![](/screenshots/b679a7ec-cf05-4032-b561-5cb46ee7d7e6.png)
bitcointodaynews.me
Open in
urlscan Pro
2606:4700:3032::ac43:de64
Malicious Activity!
Public Scan
Effective URL: https://bitcointodaynews.me/ch/en/?_subid=1ouvfk54bfo00&_token=uuid_1ouvfk54bfo00_1ouvfk54bfo005ed541e7840265.00541441
Submission: On June 01 via manual from IN
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 26th 2019. Valid for: 10 months.
This is the only time bitcointodaynews.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lion's Den Scam (Online) Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 54.144.3.29 54.144.3.29 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 13.225.87.94 13.225.87.94 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 100.24.94.176 100.24.94.176 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 2606:4700:303... 2606:4700:3033::681b:abe7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 2606:4700:303... 2606:4700:3032::ac43:de64 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
6 | 2a02:6b8::173 2a02:6b8::173 | 13238 (YANDEX) (YANDEX) | |
44 | 5 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-3-29.compute-1.amazonaws.com
whitehalfolk.club |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-94.fra2.r.cloudfront.net
appearedsoci.fun |
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-94-176.compute-1.amazonaws.com
usd.khurshid-sus.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
bitcointodaynews.me
bitcointodaynews.me |
689 KB |
6 |
yandex.ru
api-maps.yandex.ru |
286 KB |
2 |
whitehalfolk.club
whitehalfolk.club |
39 KB |
1 |
jquery.com
code.jquery.com |
78 KB |
1 |
trackout.business
1 redirects
trackout.business |
1 KB |
1 |
khurshid-sus.com
1 redirects
usd.khurshid-sus.com |
967 B |
1 |
appearedsoci.fun
1 redirects
appearedsoci.fun |
583 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
44 | 8 |
Domain | Requested by | |
---|---|---|
34 | bitcointodaynews.me |
whitehalfolk.club
bitcointodaynews.me |
6 | api-maps.yandex.ru |
bitcointodaynews.me
api-maps.yandex.ru |
2 | whitehalfolk.club |
whitehalfolk.club
|
1 | code.jquery.com |
bitcointodaynews.me
|
1 | trackout.business | 1 redirects |
1 | usd.khurshid-sus.com | 1 redirects |
1 | appearedsoci.fun | 1 redirects |
0 | scrapbook Failed |
bitcointodaynews.me
|
44 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
trackout.business |
wealthreports24.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
whitehalfolk.club Let's Encrypt Authority X3 |
2020-05-27 - 2020-08-25 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-11-26 - 2020-10-09 |
10 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
api-maps.yandex.ru Yandex CA |
2020-03-17 - 2020-09-13 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bitcointodaynews.me/ch/en/?_subid=1ouvfk54bfo00&_token=uuid_1ouvfk54bfo00_1ouvfk54bfo005ed541e7840265.00541441
Frame ID: 4D5480C2822B362B579FF294FCD2065F
Requests: 44 HTTP requests in this frame
Screenshot
![](/screenshots/b679a7ec-cf05-4032-b561-5cb46ee7d7e6.png)
Page URL History Show full URLs
- https://whitehalfolk.club/KDYDL?tag_id=818952&sub_id1=&sub_id2=1188518443955766243&cookie_id=99d11da7-... Page URL
-
https://appearedsoci.fun/?tid=818952&noocp=1
HTTP 302
http://usd.khurshid-sus.com/zcvisitor/d5f557e4-a431-11ea-bd98-121ac21c7655?campaignid=d751c5e0-91da-11ea... HTTP 302
https://trackout.business/CN8RHGN2?keyword=whitehalfolk.club%2Cwhitehalfolk%2Cwhitehalfolk.club&cost=0... HTTP 302
https://bitcointodaynews.me/ch/en/?_subid=1ouvfk54bfo00&_token=uuid_1ouvfk54bfo00_1ouvfk54bfo005ed541e78... Page URL
Detected technologies
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Major
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://whitehalfolk.club/KDYDL?tag_id=818952&sub_id1=&sub_id2=1188518443955766243&cookie_id=99d11da7-9373-4b18-bf1c-4f64bc8608b8&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fappearedsoci.fun%2F%3Ftid%3D818952%26noocp%3D1&hop=7&geo=IN Page URL
-
https://appearedsoci.fun/?tid=818952&noocp=1
HTTP 302
