ratatitu.vip
Open in
urlscan Pro
104.28.17.137
Malicious Activity!
Public Scan
Submitted URL: https://dubumagoo1931.blogspot.nl/
Effective URL: http://ratatitu.vip/?pl=1557.25b1c704f174aa5babaf8617c15fe196&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJhdGF0aXR1LnZpcC8/c2Vz...
Submission: On September 26 via api from US
Effective URL: http://ratatitu.vip/?pl=1557.25b1c704f174aa5babaf8617c15fe196&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJhdGF0aXR1LnZpcC8/c2Vz...
Submission: On September 26 via api from US
Summary
This website contacted 4 IPs
in 3 countries
across 7 domains to perform 40 HTTP transactions.
The main IP is 104.28.17.137, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is ratatitu.vip.
This is the only time ratatitu.vip was scanned on urlscan.io!
This is the only time ratatitu.vip was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2a00:1450:400... 2a00:1450:4001:81a::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:819::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:802::2009 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
| 1 1 | 8.208.26.229 8.208.26.229 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
| 1 1 | 104.28.16.137 104.28.16.137 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 32 | 104.28.17.137 104.28.17.137 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 40 | 4 |
1
2a00:1450:4001:81a::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| dubumagoo1931.blogspot.nl |
2
2a00:1450:4001:819::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| dubumagoo1931.blogspot.com |
1
8.208.26.229
(United Kingdom)
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
| 141570.bibigor.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 33 |
ratatitu.vip
1 redirects
go.ratatitu.vip ratatitu.vip |
2 MB |
| 4 |
blogger.com
www.blogger.com |
59 KB |
| 2 |
google.com
apis.google.com |
68 KB |
| 2 |
blogspot.com
dubumagoo1931.blogspot.com |
6 KB |
| 1 |
bibigor.com
1 redirects
141570.bibigor.com |
338 B |
| 1 |
bit.ly
1 redirects
bit.ly |
253 B |
| 1 |
blogspot.nl
1 redirects
dubumagoo1931.blogspot.nl |
431 B |
| 40 | 7 |
| Domain | Requested by | |
|---|---|---|
| 32 | ratatitu.vip |
ratatitu.vip
|
| 4 | www.blogger.com |
dubumagoo1931.blogspot.com
|
| 2 | apis.google.com |
dubumagoo1931.blogspot.com
apis.google.com |
| 2 | dubumagoo1931.blogspot.com |
dubumagoo1931.blogspot.com
|
| 1 | go.ratatitu.vip | 1 redirects |
| 1 | 141570.bibigor.com | 1 redirects |
| 1 | bit.ly | 1 redirects |
| 1 | dubumagoo1931.blogspot.nl | 1 redirects |
| 40 | 8 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nl.bitcoin-now.ratatitu.vip |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| misc-sni.blogspot.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
| *.blogger.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
| *.apis.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://ratatitu.vip/?pl=1557.25b1c704f174aa5babaf8617c15fe196&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJhdGF0aXR1LnZpcC8/c2Vzc2lvbj1jYTI4NGRhZjA4YTU0MWM5ODc2NDBlNTVhMjJhMjNhZCZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucmF0YXRpdHUudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Frame ID: 9E36CCEE181EF950BC78059896A849C1
Requests: 40 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://dubumagoo1931.blogspot.nl/
HTTP 302
https://dubumagoo1931.blogspot.com/ Page URL
-
https://bit.ly/2xRGpgn
HTTP 301
http://141570.bibigor.com/index HTTP 302
http://go.ratatitu.vip/03hq HTTP 302
http://ratatitu.vip/?pl=1557.25b1c704f174aa5babaf8617c15fe196&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJh... Page URL
Detected technologies
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /GSE/i
OpenGSE
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /GSE/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://nl.bitcoin-now.ratatitu.vip/?session=ca284daf08a541c987640e55a22a23ad&aff_id=225&fpp=1&pixelsettings=go.ratatitu.vip%2Ffbp%3Fev%3D%7Bev%7D%26pixel%3D%7Bpixel%7D
