www.turnamen-ff-indonesia.update34.gq Open in urlscan Pro
176.223.136.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.turnamen-ff-indonesia.update34.gq/
Submission: On October 16 via automatic, source certstream-suspicious (October 16th 2019, 12:48:05 pm UTC)

Summary HTTP 28 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 176.223.136.72, located in Vilnius, Lithuania and belongs to RACKRAY UAB Rakrejus, LT. The main domain is www.turnamen-ff-indonesia.update34.gq.
TLS certificate: Issued by turnamen-ff-indonesia.update34.gq on October 16th 2019. Valid for: a year.

This is the only time www.turnamen-ff-indonesia.update34.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address		AS Autonomous System
13	176.223.136.72 176.223.136.72		62282 (RACKRAY U...) (RACKRAY UAB Rakrejus)
12	202.73.18.20 202.73.18.20		58816 (IDNIC-GAR...) (IDNIC-GARENA-AS-ID PT Garena Indonesia)
1	2a00:1450:400... 2a00:1450:4001:81c::200e		15169 (GOOGLE) (GOOGLE - Google LLC)
28	4

13 176.223.136.72 (Vilnius, Lithuania)

ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: 2g2k.c.time4vps.cloud

www.turnamen-ff-indonesia.update34.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 202.73.18.20 (Indonesia)

ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID)

turnamen.ff.garena.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	update34.gq www.turnamen-ff-indonesia.update34.gq	415 KB
12	garena.co.id turnamen.ff.garena.co.id	246 KB
1	gstatic.com encrypted-tbn0.gstatic.com	39 KB
0	googleapis.com Failed fonts.googleapis.com Failed
28	4

	Domain	Requested by
13	www.turnamen-ff-indonesia.update34.gq	www.turnamen-ff-indonesia.update34.gq
12	turnamen.ff.garena.co.id	www.turnamen-ff-indonesia.update34.gq
1	encrypted-tbn0.gstatic.com	www.turnamen-ff-indonesia.update34.gq
0	fonts.googleapis.com Failed	www.turnamen-ff-indonesia.update34.gq
28	4

This site contains no links.

Subject Issuer	Validity	Valid
turnamen-ff-indonesia.update34.gq turnamen-ff-indonesia.update34.gq	`2019-10-16` - `2020-10-15`	a year	crt.sh
turnamen.ff.garena.co.id Let's Encrypt Authority X3	`2019-08-19` - `2019-11-17`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.turnamen-ff-indonesia.update34.gq/
Frame ID: DA52FE7311B12E7C532FD21528C87EF4
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

46 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

700 kB
Transfer

695 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.turnamen-ff-indonesia.update34.gq/ 5 KB
5 KB 225ms
30ms Document
text/html 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 46ce415f0d2687ee6d793741e9b932b694e880e64a789b80d618ff0b68065cde

Request headers

Host: www.turnamen-ff-indonesia.update34.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Server: Apache
Last-Modified: Mon, 20 May 2019 13:57:28 GMT
Accept-Ranges: bytes
Content-Length: 4945
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK bootstrap.min.css
www.turnamen-ff-indonesia.update34.gq/Assets/css/ 114 KB
115 KB 29ms
28ms Stylesheet
text/css 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/css/bootstrap.min.css
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 4b4be84eb6b751d4269d69e69bd08658a44dbf3b0ba582430914d9cc4077f1d3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 117155

GET
H/1.1 200
OK font-awesome.min.css
www.turnamen-ff-indonesia.update34.gq/Assets/font-awesome/css/ 23 KB
23 KB 85ms
29ms Stylesheet
text/css 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/font-awesome/css/font-awesome.min.css
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 01d74a54e8c921b9248c1509d59967c39ae3ee6addebb4024d1eb941ae23b088

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:20 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23722

GET
H/1.1 200
OK animate.min.css
www.turnamen-ff-indonesia.update34.gq/Assets/css/ 52 KB
53 KB 94ms
35ms Stylesheet
text/css 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/css/animate.min.css
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 85a07b18bdaadf71b43aac789a3103ec138a0223acfbc7e3a99ac65906466a2d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 53593

GET
H/1.1 200
OK creative.css
www.turnamen-ff-indonesia.update34.gq/Assets/css/ 10 KB
10 KB 89ms
30ms Stylesheet
text/css 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/css/creative.css
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 64808cb86ec7ad6a9ff90bf47fd3495fdcae6bf0964162f0a87bfb3705df7c8c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Sat, 30 Mar 2019 05:43:00 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10293

GET
H/1.1 200
OK button_daftarsekarang.png
www.turnamen-ff-indonesia.update34.gq/ 8 KB
8 KB 92ms
30ms Image
image/png 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.turnamen-ff-indonesia.update34.gq/button_daftarsekarang.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: eb1e2b38f7f8d879a2954a17aa63523e9c9c38f2d7a04beaae21b00992cfaa15

