xn--ocalbitcoins-wgf.net
Open in
urlscan Pro
Puny
ɩocalbitcoins.net IDN
2606:4700:30::681b:a672
Malicious Activity!
Public Scan
Submission: On August 07 via manual from DE
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 7th 2019. Valid for: a year.
This is the only time xn--ocalbitcoins-wgf.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: LocalBitcoins (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2606:4700:30:... 2606:4700:30::681b:a672 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2600:1901:0:4... 2600:1901:0:498c:: | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:400c:c0b::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:81c::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
34 | 8 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
xn--ocalbitcoins-wgf.net |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
maps.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
xn--ocalbitcoins-wgf.net
xn--ocalbitcoins-wgf.net |
211 KB |
6 |
googleapis.com
maps.googleapis.com |
178 KB |
2 |
gstatic.com
maps.gstatic.com |
5 KB |
2 |
google.com
www.google.com |
|
2 |
doubleclick.net
stats.g.doubleclick.net |
17 KB |
1 |
mxpnl.com
cdn.mxpnl.com |
24 KB |
1 |
newrelic.com
js-agent.newrelic.com |
10 KB |
0 |
nr-data.net
Failed
bam.nr-data.net Failed |
|
0 |
mixpanel.com
Failed
api.mixpanel.com Failed |
|
34 | 9 |
Domain | Requested by | |
---|---|---|
17 | xn--ocalbitcoins-wgf.net |
xn--ocalbitcoins-wgf.net
|
6 | maps.googleapis.com |
xn--ocalbitcoins-wgf.net
maps.googleapis.com |
2 | maps.gstatic.com |
xn--ocalbitcoins-wgf.net
|
2 | www.google.com |
xn--ocalbitcoins-wgf.net
|
2 | stats.g.doubleclick.net |
xn--ocalbitcoins-wgf.net
|
1 | cdn.mxpnl.com |
xn--ocalbitcoins-wgf.net
|
1 | js-agent.newrelic.com |
xn--ocalbitcoins-wgf.net
|
0 | bam.nr-data.net Failed |
js-agent.newrelic.com
|
0 | api.mixpanel.com Failed |
xn--ocalbitcoins-wgf.net
|
34 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
localbitcoinschain.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.reddit.com |
www.weibo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-08-07 - 2020-08-06 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-04-10 - 2020-03-21 |
a year | crt.sh |
*.mxpnl.com RapidSSL RSA CA 2018 |
2018-02-16 - 2019-08-30 |
2 years | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
www.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://xn--ocalbitcoins-wgf.net/
Frame ID: 4594DF882E135BFAEBFCA5B22A0EC42B
Requests: 34 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Block Explorer
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Reddit
Search URL Search Domain Scan URL
Title: Chinese Blog
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
xn--ocalbitcoins-wgf.net/ |
125 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1130.min.js
js-agent.newrelic.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
71 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.ec3bb52a00e1.css
xn--ocalbitcoins-wgf.net/cached-static/bootstrap/css/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.4fbd15cb6047.css
xn--ocalbitcoins-wgf.net/cached-static/font-awesome-4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.7bb7fe5de0c7.css
xn--ocalbitcoins-wgf.net/cached-static/ |
47 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quickform.96d6bb50f184.css
xn--ocalbitcoins-wgf.net/cached-static/ |
1006 B 579 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-extensions.ac6fa260a89d.css
xn--ocalbitcoins-wgf.net/cached-static/ |
354 B 275 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.4f252523d4af.js
xn--ocalbitcoins-wgf.net/cached-static/thirdparty/ |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
141 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
209 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
21 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-logo-500.b39d9369a078.png
xn--ocalbitcoins-wgf.net/cached-static/img/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
businessweek.988b951369fd.png
xn--ocalbitcoins-wgf.net/cached-static/img/press/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forbes.4b8a5859a22c.png
xn--ocalbitcoins-wgf.net/cached-static/img/press/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
financial-times.492a5344d219.png
xn--ocalbitcoins-wgf.net/cached-static/img/press/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-logo_grey.2c59226a8ab9.png
xn--ocalbitcoins-wgf.net/cached-static/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.5869c96cc8f1.js
xn--ocalbitcoins-wgf.net/cached-static/bootstrap/js/ |
36 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha_ajax.js
www.google.com/recaptcha/api/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notifications.83752371db74.js
xn--ocalbitcoins-wgf.net/cached-static/notifications/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.c580ac5f574f.js
xn--ocalbitcoins-wgf.net/cached-static/ |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quickform.ccab8b439723.js
xn--ocalbitcoins-wgf.net/cached-static/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
104 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
stats.g.doubleclick.net/r/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.mixpanel.com/track/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.db812d8a70a4.woff2
xn--ocalbitcoins-wgf.net/cached-static/font-awesome-4.5.0/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha_ajax.js
www.google.com/recaptcha/api/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d482f57533