Title: Extra
Title: Extra
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dubumagoo1931.blogspot.nl/
HTTP 302
https://dubumagoo1931.blogspot.com/ Page URL
-
https://bit.ly/2xRGpgn
HTTP 301
http://141570.bibigor.com/index HTTP 302
http://go.ratatitu.vip/03hq HTTP 302
http://ratatitu.vip/?pl=1557.25b1c704f174aa5babaf8617c15fe196&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJhdGF0aXR1LnZpcC8/c2Vzc2lvbj1jYTI4NGRhZjA4YTU0MWM5ODc2NDBlNTVhMjJhMjNhZCZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucmF0YXRpdHUudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://dubumagoo1931.blogspot.nl/ HTTP 302
- https://dubumagoo1931.blogspot.com/
40 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
dubumagoo1931.blogspot.com/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
14020288-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
plusone.js
apis.google.com/js/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
cookienotice.js
dubumagoo1931.blogspot.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1783702637-widgets.js
www.blogger.com/static/v1/widgets/ |
140 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 865 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.rMJI4WR09CY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPRb_B1g8z3qIwl7l27GWLe47nxIA/ |
137 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 46 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
ratatitu.vip/ Redirect Chain
|
144 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
ratatitu.vip/prelands/1557/css/ |
71 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new-orest-style.css
ratatitu.vip/prelands/1557/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
brandpart.css
ratatitu.vip/prelands/1557/css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
brand-logo-dfb68a03e7.svg
ratatitu.vip/prelands/1557/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
euronews-vector-logo.png
ratatitu.vip/prelands/1557/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
The_Guardian.png
ratatitu.vip/prelands/1557/images/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tour.jpeg
ratatitu.vip/prelands/1557/images/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dutchnewslogo.jpg
ratatitu.vip/prelands/1557/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1-im.jpg
ratatitu.vip/prelands/1557/images/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image-2.jpg
ratatitu.vip/prelands/1557/images/ |
178 KB 178 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5.jpg
ratatitu.vip/prelands/1557/images/ |
75 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image-1u.png
ratatitu.vip/prelands/1557/images/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image-2u.png
ratatitu.vip/prelands/1557/images/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image-3u.png
ratatitu.vip/prelands/1557/images/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image-4u.png
ratatitu.vip/prelands/1557/images/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
reg.png
ratatitu.vip/prelands/1557/images/ |
647 KB 647 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dep.png
ratatitu.vip/prelands/1557/images/ |
161 KB 161 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2c.jpg
ratatitu.vip/prelands/1557/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1c.jpg
ratatitu.vip/prelands/1557/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3c.jpg
ratatitu.vip/prelands/1557/images/ |
910 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5c.jpg
ratatitu.vip/prelands/1557/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7c.jpg
ratatitu.vip/prelands/1557/images/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6c.jpg
ratatitu.vip/prelands/1557/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
15c.jpg
ratatitu.vip/prelands/1557/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8c.jpg
