
server
AliyunOSS
etag
"88DDAAF5D684D646DEB6E9630E281349"
x-ws-request-id
634eaef0_PS-CDG-01tVU61_30137-1748
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4942505803677989402
x-oss-server-time
1
match
edge-api.meiqia.com/summer/widget/route/ 		515 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-api.meiqia.com/summer/widget/route/match
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/dist/meiqia.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
EdgeOne_L7S_OCMID /
Resource Hash
839c7b6bb4a155933810c2d04e2cbfacd24c18041247b481214e7635459e60a8

Request headers

Referer
https://defi-mining.biz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Tue, 18 Oct 2022 13:49:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
req-arrive-time
1666100977854
req-cost-time
2
x-envoy-upstream-service-time
2
x-logid
0cca634eaef14a04e173
server
EdgeOne_L7S_OCMID
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-nws-log-uuid
375113170530178706
resp-start-time
1666100977857
access-control-allow-headers
Alpha,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,usetemauthorization
x-cost
0.004
match
edge-api.meiqia.com/summer/widget/route/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge-api.meiqia.com/summer/widget/route/match
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
EdgeOne_L7S_OCMID /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://defi-mining.biz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Signature,Recaptcha-Token,Captcha-Token,Captcha-Value,X-Run-Env,X-Run-Version,Alpha,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Recaptcha-Token,Captcha-Value,X-Mac-Addr,X-App-Key,Captcha-Token,Captcha-Needed,Product,X-Message-Digest,usetemauthorization,x-env-qa,x-ca-key,x-ca-nonce,x-ca-signature-method,x-ca-signature,x-ca-signature-headers,x-ca-timestamp,Content-MD5,X-MQ-ENTERPRISE-TOKEN,X-MQ-PROJECT,X-MQ-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://defi-mining.biz
access-control-max-age
1728000
content-length
0
date
Tue, 18 Oct 2022 13:49:37 GMT
server
EdgeOne_L7S_OCMID
x-cache-lookup
Cache Miss Cache Miss
x-cost
0.000
x-logid
0cca634eaef14a05d181
x-nws-log-uuid
4955411037295180315
pages-index-index.86d1c6ab.js
defi-mining.biz/static/js/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://defi-mining.biz/static/js/pages-index-index.86d1c6ab.js
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/static/js/index.439645e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
74d549de9df9eebcb13ff6dfc8c4abf022f3899e9cabbea53f76b135f17c505e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:37 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
gzip
x-sucuri-cache
MISS
content-length
6031
x-xss-protection
1; mode=block
last-modified
Sat, 24 Sep 2022 02:45:01 GMT
server
nginx
etag
"2619-5e96347f4b359-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
trx.760fdf0a.png
defi-mining.biz/static/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://defi-mining.biz/static/img/trx.760fdf0a.png
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
3fc65a19cf0539cf6ed188ab05e5193111a8041ba712952d2b0fe4b628b38523
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:38 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Fri, 02 Sep 2022 08:44:31 GMT
server
nginx
etag
"22c9-5e7adbd1768da"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
content-length
8905
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
BNB.7ae10f58.png
defi-mining.biz/static/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://defi-mining.biz/static/img/BNB.7ae10f58.png
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
34cb1ede9bb414504f7a5deb794a7414a9a95f1bc76debf5f7f55e99c9190b7e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:38 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Fri, 02 Sep 2022 08:44:31 GMT
server
nginx
etag
"2fb5-5e7adbd1768da"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
content-length
12213
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
MATIC.8c66ba12.png
defi-mining.biz/static/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://defi-mining.biz/static/img/MATIC.8c66ba12.png
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
92b44934ce0c12dd0ffd2ed1426a81969e63e68da13e137de68e1a6cfeb54c86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:38 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Fri, 02 Sep 2022 08:44:31 GMT
server
nginx
etag
"203e-5e7adbd1768da"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
content-length
8254
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
entrypoint-v1.0.111.20221018_2.js
static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/ 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/entrypoint-v1.0.111.20221018_2.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/dist/meiqia.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.133.124 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
636f0fdb8e13cca077d60fc6e6a1afa82020ad71c2aee021f5b2419f4753cd0b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:38 GMT
content-encoding
gzip
x-oss-request-id
634E4555BFA7DB34720A4489
content-md5
ud2OxNJjSMBiD/u3ihHGag==
age
1
strict-transport-security
max-age=5184000;includeSubdomains
x-via
1.1 PSfgblPAR2gc184:9 (Cdn Cache Server V2.0), 1.1 PS-CDG-01orF60:0 (Cdn Cache Server V2.0)
x-oss-object-type
Normal
last-modified
Tue, 18 Oct 2022 06:17:37 GMT
server
AliyunOSS
x-ws-request-id
634eaef2_PS-CDG-01tVU61_30137-1801
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15036847132764628723
x-oss-server-time
2
app-v1.0.111.20221018_2.js
static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/ Frame B3EF 		653 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/app-v1.0.111.20221018_2.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/entrypoint-v1.0.111.20221018_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.133.124 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9b15e3ea866cdb574e0ba0699ea5b1ec6db22024e153cdf8f7ddacc90d8fa24f
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:38 GMT
content-encoding
gzip
x-oss-request-id
634E4556C0346BE18A27482F
content-md5
IL2i7f/cv12p4pVaQDPZVA==
age
1
strict-transport-security
max-age=5184000;includeSubdomains
x-via
1.1 PSfgblPAR2gc184:7 (Cdn Cache Server V2.0), 1.1 PS-CDG-01orF60:21 (Cdn Cache Server V2.0)
x-oss-object-type
Normal
last-modified
Tue, 18 Oct 2022 06:17:37 GMT
server
AliyunOSS
x-ws-request-id
634eaef2_PS-CDG-01tVU61_30137-1805
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11903442172910534654
x-oss-server-time
5
get_base_config
new-api.meiqia.com/visit/ 		1009 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/get_base_config?ent_id=5edf316df508f665973563f68aa3183a
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/entrypoint-v1.0.111.20221018_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
EdgeOne_L7S_OCMID /
Resource Hash
f8ec054e64c9fcabfd3581094f0dafa705670657ef3c11a30be9302d630fca7f