bam.nr-data.net/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.mixpanel.com/decide/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
233 B 284 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.mixpanel.com
- URL
- https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly94bi0tb2NhbGJpdGNvaW5zLXdnZi5uZXQvIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDc0LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjkuMCIsInRpbWUiOiAxNTY1MjAwNzE4LjQ4MiwiZGlzdGluY3RfaWQiOiAiMTZjNmQzYjlhOGU1NzEtMDIzOGRmNWVkMjVhZTMtMzc2NDdlMDMtMWQ0YzAwLTE2YzZkM2I5YThmNmM0IiwiJGRldmljZV9pZCI6ICIxNmM2ZDNiOWE4ZTU3MS0wMjM4ZGY1ZWQyNWFlMy0zNzY0N2UwMy0xZDRjMDAtMTZjNmQzYjlhOGY2YzQiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJodHRwczovL3huLS1vY2FsYml0Y29pbnMtd2dmLm5ldC8iLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIk1hYyBPUyBYIiwidG9rZW4iOiAiZTliMGQ5YTU4MThhNTZlODY5MWE3OTI1Nzc0NjdkZmQifX0%3D&ip=1&_=1565200718483
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/1/d482f57533?a=8341283&v=1130.54e767a&to=ZwZVMhBTXUMDWhEPDV5McRMMUUdZDVdKAxpTC1YIBVcdXA1aBBILXw1HBwVXCVwNWgQSC18NaBYDVVZvD1gMCD1YF1oK&rst=8421&ref=https://xn--ocalbitcoins-wgf.net/&ap=168&be=8198&fe=8415&dc=8342&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1565200710252,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:21,%22c%22:21,%22s%22:26,%22ce%22:62,%22rq%22:62,%22rp%22:988,%22rpe%22:1012,%22dl%22:990,%22di%22:8342,%22ds%22:8342,%22de%22:8357,%22dc%22:8415,%22l%22:8415,%22le%22:8418%7D,%22navigation%22:%7B%7D%7D&fp=8273&fcp=8273&jsonp=NREUM.setToken
- Domain
- api.mixpanel.com
- URL
- https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=e9b0d9a5818a56e8691a792577467dfd&ip=1&_=1565200718981
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: LocalBitcoins (Crypto Exchange)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require object| _gaq function| getParameterByName string| qp_value object| mixpanel object| _gat object| gaGlobal function| $ function| jQuery object| quickForm object| jQuery1124019998351692049976 object| exchange object| notifications function| debounce function| getCookie object| localBitcoins boolean| hasTouch string| lang function| decodeCookieValue function| passwordStrength function| splitLocation function| createPlaceAutocompleteSelectFirst object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| __e3_ object| _xdc_7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.xn--ocalbitcoins-wgf.net/ | Name: __cfduid Value: d9b3aa0ed1a9b877994bec4bdb87a69321565200718 |
|
.xn--ocalbitcoins-wgf.net/ | Name: mp_e9b0d9a5818a56e8691a792577467dfd_mixpanel Value: %7B%22distinct_id%22%3A%20%2216c6d3b9a8e571-0238df5ed25ae3-37647e03-1d4c00-16c6d3b9a8f6c4%22%2C%22%24device_id%22%3A%20%2216c6d3b9a8e571-0238df5ed25ae3-37647e03-1d4c00-16c6d3b9a8f6c4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.xn--ocalbitcoins-wgf.net/ | Name: __utmb Value: 178430189.1.10.1565200718 |
|
.xn--ocalbitcoins-wgf.net/ | Name: __utmt Value: 1 |
|
.xn--ocalbitcoins-wgf.net/ | Name: __utmz Value: 178430189.1565200718.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.xn--ocalbitcoins-wgf.net/ | Name: __utmc Value: 178430189 |
|
.xn--ocalbitcoins-wgf.net/ | Name: __utma Value: 178430189.1768941127.1565200718.1565200718.1565200718.1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.mixpanel.com
bam.nr-data.net
cdn.mxpnl.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
stats.g.doubleclick.net
www.google.com
xn--ocalbitcoins-wgf.net
api.mixpanel.com
bam.nr-data.net
151.101.114.110
2600:1901:0:498c::
2606:4700:30::681b:a672
2a00:1450:4001:81c::2004
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c0b::9d
08c911924b002c7c74b400c6818140f246a191403c3e20b0c7abaeba3116a15c
0d2f00e1e94916112cab98e64af0a740d16a9dae323094486229c413d6e5c952
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
3065295c97679de9eb419b72916f022e28b7f6d9aef3953a6c951207efe9fa80
37a89af2005df7b717ef3af9344b9b51ebf852a67f140948ddbfa06774cc77aa
3d73530914a82a2836b7d7d639293a9dd8b11b7c7ddd0366f66c9d608db19a97
44f8fbdf1104892b173f64c76e5e9be03888b5ac54c82368a30140ae51a62639
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59763d2ba81f5eb0303d96283d93e80dd433b56896c1cfdc0629f0807399298f
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64f36c092ad2ea988ef5cf396be0c891234ea0ebddab2a3966b2fa5bed632f03
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
782e6b597a5445ea3ef8db7342fc24bad2d3c71390bf3ce73c8cb2bc1438c711
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9535780cf68aa3047d1b7216884bbbf6f75c54c008f91ff5b680860b469f83cf
9aca5ee7a3383665350e2d3f85a7799c0db04e36faeef8c157c5314214721aee
9b4ec63bf33f877493a9132b115c895270337dd70ed95d58224fcb96a1276c4d
a56a7163aadb717f37258980d7236b98b6292813a5f5fb051720288992a7241d
ad9c9254abd4b52d3bed754143822814f7468df167af2543df498195d84a0270
b6f58234982fd9942f311e17d79c3095baf678832ca34aff4a57da3ec38fd4cc
ba2640d8360024fad5c871c94e8edc308e1c08a270332e2de949e8cc566404c9
c2b59b919476aad6c691af0f8f45e3dca6bd9363a704d39a15f020e6dc1ee316
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce5eeb6eeb3ed093d5653681025934d07fc84ceae11882b02f8a7a113b2e9068
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e48bd92ab9651f3daa6bff9b4dec24aba7da5db99cd4e13b802c7becdfcc2856
e826ac1920269d79de76a509a1122246aff6077db9ffe8dd14e6217c790ced1f
f45f062769cd6f3cbaf544cea7a89e442afe561c0feda1d4d690c0530dc7da4d
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995