Source: https://online.pubhtml5.com/whlz/taka/ | SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social usering |
Source: https://online.pubhtml5.com/whlz/taka/#p=1 | SlashNext: Label: Fake Login Page type: Phishing & Social usering |
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe | File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll |
Source: unknown | HTTPS traffic detected: 13.227.156.43:443 -> 192.168.2.6:49717 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.227.156.43:443 -> 192.168.2.6:49718 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49722 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49721 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49724 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49723 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49725 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49720 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.6:49727 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.6:49726 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.227.156.43:443 -> 192.168.2.6:49737 version: TLS 1.2 |
Source: sdk[2].js.3.dr | String found in binary or memory: } }).call(global);})(window.inDapIF ? parent.window : window, window);} catch (e) {new Image().src="https:\/\/www.facebook.com\/" + 'common/scribe_endpoint.php?c=jssdk_error&m='+encodeURIComponent('{"error":"LOAD", "extra": {"name":"'+e.name+'","line":"'+(e.lineNumber||e.line)+'","script":"'+(e.fileName||e.sourceURL||e.script)+'","stack":"'+(e.stackTrace||e.stack)+'","revision":"1003360933","namespace":"FB","message":"'+e.message+'"}}');} equals www.facebook.com (Facebook) |
Source: sdk[2].js.3.dr | String found in binary or memory: * License: https://www.facebook.com/legal/license/MDzNl_j9yvg/ equals www.facebook.com (Facebook) |
Source: main[1].js.3.dr | String found in binary or memory: (function(){var d=getHost(window.location.href).toLowerCase();(-1<d.indexOf("fliphtml5.com")||-1<d.indexOf("pubhtml5.com")||-1<d.indexOf("anyflip.com")||-1<d.indexOf("flipbuilder.com")||bookConfig.facebookAppId)&&global.FB?(FB.init({appId:c(),status:!0,xfbml:!1,version:"v2.4"}),FB.ui({method:"feed",link:share_url.toString(),name:b.title,picture:share_url.toString()+b.screenshot,description:b.description})):window.open("http://www.facebook.com/sharer.php?u="+share_url.toString()+"&picture="+b.screenshot)})()}, equals www.facebook.com (Facebook) |
Source: main[1].js.3.dr | String found in binary or memory: 3:c.lastIndexOf("/")+1,c=c.substring(g,c.length));switch(b){case "vimeo":f=d+"://player.vimeo.com/video/"+c;break;case "youtube":f=d+"://www.youtube.com/embed/"+c;break;case "dailymotion":f=d+"://www.dailymotion.com/embed/video/"+c;break;case "wistia":f=d+"://fast.wistia.net/embed/iframe/"+c;break;case "youku":f=d+"://player.youku.com/embed/"+c;break;case "qq":f=d+"://v.qq.com/iframe/player.html?vid="+c}return f},initStyle:function(){this.background.css({position:"absolute",width:"100%",height:"100%", equals www.youtube.com (Youtube) |
Source: main[1].js.3.dr | String found in binary or memory: ["video gallery",BookInfo.getCurrentPages().join("-"),b.id,b.type,(new Date).getTime()]);var c,d=getProtocal();"youtube"===b.type&&(c=d+"www.youtube.com/embed/"+b.id+"?autoplay=1&wmode=transparent");"vimeo"===b.type&&(c=d+"player.vimeo.com/video/"+b.id+"?autoplay=1&wmode=transparent&portrait=0");this.video.attr("src",c);c=this.info.find(".description");this.info.find(".title").html(b.title);c.html(b.description)},initEvent:function(b){this.videoSwiper&&(isPhone()||isPad()?this.videoSwiper.scroll({}, equals www.youtube.com (Youtube) |
Source: sdk[2].js.3.dr | String found in binary or memory: __d("FBPixelEndpoint",["invariant","FBEventsParamList","FBEventsUtils"],(function(a,b,c,d,e,f,g){"use strict";f.sendEvent=a;var h="https://www.facebook.com/tr/",i=location.href,j=window.top!==window,k=document.referrer;function l(a,c,d,e){e===void 0&&(e={});var f=new(b("FBEventsParamList"))();f.append("id",a);f.append("ev",c);f.append("dl",i);f.append("rl",k);f.append("if",j);f.append("ts",new Date().valueOf());f.append("cd",d);f.append("sw",window.screen.width);f.append("sh",window.screen.height);for(var g in e)f.append(g,e[g]);return f}function a(a,b,c,d){a=l(a,b,c,d);b=a.toQueryString();2048>(h+"?"+b).length?m(h,b):n(h,a)}function m(a,b){var c=new Image();c.src=a+"?"+b}function n(a,c){var d="fb"+Math.random().toString().replace(".",""),e=document.createElement("form");e.method="post";e.action=a;e.target=d;e.acceptCharset="utf-8";e.style.display="none";a=!!(window.attachEvent&&!window.addEventListener);a=a?'<iframe name="'+d+'">':"iframe";var f=document.createElement(a);f instanceof HTMLIFrameElement||g(0,20659);f.src="javascript:false";f.id=d;f.name=d;e.appendChild(f);b("FBEventsUtils").listenOnce(f,"load",function(){c.each(function(a,b){var c=document.createElement("input");c.name=a;c.value=b;e.appendChild(c)}),b("FBEventsUtils").listenOnce(f,"load",function(){var a;(a=e.parentNode)==null?void 0:a.removeChild(e)}),e.submit()});(a=document.body)==null?void 0:a.appendChild(e)}}),null); equals www.facebook.com (Facebook) |
Source: main[1].js.3.dr | String found in binary or memory: d.lastIndexOf("?v=")+3:d.lastIndexOf("/")+1,d=d.substring(f,d.length)),d=$("<iframe class='youtube-player' type='text/html' width='"+this.videoWidth+"' height='"+this.videoHeight+"' src='"+c+"://www.youtube.com/embed/"+d+"?autoplay=1&mute=1' frameborder='0' allowfullscreen='true' style='position: absolute; opacity: "+this.config.alpha+"'></iframe>"),this.vimeoFrame=new Media(d,"youtube"));"dailymotion"==b&&(d=$("<iframe id=woiframe width='"+this.videoWidth+"' height='"+this.videoHeight+"' src='"+ equals www.youtube.com (Youtube) |
Source: main[1].js.3.dr | String found in binary or memory: this.config.alpha+"'></iframe>"),this.vimeoFrame=new Media(d,"qq"))},getURL:function(b){var c=this.config.id,d="https"==(window.location.href?window.location.href.toLowerCase():"http:").substring(0,5)?"https":"http",f="";if("vimeo"==b)var g=c.lastIndexOf("/"),c=c.substring(g+1);"youtube"==b&&-1<c.indexOf("/")&&(g=-1<c.indexOf("?v=")?c.lastIndexOf("?v=")+3:c.lastIndexOf("/")+1,c=c.substring(g,c.length));switch(b){case "vimeo":f=d+"://player.vimeo.com/video/"+c;break;case "youtube":f=d+"://www.youtube.com/embed/"+ equals www.youtube.com (Youtube) |
Source: main[1].js.3.dr | String found in binary or memory: this.prefix+"://www.youtube.com/embed/"+this.sVideoId,"Youtube"]),this.youtubeFrame.pause())},playVideo:function(){this.youtubeFrame&&(BookEvent.trigger("playMedia",["playYoutube",BookInfo.getCurrentPageIndex(),this.prefix+"://www.youtube.com/embed/"+this.sVideoId,"Youtube"]),this.firstTime?(this.youtubeFrame.$media.on("load",function(){this.youtubeFrame.play()}.bind(this)),this.firstTime=!1):this.youtubeFrame.play())},hide:function(){this.youtubeFrame&&(this.youtubeFrame.setCss({width:"0px",height:"0px"}), equals www.youtube.com (Youtube) |