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Sun, 24 Mar 2019 08:21:42 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8039

GET
H2 200 Icon_piala.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 31 KB
31 KB 755ms
363ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/Icon_piala.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: dcbd305ef176c94f4c0f056fb4228ae6616ed55e40312062528cf9b688625ab3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-7a0d"
content-type: image/png
status: 200
content-length: 31245

GET
H2 200 word_piala.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/BUTTON_TEXT/ 7 KB
7 KB 1115ms
724ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/BUTTON_TEXT/word_piala.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 1cc601fbae94a70027ec0268b4c41b39f50fb7d4668190fa7265079fc7c30f9d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-1afe"
content-type: image/png
status: 200
content-length: 6910

GET
H2 200 icon_globe.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 36 KB
36 KB 1115ms
724ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/icon_globe.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 8dc2617301f9af0fcffd4ddf4a44fdf0c3be87db7cf7070fba64b76594844fb4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-8f9a"
content-type: image/png
status: 200
content-length: 36762

GET
H2 200 word_globe.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/BUTTON_TEXT/ 9 KB
10 KB 756ms
366ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/BUTTON_TEXT/word_globe.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: caf048931203bf411cd30c4d9db709ba0cd3ffac1c0e6e52972eb0e88550b087

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-2596"
content-type: image/png
status: 200
content-length: 9622

GET
H2 200 icon_star.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 40 KB
40 KB 754ms
364ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/icon_star.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: c2a22edcc485174f6cec3563beea841a4257919fa6dc14f8530f5caf10ad1762

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-a047"
content-type: image/png
status: 200
content-length: 41031

GET
H2 200 word_star.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/BUTTON_TEXT/ 9 KB
9 KB 756ms
365ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/BUTTON_TEXT/word_star.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: ddadf6a78e3c8c97f08e97f3f7c769bc07585f1f0cf9f1c3454fd003f6d0a6f6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-2527"
content-type: image/png
status: 200
content-length: 9511

GET
H2 200 logo_past_event.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/mobile/ 85 KB
85 KB 361ms
360ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/mobile/logo_past_event.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 7062552088861320f6362f484168714484455fef40063ef5c79fe7220adbb9b0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-152a6"
content-type: image/png
status: 200
content-length: 86694

GET
H2 200 icon_whitelogo.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ 23 KB
23 KB 362ms
361ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/icon_whitelogo.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 481491790e35aff709f1f9b66065aee45f51dbe414383b3dadcb2c34c80864ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-5d1e"
content-type: image/png
status: 200
content-length: 23838

GET
H2 200 icon_fb.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 946 B
1 KB 361ms
360ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/icon_fb.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 63e7b0fed338adc2f1f48f876783441b72db7d53308632a3a278b5cc0e6172fd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-3b2"
content-type: image/png
status: 200
content-length: 946

GET
H2 200 icon_ig.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 1 KB
1 KB 360ms
359ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/icon_ig.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 1a8d5b5235a5cb23a85712b922e0cb1c94d26ba61f9c92626a8847abead174c1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-526"
content-type: image/png
status: 200
content-length: 1318

GET
H2 200 icon_yt.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 1 KB
1 KB 360ms
359ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/icon_yt.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 3c353136b686b491339a58614b2f8aeef110e58b70fe292fad307f8e068d298c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-449"
content-type: image/png
status: 200
content-length: 1097

GET
H2 200 icon_discord.png
turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/ 1 KB
2 KB 360ms
360ms Image
image/png 202.73.18.20
IDNIC-GARENA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/indonesiamasters/assets/img/desktop/ICON/icon_discord.png
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.73.18.20 , Indonesia, ASN58816 (IDNIC-GARENA-AS-ID PT Garena Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 59051fbec185366d9113ec4a3fb625cd2f0ac5c716cc04569e09aa271498776e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:47 GMT
last-modified: Fri, 21 Dec 2018 05:02:25 GMT
server: nginx
accept-language: bytes
etag: "5c1c73e1-587"
content-type: image/png
status: 200
content-length: 1415

GET
H/1.1 200
OK jquery.js Show response
www.turnamen-ff-indonesia.update34.gq/Assets/js/ 94 KB
94 KB 93ms
32ms Script
application/javascript 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/js/jquery.js
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 95785

GET
H/1.1 200
OK bootstrap.min.js Show response
www.turnamen-ff-indonesia.update34.gq/Assets/js/ 35 KB
35 KB 42ms
42ms Script
application/javascript 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/js/bootstrap.min.js
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 35452

GET
H/1.1 200
OK jquery.easing.min.js Show response
www.turnamen-ff-indonesia.update34.gq/Assets/js/ 5 KB
6 KB 41ms
41ms Script
application/javascript 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/js/jquery.easing.min.js
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5564