Request headers

Accept
application/json
Referer
https://defi-mining.biz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
x-logid
0cca634eaef34a04e36a
server
EdgeOne_L7S_OCMID
access-control-max-age
300
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=60
access-control-allow-credentials
true
x-nws-log-uuid
17912601851092276406
accept-ranges
bytes
access-control-allow-headers
*
x-cost
0.008
expires
Tue, 18 Oct 2022 13:50:39 GMT
en.json
static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/lang/ Frame B3EF 		9 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/lang/en.json
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/app-v1.0.111.20221018_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.133.124 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b553c17748396a2111999737b188ad1ff7d150ad14b0bce03e6c3b656ddf1d93
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:38 GMT
content-encoding
gzip
x-oss-request-id
634E45699FB240F3D405B719
content-md5
vgidl5EeQIXa+6DJ04GCcw==
age
1
strict-transport-security
max-age=5184000;includeSubdomains
x-via
1.1 PSfgblPAR2gc184:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2cm80:10 (Cdn Cache Server V2.0)
x-oss-object-type
Normal
last-modified
Tue, 18 Oct 2022 06:17:37 GMT
server
AliyunOSS
access-control-max-age
60
access-control-allow-methods
POST, GET, PUT, DELETE, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
x-ws-request-id
634eaef2_PS-CDG-01tVU61_29639-48085
cache-control
max-age=360
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6943503972603226952
x-oss-server-time
1
shadow-grey.png
cdn.dcloud.net.cn/img/ 		136 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: defi-mining.biz
URL: https://defi-mining.biz/static/index.b0707a6a.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.26.1.94 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://defi-mining.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 13:49:40 GMT
Last-Modified
Thu, 06 Jun 2019 06:42:07 GMT
Server
nginx
ETag
"5cf8b5bf-88"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
close
Accept-Ranges
bytes
Content-Length
136
Expires
Tue, 18 Oct 2022 15:49:40 GMT
start
new-api.meiqia.com/visit/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/start?ent_id=5edf316df508f665973563f68aa3183a&track_id=&title=DeFI&referrer_url=&url=https:%2F%2Fdefi-mining.biz%2Findex.html%23%2F&is_standalone=false
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/entrypoint-v1.0.111.20221018_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
EdgeOne_L7S_OCMID /
Resource Hash
f1c2711be566df3edd47c0835579515f9596144353b398f3c59d7ed5f45ed625