Source: main[1].js.3.dr | String found in binary or memory: this.sVideoId.substring(b,this.sVideoId.length)),this.prefix="https"==(window.location.href?window.location.href.toLowerCase():"http:").substring(0,5)?"https":"http",this.youtubeFrame=new Media($("<iframe id='player' class='youtube-player flip-action' type='text/html' width='"+this.width+"' height='"+this.height+"' src='"+this.prefix+"://www.youtube.com/embed/"+this.sVideoId+"?enablejsapi=1&rel=0' frameborder='0' allowfullscreen='1' style='position: absolute; opacity: "+this.config.alpha+"; left:"+ equals www.youtube.com (Youtube) |
Source: main[1].js.3.dr | String found in binary or memory: this.vimeoFrame=new Media(d,"vimeo")}"youtube"==b&&(d=this.config.id,-1<d.indexOf("/")&&(f=-1<d.indexOf("?v=")?d.lastIndexOf("?v=")+3:d.lastIndexOf("/")+1,d=d.substring(f,d.length)),d=$("<iframe class='youtube-player' type='text/html' width='"+this.videoWidth+"' height='"+this.videoHeight+"' src='"+c+"://www.youtube.com/embed/"+d+"?autoplay=1&mute=1' frameborder='0' allowfullscreen='1' style='position: absolute; opacity: "+this.config.alpha+"'></iframe>"),this.vimeoFrame=new Media(d,"youtube"));"dailymotion"== equals www.youtube.com (Youtube) |
Source: main[1].js.3.dr | String found in binary or memory: {logo:uiBaseURL+(isBelowIE9()?"twitter.png":"twitter.svg"),url:"https://twitter.com/intent/tweet?url="+this.url+"&text="+this.title,title:"Twitter",name:"twitter"},{logo:uiBaseURL+(isBelowIE9()?"email.png":"email.svg"),url:getEmailUrl(),title:"Email",name:"email"},{logo:uiBaseURL+(isBelowIE9()?"linkedin.png":"linkedin.svg"),url:"http://www.linkedin.com/shareArticle?url="+this.url+"&title="+this.title,title:"Linkedin",name:"linkedin"},{logo:uiBaseURL+(isBelowIE9()?"copy.png":"link.svg"),url:"",type:"copy", equals www.linkedin.com (Linkedin) |
Source: main[1].js.3.dr | String found in binary or memory: {logo:uiBaseURL+(isBelowIE9()?"twitter.png":"twitter.svg"),url:"https://twitter.com/intent/tweet?url="+this.url+"&text="+this.title,title:"Twitter",name:"twitter"},{logo:uiBaseURL+(isBelowIE9()?"email.png":"email.svg"),url:getEmailUrl(),title:"Email",name:"email"},{logo:uiBaseURL+(isBelowIE9()?"linkedin.png":"linkedin.svg"),url:"http://www.linkedin.com/shareArticle?url="+this.url+"&title="+this.title,title:"Linkedin",name:"linkedin"},{logo:uiBaseURL+(isBelowIE9()?"copy.png":"link.svg"),url:"",type:"copy", equals www.twitter.com (Twitter) |
Source: unknown | DNS traffic detected: queries for: online.pubhtml5.com |
Source: main[1].js.3.dr | String found in binary or memory: http://digg.com/submit?url= |
Source: main[1].js.3.dr | String found in binary or memory: http://gmail.google.com |
Source: main[1].js.3.dr | String found in binary or memory: http://reddit.com/submit?url= |
Source: main[1].js.3.dr | String found in binary or memory: http://www.addthis.com/bookmark.php?v=300&url= |
Source: main[1].js.3.dr | String found in binary or memory: http://www.fliphtml5.com |
Source: main[1].js.3.dr | String found in binary or memory: http://www.linkedin.com/shareArticle?url= |
Source: main[1].js.3.dr | String found in binary or memory: http://www.paypal.com/cgi-bin/webscr?cmd=_cart&upload=1 |
Source: main[1].js.3.dr | String found in binary or memory: http://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business= |
Source: config[1].js.3.dr | String found in binary or memory: https://curepumpiones.com/foldersss |
