locailbticoins.net
Open in
urlscan Pro
2606:4700:30::6812:303e
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On September 29 via api from GB
Summary
This is the only time locailbticoins.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: LocalBitcoins (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2606:4700:30:... 2606:4700:30::6812:303e | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2600:1901:0:4... 2600:1901:0:498c:: | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a00:1450:400... 2a00:1450:400c:c0c::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
10 | 2a00:1450:400... 2a00:1450:4001:814::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 35.190.25.25 35.190.25.25 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:81e::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
39 | 9 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
locailbticoins.net |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api.mixpanel.com |
ASN15169 (GOOGLE - Google LLC, US)
maps.gstatic.com |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
locailbticoins.net
locailbticoins.net |
222 KB |
10 |
googleapis.com
maps.googleapis.com |
333 KB |
3 |
doubleclick.net
stats.g.doubleclick.net |
34 KB |
2 |
gstatic.com
maps.gstatic.com |
5 KB |
2 |
mixpanel.com
api.mixpanel.com |
466 B |
2 |
google.com
www.google.com |
|
1 |
nr-data.net
bam.nr-data.net |
260 B |
1 |
mxpnl.com
cdn.mxpnl.com |
24 KB |
1 |
newrelic.com
js-agent.newrelic.com |
9 KB |
39 | 9 |
Domain | Requested by | |
---|---|---|
17 | locailbticoins.net |
locailbticoins.net
|
10 | maps.googleapis.com |
locailbticoins.net
maps.googleapis.com |
3 | stats.g.doubleclick.net |
locailbticoins.net
|
2 | maps.gstatic.com |
locailbticoins.net
|
2 | api.mixpanel.com |
locailbticoins.net
|
2 | www.google.com |
locailbticoins.net
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | cdn.mxpnl.com |
locailbticoins.net
|
1 | js-agent.newrelic.com |
locailbticoins.net
|
39 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
localbitcoinschain.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.reddit.com |
weibo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-04-10 - 2020-03-21 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.mixpanel.com RapidSSL RSA CA 2018 |
2018-01-11 - 2020-05-01 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.nr-data.net GeoTrust RSA CA 2018 |
2018-01-11 - 2020-03-17 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://locailbticoins.net/
Frame ID: FA1D7DFA4D95056975269EE20973AC18
Requests: 39 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Block Explorer
Search URL Search Domain Scan URL
Title: Â Facebook
Search URL Search Domain Scan URL
Title: Â Twitter
Search URL Search Domain Scan URL
Title: Â Instagram
Search URL Search Domain Scan URL
Title: Â Reddit
Search URL Search Domain Scan URL
Title: Â Chinese Blog
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- http://stats.g.doubleclick.net/dc.js HTTP 307
- https://stats.g.doubleclick.net/dc.js
- http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1676207618&utmhn=locailbticoins.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LocalBitcoins.com%3A%20Fastest%20and%20easiest%20way%20to%20buy%20and%20sell%20bitcoins&utmhid=790267011&utmr=-&utmp=%2F&utmht=1569716573728&utmac=UA-32479826-1&utmcc=__utma%3D126807440.586301168.1569716574.1569716574.1569716574.1%3B%2B__utmz%3D126807440.1569716574.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1306093968&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
- https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1676207618&utmhn=locailbticoins.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LocalBitcoins.com%3A%20Fastest%20and%20easiest%20way%20to%20buy%20and%20sell%20bitcoins&utmhid=790267011&utmr=-&utmp=%2F&utmht=1569716573728&utmac=UA-32479826-1&utmcc=__utma%3D126807440.586301168.1569716574.1569716574.1569716574.1%3B%2B__utmz%3D126807440.1569716574.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1306093968&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
locailbticoins.net/ |
128 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1130.min.js
js-agent.newrelic.com/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
71 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.ec3bb52a00e1.css
locailbticoins.net/cached-static/bootstrap/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.4fbd15cb6047.css
locailbticoins.net/cached-static/font-awesome-4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.7bb7fe5de0c7.css
locailbticoins.net/cached-static/ |
47 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quickform.96d6bb50f184.css
locailbticoins.net/cached-static/ |
1006 B 920 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-extensions.ac6fa260a89d.css
locailbticoins.net/cached-static/ |
354 B 668 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.4f252523d4af.js
locailbticoins.net/cached-static/thirdparty/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
141 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
209 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/37/10a/ |
21 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-logo-500.b39d9369a078.png
locailbticoins.net/cached-static/img/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
businessweek.988b951369fd.png
locailbticoins.net/cached-static/img/press/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forbes.4b8a5859a22c.png
locailbticoins.net/cached-static/img/press/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
financial-times.492a5344d219.png