Request headers

Accept
application/json
Referer
https://defi-mining.biz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-logid
0b80634eaef46b4f6d7a
date
Tue, 18 Oct 2022 13:49:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
server
EdgeOne_L7S_OCMID
vary
Accept-Encoding
access-control-max-age
300
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
private, must-revalidate, max-age=0
x-nws-log-uuid
13574195704340333626
x-cost
0.057
x-request-id
Fx8uA5ErgbXDncE_tm_B
attr_configs
new-api.meiqia.com/unified-api/crm/v1/ 		3 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/unified-api/crm/v1/attr_configs?ent_id=314321
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/entrypoint-v1.0.111.20221018_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
EdgeOne_L7S_OCMID /
Resource Hash
56d84ff7a6aecfddcdbb0a286ee5b9ac5776f4d6b6b91f8036888e02f167a247

Request headers

Accept
application/json
Referer
https://defi-mining.biz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-logid
0b80634eaef46b4ed455
date
Tue, 18 Oct 2022 13:49:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
server
EdgeOne_L7S_OCMID
vary
Accept-Encoding, Origin
access-control-max-age
300
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-nws-log-uuid
12334461846899284163
x-cost
0.006
info
camorope-client-a.meiqia.com/push/ Frame B3EF 		62 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://camorope-client-a.meiqia.com/push/info?browser_id=18dae338b2f6749456a3d03b904879aa&ent_id=314321&track_id=2GJJv4QlEhBRpVN88VIwqJxUuou&visit_id=2GJJvAgohaIturwftrqvRhrUs6r&t=1666100980520
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget-prod/v1.0.111.20221018_2/app-v1.0.111.20221018_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
EdgeOne_L7S_OCMID /
Resource Hash
c09c80a97d4565bcf8c842cab915685dec6165047d663a356aa350f1b1373c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 13:49:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
server
EdgeOne_L7S_OCMID
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://defi-mining.biz
access-control-allow-credentials
true
x-nws-log-uuid
15379073684849564521

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| coverSupport function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 function| _MEIQIA object| __core-js_shared__ object| core string| _agent_chat_type object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| ClipboardJS object| _widgetBundleName string| backendApi string| publicUrl string| socketUrl undefined| MQ_X_CA_KEY undefined| MQ_X_CA_SECRET object| _CHAT_GLOBAL_API_CONFIG_ object| meiqia