Source: main[1].js.3.dr | String found in binary or memory: https://hm.baidu.com/hm.js? |
Source: sdk[2].js.3.dr | String found in binary or memory: https://itunes.apple.com/us/app/messenger/id454638411 |
Source: main[1].js.3.dr | String found in binary or memory: https://mail.google.com/mail/u/0/?view=cm&fs=1&tf=1&su= |
Source: main[1].js.3.dr | String found in binary or memory: https://mail.qq.com/ |
Source: imagestore.dat.3.dr | String found in binary or memory: https://online.pubhtml5.com/favicon.ico~ |
Source: ~DFEBD97EC9ADA788CD.TMP.2.dr, online.pubhtml5[1].xml.3.dr, taka[1].htm.3.dr | String found in binary or memory: https://online.pubhtml5.com/whlz/taka/ |
Source: ~DFEBD97EC9ADA788CD.TMP.2.dr | String found in binary or memory: https://online.pubhtml5.com/whlz/taka/#p=1 |
Source: {ACE24E76-77F0-11EB-90E5-ECF4BB2D2496}.dat.2.dr | String found in binary or memory: https://online.pubhtml5.com/whlz/taka/#p=1Root |
Source: {ACE24E76-77F0-11EB-90E5-ECF4BB2D2496}.dat.2.dr | String found in binary or memory: https://online.pubhtml5.com/whlz/taka/Root |
Source: taka[1].htm.3.dr | String found in binary or memory: https://online.pubhtml5.com/whlz/taka/files/shot.jpg |
Source: sdk[2].js.3.dr | String found in binary or memory: https://play.google.com/store/apps/details?id=com.facebook.orca |
Source: main[1].js.3.dr | String found in binary or memory: https://player.vimeo.com/api/player.js |
Source: main[1].js.3.dr | String found in binary or memory: https://twitter.com/intent/tweet?url= |
Source: sdk[2].js.3.dr | String found in binary or memory: https://www.internalfb.com/intern/invariant/ |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49722 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49721 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49720 |
Source: unknown | Network traffic detected: HTTP traffic on port 49727 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49726 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49725 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49724 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49721 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49720 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49722 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49723 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49718 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49717 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49727 |
Source: unknown | Network traffic detected: HTTP traffic on port 49717 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49726 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49737 |
Source: unknown | Network traffic detected: HTTP traffic on port 49718 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49725 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49724 |
Source: unknown | Network traffic detected: HTTP traffic on port 49737 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49723 |
Source: unknown | HTTPS traffic detected: 13.227.156.43:443 -> 192.168.2.6:49717 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.227.156.43:443 -> 192.168.2.6:49718 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49722 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49721 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49724 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49723 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49725 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.6:49720 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.6:49727 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.6:49726 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.227.156.43:443 -> 192.168.2.6:49737 version: TLS 1.2 |