GET
H/1.1 200
OK jquery.fittext.js Show response
www.turnamen-ff-indonesia.update34.gq/Assets/js/ 1 KB
1 KB 29ms
29ms Script
application/javascript 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/js/jquery.fittext.js
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: c499a934a3a4111346993c847d1b0ecd309295fb2d3f0e57b9d44ecaac732e17

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1074

GET
H/1.1 200
OK wow.min.js Show response
www.turnamen-ff-indonesia.update34.gq/Assets/js/ 8 KB
8 KB 30ms
30ms Script
application/javascript 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/js/wow.min.js
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8182

GET
H/1.1 200
OK creative.js Show response
www.turnamen-ff-indonesia.update34.gq/Assets/js/ 1 KB
1 KB 29ms
29ms Script
application/javascript 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/js/creative.js
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: 41f0297d6be44acaaff666872d5e4318167760ef061bb5205b81875ee4c53ccc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1271

GET css
fonts.googleapis.com/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 38 KB
39 KB 91ms
67ms Image
image/jpeg 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcTchg0fFizewT4X-qfxnWEAh9NCg-5se7Nwz13NVrooMCigdQED

Requested by

Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

919180a3ed8b2f596b8bc35684191ff4b920bc4c4e62a311fd5925e1d63a0d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/Assets/css/creative.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:47:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jan 2019 19:38:53 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39360
x-xss-protection: 0
expires: Thu, 15 Oct 2020 12:47:46 GMT

GET
H/1.1 200
OK fontawesome-webfonte0a5.woff2
www.turnamen-ff-indonesia.update34.gq/Assets/font-awesome/fonts/ 55 KB
56 KB 29ms
29ms Font
font/woff2 176.223.136.72
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turnamen-ff-indonesia.update34.gq/Assets/font-awesome/fonts/fontawesome-webfonte0a5.woff2
Requested by: Host: www.turnamen-ff-indonesia.update34.gq
URL: https://www.turnamen-ff-indonesia.update34.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.223.136.72 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS: 2g2k.c.time4vps.cloud
Software: Apache /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.turnamen-ff-indonesia.update34.gq/Assets/font-awesome/css/font-awesome.min.css
Origin: https://www.turnamen-ff-indonesia.update34.gq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 12:47:46 GMT
Last-Modified: Wed, 03 Jan 2018 16:46:22 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 56780

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery1111016470472004810754 function| WOW

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

encrypted-tbn0.gstatic.com
fonts.googleapis.com
turnamen.ff.garena.co.id
www.turnamen-ff-indonesia.update34.gq
fonts.googleapis.com
176.223.136.72
202.73.18.20
2a00:1450:4001:81c::200e
01d74a54e8c921b9248c1509d59967c39ae3ee6addebb4024d1eb941ae23b088
1a8d5b5235a5cb23a85712b922e0cb1c94d26ba61f9c92626a8847abead174c1
1cc601fbae94a70027ec0268b4c41b39f50fb7d4668190fa7265079fc7c30f9d
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
3c353136b686b491339a58614b2f8aeef110e58b70fe292fad307f8e068d298c
41f0297d6be44acaaff666872d5e4318167760ef061bb5205b81875ee4c53ccc
46ce415f0d2687ee6d793741e9b932b694e880e64a789b80d618ff0b68065cde
481491790e35aff709f1f9b66065aee45f51dbe414383b3dadcb2c34c80864ef
4b4be84eb6b751d4269d69e69bd08658a44dbf3b0ba582430914d9cc4077f1d3
59051fbec185366d9113ec4a3fb625cd2f0ac5c716cc04569e09aa271498776e
63e7b0fed338adc2f1f48f876783441b72db7d53308632a3a278b5cc0e6172fd
64808cb86ec7ad6a9ff90bf47fd3495fdcae6bf0964162f0a87bfb3705df7c8c
7062552088861320f6362f484168714484455fef40063ef5c79fe7220adbb9b0
85a07b18bdaadf71b43aac789a3103ec138a0223acfbc7e3a99ac65906466a2d
8dc2617301f9af0fcffd4ddf4a44fdf0c3be87db7cf7070fba64b76594844fb4
919180a3ed8b2f596b8bc35684191ff4b920bc4c4e62a311fd5925e1d63a0d19
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
c2a22edcc485174f6cec3563beea841a4257919fa6dc14f8530f5caf10ad1762
c499a934a3a4111346993c847d1b0ecd309295fb2d3f0e57b9d44ecaac732e17
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
caf048931203bf411cd30c4d9db709ba0cd3ffac1c0e6e52972eb0e88550b087
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
dcbd305ef176c94f4c0f056fb4228ae6616ed55e40312062528cf9b688625ab3
ddadf6a78e3c8c97f08e97f3f7c769bc07585f1f0cf9f1c3454fd003f6d0a6f6
eb1e2b38f7f8d879a2954a17aa63523e9c9c38f2d7a04beaae21b00992cfaa15
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba