www.chilecaferacer.com
Open in
urlscan Pro
35.209.197.236
Malicious Activity!
Public Scan
Effective URL: https://www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/
Submission: On July 21 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on July 2nd 2021. Valid for: 3 months.
This is the only time www.chilecaferacer.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking) Banque Postale (Banking)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 16 | 35.209.197.236 35.209.197.236 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42:3::485 2a04:4e42:3::485 | 54113 (FASTLY) (FASTLY) | |
11 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 158.191.172.47 158.191.172.47 | 9159 (Credit Ag...) (Credit Agricole) | |
1 | 185.16.252.161 185.16.252.161 | 35676 (LA-POSTE) (LA-POSTE) | |
1 | 161.35.253.229 161.35.253.229 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
9 | 2606:4700:10:... 2606:4700:10::6816:1883 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
40 | 9 |
ASN15169 (GOOGLE, US)
PTR: 236.197.209.35.bc.googleusercontent.com
www.chilecaferacer.com |
ASN9159 (Credit Agricole, FR)
PTR: www.credit-agricole.fr
www.credit-agricole.fr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
chilecaferacer.com
3 redirects
www.chilecaferacer.com |
220 KB |
11 |
cloudflare.com
cdnjs.cloudflare.com |
652 KB |
9 |
tawk.to
embed.tawk.to va.tawk.to |
127 KB |
2 |
gstatic.com
fonts.gstatic.com |
45 KB |
1 |
googleapis.com
fonts.googleapis.com |
553 B |
1 |
openode.io
keys0.openode.io |
780 B |
1 |
labanquepostale.fr
www.labanquepostale.fr |
70 KB |
1 |
credit-agricole.fr
www.credit-agricole.fr |
9 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net |
34 KB |
40 | 9 |
Domain | Requested by | |
---|---|---|
16 | www.chilecaferacer.com |
3 redirects
www.chilecaferacer.com
|
11 | cdnjs.cloudflare.com |
www.chilecaferacer.com
cdnjs.cloudflare.com |
8 | embed.tawk.to |
www.chilecaferacer.com
embed.tawk.to |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | va.tawk.to |
embed.tawk.to
|
1 | fonts.googleapis.com |
cdnjs.cloudflare.com
|
1 | keys0.openode.io |
www.chilecaferacer.com
|
1 | www.labanquepostale.fr |
www.chilecaferacer.com
|
1 | www.credit-agricole.fr |
www.chilecaferacer.com
|
1 | cdn.jsdelivr.net |
www.chilecaferacer.com
|
40 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
chilecaferacer.com R3 |
2021-07-02 - 2021-09-30 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-30 - 2022-06-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
www.credit-agricole.fr Sectigo RSA Organization Validation Secure Server CA |
2020-09-28 - 2021-09-28 |
a year | crt.sh |
www.labanquepostale.fr DigiCert SHA2 Extended Validation Server CA |
2020-07-08 - 2022-07-09 |
2 years | crt.sh |
*.openode.io AlphaSSL CA - SHA256 - G2 |
2020-03-05 - 2022-04-11 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/
Frame ID: 87C41873902CBE6C33C95A3B5A5ADB45
Requests: 40 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.chilecaferacer.com/votrebanquepostale
HTTP 301
https://www.chilecaferacer.com/votrebanquepostale/ HTTP 302
https://www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438 HTTP 301
https://www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/ Page URL
Detected technologies
Node.js (Programming Languages) ExpandDetected patterns
- script /socket\.io.*\.js/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Semantic-ui (Web Frameworks) Expand
Detected patterns
- script /\/semantic(?:-([\d.]+))?(?:\.min)?\.js/i
UIKit (Web Frameworks) Expand
Detected patterns
- script /uikit.*\.js/i
Socket.io (JavaScript Frameworks) Expand
Detected patterns
- script /socket\.io.*\.js/i
Tawk.to (Live Chat) Expand
Detected patterns
- script /\/\/embed\.tawk\.to/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.chilecaferacer.com/votrebanquepostale
HTTP 301
https://www.chilecaferacer.com/votrebanquepostale/ HTTP 302
https://www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438 HTTP 301
https://www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/ Redirect Chain
|
40 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue
cdn.jsdelivr.net/npm/ |
92 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iview.js
cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/ |
2 MB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iview.css
cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/styles/ |
308 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ |
44 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socket.io.js
cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/ |
67 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uikit.js
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/js/ |
334 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
274 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ |
809 KB 90 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.js
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ |
719 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uikit.css
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/css/ |
364 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.chilecaferacer.com/__/firebase/7.12.0/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-analytics.js
www.chilecaferacer.com/__/firebase/7.12.0/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.chilecaferacer.com/__/firebase/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ilogo.svg