locailbticoins.net/cached-static/img/press/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-logo_grey.2c59226a8ab9.png
locailbticoins.net/cached-static/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.5869c96cc8f1.js
locailbticoins.net/cached-static/bootstrap/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha_ajax.js
www.google.com/recaptcha/api/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifications.83752371db74.js
locailbticoins.net/cached-static/notifications/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.c580ac5f574f.js
locailbticoins.net/cached-static/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quickform.ccab8b439723.js
locailbticoins.net/cached-static/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
113 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 105 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.mixpanel.com/track/ |
1 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.db812d8a70a4.woff2
locailbticoins.net/cached-static/font-awesome-4.5.0/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha_ajax.js
www.google.com/recaptcha/api/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/38/5/ |
74 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/38/5/ |
141 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/38/5/ |
209 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/38/5/ |
40 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d482f57533
bam.nr-data.net/1/ |
57 B 260 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.mixpanel.com/decide/ |
65 B 143 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
233 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: LocalBitcoins (Crypto Exchange)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| _gat object| _gaq object| gaGlobal function| getParameterByName string| qp_value object| mixpanel function| $ function| jQuery object| quickForm object| jQuery1124049887201400673775 object| exchange object| notifications function| debounce function| getCookie object| localBitcoins boolean| hasTouch string| lang function| decodeCookieValue function| passwordStrength function| splitLocation function| createPlaceAutocompleteSelectFirst object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| __e3_ object| _xdc_8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.locailbticoins.net/ | Name: __utmb Value: 126807440.1.10.1569716574 |
|
.locailbticoins.net/ | Name: mp_e9b0d9a5818a56e8691a792577467dfd_mixpanel Value: %7B%22distinct_id%22%3A%20%2216d7a661628999-07ce1ba410516c-37647e03-1d4c00-16d7a6616292c3%22%2C%22%24device_id%22%3A%20%2216d7a661628999-07ce1ba410516c-37647e03-1d4c00-16d7a6616292c3%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.locailbticoins.net/ | Name: __utmz Value: 126807440.1569716574.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.locailbticoins.net/ | Name: __utma Value: 126807440.586301168.1569716574.1569716574.1569716574.1 |
|
.locailbticoins.net/ | Name: __cfduid Value: de2dcf264195a3b04b4f665d16f501fcd1569716573 |
|
.locailbticoins.net/ | Name: __utmc Value: 126807440 |
|
.locailbticoins.net/ | Name: __utmt Value: 1 |
|
locailbticoins.net/ | Name: connect.sid Value: s%3ANNLoYK-PzdNUUrHW9RssRrGfhk5U994b.3eTeKLPBo46nnEikhCTnOYsKI7EVccldtmQW9X2krUM |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.mixpanel.com
bam.nr-data.net
cdn.mxpnl.com
js-agent.newrelic.com
locailbticoins.net
maps.googleapis.com
maps.gstatic.com
stats.g.doubleclick.net
www.google.com
151.101.114.110
162.247.242.20
2600:1901:0:498c::
2606:4700:30::6812:303e
2a00:1450:4001:814::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c0c::9a
35.190.25.25
08c911924b002c7c74b400c6818140f246a191403c3e20b0c7abaeba3116a15c
0d2f00e1e94916112cab98e64af0a740d16a9dae323094486229c413d6e5c952
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
3065295c97679de9eb419b72916f022e28b7f6d9aef3953a6c951207efe9fa80
37a89af2005df7b717ef3af9344b9b51ebf852a67f140948ddbfa06774cc77aa
44f8fbdf1104892b173f64c76e5e9be03888b5ac54c82368a30140ae51a62639
46aeccd601b232cce93f17cad5c02376d3e9241c7d526dff8a0aaa419b0819b8
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59763d2ba81f5eb0303d96283d93e80dd433b56896c1cfdc0629f0807399298f
5d174db46d6f4835a3c3d8d78f8e78a2cb461b71d6f0707652ca48baaea971c8
5ea6a520de21b6a9b6b52454ee7d39d61f413c0b4926a38d0b5e1b4a81e60d81
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64f36c092ad2ea988ef5cf396be0c891234ea0ebddab2a3966b2fa5bed632f03
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
72f33e06c22bda8a06bf82760c9ad3744c76cf3dfd4030c71dfaf4d131b24fba
782e6b597a5445ea3ef8db7342fc24bad2d3c71390bf3ce73c8cb2bc1438c711
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9aca5ee7a3383665350e2d3f85a7799c0db04e36faeef8c157c5314214721aee
a56a7163aadb717f37258980d7236b98b6292813a5f5fb051720288992a7241d
ad9c9254abd4b52d3bed754143822814f7468df167af2543df498195d84a0270
b6f58234982fd9942f311e17d79c3095baf678832ca34aff4a57da3ec38fd4cc
b8c868fdd2f11d86739846d3728b57765e0523bce5494996237f2a1f0acde071
ba2640d8360024fad5c871c94e8edc308e1c08a270332e2de949e8cc566404c9
bfbf758422d10b438188b2fab3bca322fab2bae2b5c8c4d018f1b1d151d66c3c
c2b59b919476aad6c691af0f8f45e3dca6bd9363a704d39a15f020e6dc1ee316
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce5eeb6eeb3ed093d5653681025934d07fc84ceae11882b02f8a7a113b2e9068
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e48bd92ab9651f3daa6bff9b4dec24aba7da5db99cd4e13b802c7becdfcc2856
eaa92e887448c789ee192b351a18ec2e6a856a65383ce1cfc569604ad0ccc0d7
f45f062769cd6f3cbaf544cea7a89e442afe561c0feda1d4d690c0530dc7da4d
f50507fcd46a726feb07e51dda9d125500a90ad9d31dbcf67ae71b9c07aa75a0
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995