http://usd.khurshid-sus.com/zcvisitor/d5f557e4-a431-11ea-bd98-121ac21c7655?campaignid=d751c5e0-91da-11ea-a851-12e5dcaa70ed&__id__=d751c5e0-91da-11ea-a851-12e5dcaa70ed HTTP 302
https://trackout.business/CN8RHGN2?keyword=whitehalfolk.club%2Cwhitehalfolk%2Cwhitehalfolk.club&cost=0.000960¤cy=usd&external_id=zrd5f557e4a43111eabd98121ac21c7655dd6277f7ead844dcb6d7d45028dea23004749043220ec9e028&creative_id=zulu-kab-UbliAzvn&ad_campaign_id=BTCch&sub_id_1=zulu-kab-UbliAzvn&sub_id_2=POPUP&sub_id_3=NON-ADULT HTTP 302
https://bitcointodaynews.me/ch/en/?_subid=1ouvfk54bfo00&_token=uuid_1ouvfk54bfo00_1ouvfk54bfo005ed541e7840265.00541441 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
KDYDL
whitehalfolk.club/ |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dlp
whitehalfolk.club/ |
80 KB 34 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
bitcointodaynews.me/ch/en/ Redirect Chain
|
101 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
bitcointodaynews.me/ch/en/ |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tidyx.css
bitcointodaynews.me/ch/en/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.8.3.js
code.jquery.com/ |
260 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api-maps.yandex.ru/2.0-stable/ |
71 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topuk.jpg
bitcointodaynews.me/ch/en/ |
106 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tvuk1.jpg
bitcointodaynews.me/ch/en/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tvuk2.jpg
bitcointodaynews.me/ch/en/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bittrader-step3.png
bitcointodaynews.me/ch/en/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bittrader-step1.jpg
bitcointodaynews.me/ch/en/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bittrader-step2.png
bitcointodaynews.me/ch/en/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odA9sNLrE86.jpg
bitcointodaynews.me/ch/en/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18423978_10210643158807484_4625467277978165616_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11880513_10153182441573635_6391766102196689121_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18119267_10155363709609924_958378663814436125_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17265090_10158355004655716_6815458511175803011_n.jpg
bitcointodaynews.me/ch/en/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16406523_1345882538809440_8201065904356080273_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16807461_10211764664812826_5680036435541740063_n.jpg
bitcointodaynews.me/ch/en/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13631522_1146706165402703_3256702316997043506_n.jpg
bitcointodaynews.me/ch/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14222287_1065953200155875_6514575430883754204_n.jpg
bitcointodaynews.me/ch/en/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12088299_1047136358664501_9121132063381418917_n.jpg
bitcointodaynews.me/ch/en/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
540562_430147157013818_32273000_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12651359_1104018629642643_1802809274505192979_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c11.jpg
bitcointodaynews.me/ch/en/ |
1008 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18222397_10156169859605550_2186676355225458227_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26254_100854763287133_3441493_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16174412_10211484033439027_3968979027246986980_n.jpg
bitcointodaynews.me/ch/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12669670_10207353042137627_8224718532595991020_n.jpg
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c9.jpg
bitcointodaynews.me/ch/en/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13417709_10156999054495156_89965319140675792_n.jpg
bitcointodaynews.me/ch/en/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar.png
bitcointodaynews.me/ch/en/ |
159 KB 159 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
scrapbook:download:error:https://wealthreports24.com/bitcoin/uk/edge/2/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