ratatitu.vip/prelands/1557/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script.js
ratatitu.vip/prelands/1557/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.min.js
ratatitu.vip/prelands/1557/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getdetector.js
ratatitu.vip/prelands/1557/js/ |
216 B 622 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.css
ratatitu.vip/prelands/1557/css/ |
1 KB 693 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
brand-title-8719773b15.svg
ratatitu.vip/prelands/1557/images/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Roboto-Regular.woff
ratatitu.vip/prelands/1557/fonts/ |
87 KB 87 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes string| month number| date number| dace object| dayNames object| monthNames object| nowre2 object| timeMainComment object| timeReply object| reviewsContainer object| reviewsContainerInner object| reviewsCloseBtn string| heightHelper undefined| heightHelper2 function| $ function| jQuery string| today string| dd string| mm number| yyyy number| rand1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .ratatitu.vip/ | Name: __cfduid Value: d19b608b89dfdfc77adcd74853948619a1601155351 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
141570.bibigor.com
apis.google.com
bit.ly
dubumagoo1931.blogspot.com
dubumagoo1931.blogspot.nl
go.ratatitu.vip
ratatitu.vip
www.blogger.com
104.28.16.137
104.28.17.137
2a00:1450:4001:802::2009
2a00:1450:4001:814::200e
2a00:1450:4001:819::2001
2a00:1450:4001:81a::2001
67.199.248.11
8.208.26.229
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
11045149d9984f9180106fa11705e257b88a5306c811ad398ec802be24497969
17d6c4b0160942e04e2ba434f4a5dd8bd61c7dcb6d90465a22631fe30242ce98
1c909ee29a0d98bce8178a0c17a5504e33b5d1f63a22dca84f34f83a9f5693a8
2eb49b528f263007e6d0ba9d1dc1bb2d33a5b3858debe3b76204d576f5141221
3131172b18c2ec98af910ea0bc07943c02a90274ea9fdf47c1202ada43ae71b6
3370c32498340228fb9e9d95451d2fe4aeca27f01802c8f894dc123b9938b9aa
35459cc6196838927f1c10ebee8d4f93f41db7dc04211c3fb2eb3d8db0a8b4b9
3f2c340d4d321d330481d603dedfbe6a1cc533ff6e604edbcb4fc86a15d2fb8f
470f4d25e688e9286ad5fc192d5f547a846d59a79833bc08b147ebec6d55a3bd
4cf53e5e1b8756aac1274fce6f023d9d4ab3571261935b5a5011d60cfa50a4a7
5754a78fea82bb52d068d3c64de5ab9ae7ed70de719090407bb2ade232a5b7ee
6618ae9df86aa85bf80ea4f009cfe6f50e08f9f257b42b01d788f14caeb1e8de
6864279e8ac5e322b9c9a637602aeb08cd021db87acb0008f0e9b02770c8a72f
6acc1f3d78dd83c615606a96da6291c184539af8794b4e5e546fa107d9c082e1
6c9c9ddd04febb967d11081c9e5b676029cd2cbde1ebcaff19c8157be7301140
7caa363020000cdd4ee58c1fe715c68123459d9f43e672bb379454a9e288537b
808b4d61e5ac8cbf96db7287ffc2ae05b011edd7ecf4bc7cb293ea1833a50921
91b5fc1cc264d88a48a1dcf23ed8886e0c7efc6356a119fee2e746954a02f446
91d37977d09770913b5e658d7469824f5a0c30b3463870141397320179864b46
93b5dd8162e8675cbc2dc1d61781217896d843175ce8aea828ca13acc58c913f
99c88d0b46dfc36913f97efafe0b68f3b81327c8edcd81796fa7fb1a699301c3
9d503431f778c89ba31af2dba1c213042d19c3a917cdbbb63d62f16ee4eb4958
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
ac3642ed6b71160bd8f61d5c6118c58d344fe01983b94a1cdb8f78dd467d09e1
b69942565e2d9ca09f9b260bd6e4a4c4070ef25612bb9d27b3eeffcd137afb9d
b83392766f32d34d4bbe8020b15704cbb86b65eb3d8a22b693eaa84cd20a23bc
b9a0fd6a0331897ee7673460f248677fd8da87f2df23aa831ddfd609de29d68f
c1beb8cc76171f15fcb4fddcf922575230376b07ddbfc58b6bcaa0aaf716bd9b
c3176aa5afd34b2b18ff787d24d2dec8c4ab46c309756346c650f1c52b15f6bf
cab30da88a231117c2a5ec535b0c4caec1c1f86a680f3077b272ea7265b33cb0
d102a3c9ab95ef68bb26a2e8391a24750868b940605c7aac6dbce6367c569595
d1d3ca50e6279d0cff0fca4a3c78d957535ed628759f282c437f065e985a9a38
d7c55f3f5f7958387e6f54112863b20f5b908099d19d82e30a910929ea233f93
e0591cbf213702885fdded629c53bf0e335daadf4df0b9439ce35a0674dd41b5
e4d448dfa3311a59263f458a0867cf332fff04ff02277d3a7612e117c1367a25
f1b4934e50504f14424dbca5c73632ecd2abe36d0cbcc65ad4246c35fa8ab6b4