5 Cookies

Domain/Path Name / Value
defi-mining.biz/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVwT2xOdlYySDN6OThnOGZWQktNaUE9PSIsInZhbHVlIjoibEg0Skl3ajdxc2kyVkEvUnZMZkZieUx0L01MWXdmUHFuR0l0amJzTVJrb1BIQm1EUEN4NGgvVkZzSHBheUZIU3JVVDJYT2lXS09xU2U2VDhpbXBoOXBCbnpBVXd1Uks1V0NCSnNXa3FxSWJMZ3NDN3FhMndUSUlOQXA5d05CYXMiLCJtYWMiOiJmYjU1MWY1OGRhNTBkNDRmOTljYWIzZGZmMDZjODM0OGFmMzY1ODYwODdkZTg1ZWQ2MDNkYWYwODhlODI1YzRkIiwidGFnIjoiIn0%3D
defi-mining.biz/ Name: laravel_session
Value: eyJpdiI6IjZGZjVsMDBlNzA2UDRBeHh1RW5wYWc9PSIsInZhbHVlIjoiZXd5Y2V3OXRIRkU1SDI1OTYwQmdSUUF6Nm52WWNBSCsvbTBGOVJnQU45U1puMGVOQXVYZWV4aE42NGVpR1BXcHBmSkg3bmxwUDhNT21TMHpjalhvZmgyQXBZOFl4M29tRExiaUtmTDBvK0w5dzdPWTR6a2MvQlNQdzE5UHErZFIiLCJtYWMiOiI0YTNiMzQ3NDQxMWI2MWI5NTViOWJkYTU5YzI5ZTdlYzhmOTAwM2VkY2Y5ZDljZWQ5ZTNmZmEwZTExNTE2N2ExIiwidGFnIjoiIn0%3D
.dcloud.net.cn/ Name: __uni__uid
Value: CgEB5WNOrvR1GSBLfWzpAg==
.defi-mining.biz/ Name: MEIQIA_TRACK_ID
Value: 2GJJv4QlEhBRpVN88VIwqJxUuou
.defi-mining.biz/ Name: MEIQIA_VISIT_ID
Value: 2GJJvAgohaIturwftrqvRhrUs6r

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

camorope-client-a.meiqia.com
cdn.dcloud.net.cn
cdn.jsdelivr.net
defi-mining.biz
edge-api.meiqia.com
new-api.meiqia.com
static.meiqia.com
120.26.1.94
163.171.133.124
192.124.249.119
2606:4700::6810:5614
43.152.56.130
020b09e7ede253842983f0f627d39a7552a9b6b4d8c4e45ef1e50e71afcb8bb4
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
2e58934882da710837ec1f0255b4bdc5b4824eadb66d0ca1aa970a65f9cbdc8d
34cb1ede9bb414504f7a5deb794a7414a9a95f1bc76debf5f7f55e99c9190b7e
3fc65a19cf0539cf6ed188ab05e5193111a8041ba712952d2b0fe4b628b38523
56d84ff7a6aecfddcdbb0a286ee5b9ac5776f4d6b6b91f8036888e02f167a247
636f0fdb8e13cca077d60fc6e6a1afa82020ad71c2aee021f5b2419f4753cd0b
6e70a839f63ce25eb09b98e6ad14a8ad9d46a38f62fd62026e00474d2c52eb59
74d549de9df9eebcb13ff6dfc8c4abf022f3899e9cabbea53f76b135f17c505e
839c7b6bb4a155933810c2d04e2cbfacd24c18041247b481214e7635459e60a8
92b44934ce0c12dd0ffd2ed1426a81969e63e68da13e137de68e1a6cfeb54c86
9b15e3ea866cdb574e0ba0699ea5b1ec6db22024e153cdf8f7ddacc90d8fa24f
9e7d8a474a88edcc8d707634588cb717b8271d1b81ebf7fc5116037a4e215d09
a3820d606f8949ce3ac78bdb2fb5aee548bb7cf4e43ac65a12b29cd22f627902
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
b553c17748396a2111999737b188ad1ff7d150ad14b0bce03e6c3b656ddf1d93
c09c80a97d4565bcf8c842cab915685dec6165047d663a356aa350f1b1373c0e
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d532f1e74af7c10e763a5026e6349fa53c1b37d309e75372b1f2e6b179943c39
f1c2711be566df3edd47c0835579515f9596144353b398f3c59d7ed5f45ed625
f8ec054e64c9fcabfd3581094f0dafa705670657ef3c11a30be9302d630fca7f