bitcointodaynews.me/ch/en/ |
11 KB 930 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
combine
api-maps.yandex.ru/2.0/ |
859 KB 263 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
bitcointodaynews.me/ch/en/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
bitcointodaynews.me/ch/en/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
bitcointodaynews.me/ch/en/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
bitcointodaynews.me/ch/en/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ef50ac9e93aaebe3299791c79f277f8e.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3ce22e999d54bb9ca8150a59207f9d3e.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4965b66fe115b2f2ed500ece66514d86.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
77492cf358d8b12629399322926c93f2.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- scrapbook
- URL
- urn:scrapbook:download:error:https://wealthreports24.com/bitcoin/uk/edge/2/images/css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lion's Den Scam (Online) Generic Scam (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ymaps object| dayNames object| monthNames object| now object| YMaps function| merge object| provider0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-maps.yandex.ru
appearedsoci.fun
bitcointodaynews.me
code.jquery.com
scrapbook
trackout.business
usd.khurshid-sus.com
whitehalfolk.club
scrapbook
100.24.94.176
13.225.87.94
2001:4de0:ac19::1:b:3b
2606:4700:3032::ac43:de64
2606:4700:3033::681b:abe7
2a02:6b8::173
54.144.3.29
08e45c4e07231dd63ceeacb0ab3c7bbb8d86d9228087e668f847ddaa6be6e256
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
174b36365b28889d733a748f9b96673bd0ffee2c1f18850dc7a247601fae68ba
18e6ea463c6b50cf8e2b4e6b2e58f80b0f069a75024016bfc6b05de859ec4acf
1c610938215fa866d0823f1002474c276d1a067bcd4643419e8d9f31f1b16ca5
1dbe34661a6ed594ac8c7074ce0192ed31ea4f2613ae6c5a5f16a5e21fc93a02
2c37d7405c2b1b684e39041bc7523d446bc44a4eb89dbb326c20067565b9bdbb
30f96ca21e744f04f5531a28d1818eb7243b8fc4a2648697f142f91ca35eed3c
31784bfbadd2b923dee2b4d9d7a3391935ad7d38fa688eac125d4be81538b086
325e817f118ec406765c27bca13fb22b7a0d1dcc5dac0606708b3cd093efbd6b
34b8be9215b1a279b9c64ea7edbf21cf9a24c94c7dd1035d8b55cd75df7901ee
34cd40651c08db40061f9d9fb97c7e1020880ed54de0d1178a8891308c455c50
3d80e6a5779b6c553de7e50fde96d4ff032a55f61c01084378d11a734ac7b52d
3f633acb2738a30bd578adfafbe5fbba92ae0970a7bc624d4e075fb43d5f32d8
43a6f44f59b5d830985d26c08faeba4b781edd80d5bc0cfe1994a5626b461e26
46a89ecc3570b858566c942da7032adb980b009a88115c2eeeabbfe3b23230fb
55341b758de91a0f5041e03e29be19dc66a0abb91517a46a62da55597ff889c5
5bd6cba223c648793f154d2033e12f812335014cc21e4ee2c143229a7ba4634c
6e69137bd858a9a68e2ccd962331c5c1f0100fa98462a5c45b4780e85dc0f7dd
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
759a75f78365ae447a91dc9a5349a6eefd25093184637f261269bff5b96434aa
78037cc6cea54f34b36abfb6198ea591d332ed4e22cd31ae768c5ccbb559d821
78c8fc25f1ef8ec3a9601c7159c3de0f95d363558c23d46340622677907b889f
7b2dcc561a7b876758550c354a3b322b4081157a10b3d4995e2ee96639dcb66f
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
94ae2596e2c6cd57d01268d20c9d3c69847ad4f6449f8ebffc3e070ad0e794d2
982c90477b31d4d280246da28b100cd1973f44b404c5bb304775c9d3d814b1ca
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d270afb035e8ab5a814c9a1ba448590a10a116f3fd66a2a99048f6826517288
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
ab3a2e8d1c02db44b52006378330a14b044aae29ad21ab4ac830cd5465613200
ac44e29641091ab6874790ba11651b2b6e6cd3572dc98d8f15482b2664070398
b92fceb2bf9c655f8c67fe4ef45b805c550196b496ee73a40f05004a992450e1
c2c8f8eb5aecfb18f5492f44d9c85130392b8ebc26c132a12c41f88b18917725
cb6eb33fa7ee765f27a9ec2481fdf38ee70222c480870182e3dcf6ee3e4e5d32
e620b573d7cb8701b0ed12b9dfca9dc2e7a646faa706d8a09bd3cc1e8c6ba25a
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ed3441c8120cffbe0a6d8171308ce25fcfa517847f83d74c3244186e0f6242c8
f542f91fd3fc5e9d26c2ffc505b665f56a58874bf9928396b835078e4840dbaf