Source: classification engine | Classification label: mal56.win@3/33@4/3 |
Source: C:\Program Files\internet explorer\iexplore.exe | File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{ACE24E74-77F0-11EB-90E5-ECF4BB2D2496}.dat | Jump to behavior |
Source: unknown | Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding |
Source: unknown | Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6560 CREDAT:17410 /prefetch:2 |
Source: C:\Program Files\internet explorer\iexplore.exe | Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6560 CREDAT:17410 /prefetch:2 |
Source: Window Recorder | Window detected: More than 3 window changes detected |
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe | File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll |
Source: main[1].js.3.dr | Binary or memory string: "arrow-left":"iVBORw0KGgoAAAANSUhEUgAAAA8AAAAPCAYAAAA71pVKAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0w0hl6ky4wgPQuIB0EURhmBhjKAMMMTWyIqEBEEREBRZCggAGjoUisiGIhKKhgD0gQUGIwiqioZEbWSnx5ee/l5ffHvd/aZ+9z99l7n7UuACRPHy4vBZYCIJkn4Ad6ONNXhUfQsf0ABniAAaYAMFnpqb5B7sFAJC83F3q6yAn8i94MAUj8vmXo6U+ng/9P0qxUvgAAyF/E5mxOOkvE+SJOyhSkiu0zIqbGJIoZRomZL0pQxHJijlvkpZ99FtlRzOxkHlvE4pxT2clsMfeIeHuGkCNixEfEBRlcTqaIb4tYM0mYzBXxW3FsMoeZDgCKJLYLOKx4EZuImMQPDnQR8XIAcKS4LzjmCxZwsgTiQ7mkpGbzuXHxArouS49uam3NoHtyMpM4AoGhP5OVyOSz6S4pyalMXjYAi2f+LBlxbemiIluaWltaGpoZmX5RqP+6+Dcl7u0ivQr43DOI1veH7a/8UuoAYMyKarPrD1vMfgA6tgIgd/8Pm+YhACRFfWu/8cV5aOJ5iRcIUm2MjTMzM424HJaRuKC/6386/A198T0j8Xa/l4fuyollCpMEdHHdWClJKUI+PT2VyeLQDf88xP848K/zWBrIieXwOTxRRKhoyri8OFG7eWyugJvCo3N5/6mJ/zDsT1qca5Eo9Z8ANcoISN2gAuTnPoCiEAESeVDc9d/75oMPBeKbF6Y6sTj3nwX9+65wifiRzo37HOcSGExnCfkZi2viawnQgAAkARXIAxWgAXSBITADVsAWOAI3sAL4gWAQDtYCFogHyYAPMkEu2AwKQBHYBfaCSlAD6kEjaAEnQAc4DS6Ay+A6uAnugAdgBIyD52AGvAHzEARhITJEgeQhVUgLMoDMIAZkD7lBPlAgFA5FQ3EQDxJCudAWqAgqhSqhWqgR+hY6BV2ArkID0D1oFJqCfoXewwhMgqmwMqwNG8MM2An2hoPhNXAcnAbnwPnwTrgCroOPwe3wBfg6fAcegZ/DswhAiAgNUUMMEQbigvghEUgswkc2IIVIOVKHtCBdSC9yCxlBppF3KAyKgqKjDFG2KE9UCIqFSkNtQBWjKlFHUe2oHtQt1ChqBvUJTUYroQ3QNmgv9Cp0HDoTXYAuRzeg29CX0HfQ4+g3GAyGhtHBWGE8MeGYBMw6TDHmAKYVcx4zgBnDzGKxWHmsAdYO64dlYgXYAux+7DHsOewgdhz7FkfEqeLMcO64CBwPl4crxzXhzuIGcRO4ebwUXgtvg/fDs/HZ+BJ8Pb4LfwM/jp8nSBN0CHaEYEICYTOhgtBCuER4SHhFJBLVidbEACKXuIlYQTxOvEIcJb4jyZD0SS6kSJKQtJN0hHSedI/0ikwma5MdyRFkAXknuZF8kfyY/FaCImEk4SXBltgoUSXRLjEo8UISL6kl6SS5VjJHslzypOQNyWkpvJS2lIsUU2qDVJXUKalhqVlpirSptJ90snSxdJP0VelJGayMtoybDFsmX+awzEWZMQpC0aC4UFiULZR6yiXKOBVD1aF6UROoRdRvqP3UGVkZ2WWyobJZslWyZ2RHaAhNm+ZFS6KV0E7QhmjvlygvcVrCWbJjScuSwSVzcopyjnIcuUK5Vrk7cu/l6fJu8onyu+U75B8poBT0FQIUMhUOKlxSmFakKtoqshQLFU8o3leClfSVApXWKR1W6lOaVVZR9lBOVd6vfFF5WoWm4qiSoFKmclZlSpWiaq/KVS1TPaf6jC5Ld6In0SvoPfQZNSU1TzWhWq1av9q8uo56iHqeeqv6Iw2CBkMjVqNMo1tjRlNV01czV7NZ874WXouhFa+1T6tXa05bRztMe5t2h/akjpyOl06OTrPOQ12yroNumm6d7m09jB5DL1HvgN5NfVjfQj9ev0r/hgFsYGnANThgMLAUvdR6KW9p3dJhQ5Khk2GGYbPhqBHNyMcoz6jD6IWxpnGE8W7jXuNPJhYmSSb1Jg9MZUxXmOaZdpn+aqZvxjKrMrttTjZ3N99o3mn+cpnBMs6yg8vuWlAsfC22WXRbfLS0suRbtlhOWWlaRVtVWw0zqAx/RjHjijXa2tl6o/Vp63c2ljYCmxM2v9ga2ibaNtlOLtdZzllev3zMTt2OaVdrN2JPt4+2P2Q/4qDmwHSoc3jiqOHIdmxwnHDSc0pwOub0wtnEme/c5jznYuOy3uW8K+Lq4Vro2u8m4xbiVun22F3dPc692X3Gw8Jjncd5T7Snt+duz2EvZS+WV6PXzAqrFetX9HiTvIO8K72f+Oj78H26fGHfFb57fB+u1FrJW9nhB/ |