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/img/ |
41 KB 41 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CA_Toute-une-banque-pour-vous_V.svg
www.credit-agricole.fr/content/dam/assetsca/npc/logos/ |
26 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-lbp.png
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-bnpp.png
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/img/ |
41 KB 41 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
miscellaneous.png
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/img/ |
41 KB 41 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
act.png
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/img/ |
41 KB 41 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OT_Visa_Classic_SansContact_DEBIT.jpg
www.labanquepostale.fr/content/dam/refonte_Particulier/Produits/Quotidien/Cartes_bancaires/CB_internationales/visa_classic/images/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/js/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip
keys0.openode.io/ |
398 B 780 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 553 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.chilecaferacer.com/__/firebase/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ilogo.svg
www.chilecaferacer.com/votrebanquepostale/43cc213af9bd17a83aebe0c1ca0cf438/img/ |
41 KB 41 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
embed.tawk.to/5dc29b31e4c2fa4b6bda4277/ |
2 KB 973 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
icons.woff2
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/themes/default/assets/fonts/ |
39 KB 40 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
brand-icons.woff2
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/themes/default/assets/fonts/ |
53 KB 54 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-main.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/js/ |
121 B 471 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-vendor.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/js/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/js/ |
190 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/js/ |
135 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-runtime.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-app.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/js/ |
151 B 495 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-settings
va.tawk.to/v1/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fr.js
embed.tawk.to/_s/v4/app/60ed43c9b1c/languages/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking) Banque Postale (Banking)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| Vue object| __core-js_shared__ object| iview function| axios object| locIp string| iPfull function| io function| UIkit function| $ function| jQuery function| validateNumber object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.chilecaferacer.com/ | Name: PHPSESSID Value: d4e6526ee13c86a911baf4b2469e98aa |
|
www.chilecaferacer.com/ | Name: mailchimp_landing_site Value: https%3A%2F%2Fwww.chilecaferacer.com%2F__%2Ffirebase%2F7.12.0%2Ffirebase-analytics.js |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
keys0.openode.io
va.tawk.to
www.chilecaferacer.com
www.credit-agricole.fr
www.labanquepostale.fr
158.191.172.47
161.35.253.229
185.16.252.161
2606:4700:10::6816:1883
2606:4700::6810:125e
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a04:4e42:3::485
35.209.197.236
0295f2366fa5daacd783294c354a1f3404f61c81c86a25e66f676d52ad594003
03b5861a76d3d1fd0e6075905645aa5fa1907591d90e2f08b1b0ffbbe1506957
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
180d87166ef4f610a7fad39b20d68d998947ad5bde7fa10e85aac823c1550b2b
1e1d780b70641f0f476ce57b29401ec77f1788cd78d2c369bb8cec9ab29f6eaf
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
2f18bb3e4e48d36c8375a022702f3d9ec792830f690a235d55f2bf6e77265372
41504dd284fbe148690ad128e0aa3e937b0da3eca4245041b4676ec35dd5f6fc
41ec663da3b0ee4ca4166dce1d1cb5920972281fc0d807bd19e6efafe02e4afc
51ae4877f6d16c8f9c99b873edf4f6d2f87f672002371a1deaa9905b11d0fb04
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5e25f7bf66ea021614867b9057494bfe6b819eff53e03e388eefcc0ae75d4c44
5e377ae95a219f11b2597a3ab7b8f2e897696b831aa5b8561a0cd135cb279f36
5e67516d3adeff746e961624fdc38150ca5895a029d91a68fece79eaed0e20a9
6bb53660f39d578e46197012f7ee14fa8a93bc7ce1469a4b638f0b79bb05cfa7
6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
82d696bdec7524c23036339b6f8bf12b500e15019cfc465ab1b3c0c7656531a3
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
a6b3a4b419b2269e6724ad27caaee770be63d4b9312659d65f5e8cdc04c4733e
aace69d01152a92bebb2d0713ef7b1fb3772af373219d1cd78d9808ab3b6cdcd
b0d9cc53c4edd1ffb21862c03d7968cfaf8f204d03637a56e5a0beae21cc592f
b155b30cde713e758b3cd77d382f65e3326c07f3a031bca60b031ca79ce7f3e9
c1d232012bb3567a19d508027e682854a6fb1748000d36e5c7d03ab080d709d5
c2b9b39addf8080409dc28611be64764d8705530eb94b1a12c04bbb656e07d93
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c60be705131c4f4fc6fbe0dac5ac2e5cc491a23e641cf24047799161ca0163cf
c7893a1948af458b9663ea19c6b7845370bd650ae86890b54cbd8a4b498e01a2
c9b546ee0e1cb8fe8402bf3418edcf187d0a7bb8f797205cd34100d3489b7b52
cd770fd2df4b00a3268bc0eb69651a149575aaf1a4c3581810705b7fe22c1d2a
e3578d7ffa0db786b21d6986546759976a82764baada977547d38ef918b791f4
e55a1f416b82959f495b856d3f57e276c19d68d219d8e94691f3579f31586411
f661c2aeb146bd881626108035d6be152a5119fac929b30a79860cabbf572a1e