ciirdf.ca
Open in
urlscan Pro
64.26.174.92
Malicious Activity!
Public Scan
Submission: On February 08 via automatic, source phishtank
Summary
This is the only time ciirdf.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 64.26.174.92 64.26.174.92 | 7788 (MAGMA-COMM) (MAGMA-COMM - Magma Communications Ltd.) | |
14 | 95.101.242.48 95.101.242.48 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2a00:1450:400... 2a00:1450:400e:805::200e | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 95.101.242.51 95.101.242.51 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
36 | 5 |
ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA)
PTR: vws2.magma.ca
ciirdf.ca |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-242-48.deploy.akamaitechnologies.com
www.paypalobjects.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-242-51.deploy.akamaitechnologies.com
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
ciirdf.ca
ciirdf.ca |
878 KB |
14 |
paypalobjects.com
www.paypalobjects.com |
648 KB |
1 |
paypal.com
t.paypal.com |
42 B |
1 |
google-analytics.com
www.google-analytics.com |
44 B |
0 |
omtrdc.net
Failed
paypal.d1.sc.omtrdc.net Failed |
|
0 |
google.com
Failed
www.google.com Failed |
|
36 | 6 |
Domain | Requested by | |
---|---|---|
18 | ciirdf.ca |
ciirdf.ca
|
14 | www.paypalobjects.com |
ciirdf.ca
www.paypalobjects.com |
1 | t.paypal.com |
ciirdf.ca
|
1 | www.google-analytics.com |
ciirdf.ca
|
0 | paypal.d1.sc.omtrdc.net Failed |
ciirdf.ca
|
0 | www.google.com Failed |
ciirdf.ca
|
36 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paypalobjects.com Symantec Class 3 EV SSL CA - G3 |
2015-10-12 - 2017-09-02 |
2 years | crt.sh |
*.google-analytics.com Google Internet Authority G2 |
2017-01-25 - 2017-04-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Frame ID: 1402.1
Requests: 36 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request 20- https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg&V=3-1v86k4TA9jyFPBCpw2CNzlgcC93x9cc38aMjVJEsaru%2fSUw%2ffL7xNh%2fIDedfX4tP&I=C9C7BB88F5CF648&D=payp...
- https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg?01AD=3alERUKV2iij-JrAB-bqAGTLl0vCcqWdwjtHQnKn8leHOmDCK66Xulg&01RI=C9C7BB88F5CF648&01NA=na
- https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg&V=3-s7KPwmRuRwhm8aMataJNUic0MHTPj54CPE34MhdypLNLjpheYbZvmjFsAYYs3PKc&I=407DEC92EBA0083&D=paypalobje...
- https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg?01AD=3iUAGZa_yfXJnHveGQyi6w4r5CG_5NjzFhyCf3HnPHIzrYcC4rVOM_A&01RI=407DEC92EBA0083&01NA=na
- http://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%...
- https://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca...
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j46&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_u=QGAAgEAB~&z=378562424
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_v=j46&z=378562424
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/ |
43 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e3a51bf0748677664db495d10101356abd25f7.css
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
165 KB 165 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5a92c759ad3cb53e7fc68a188e04391c7be2e9.css
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2e80a8c4ee99494500d5436386c5ef870e00e1.css
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
25 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f5548e5cfa43a3f52574a061e4fe89f59ae5bd.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
9 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ab95bbb6fd867b030d0cf582fca3569e95cc56.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
347 KB 347 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5d531740a310fe115e8e091f6b23e51c85d6f9.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
8 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_jscode_080706.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
60 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
66 KB 66 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mapuid.gif
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
www.paypalobjects.com/gajs/ |
27 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
hamburger2x.png
www.paypalobjects.com/webstatic/mktg/2014design/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppcom.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
FR-Homepage-Hero-light.jpg
www.paypalobjects.com/webstatic/fr_FR/mktg/ |
216 KB 216 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
home-signup.jpg
www.paypalobjects.com/webstatic/mktg/wright/videos/ |
184 KB 184 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
festivo18.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/headlinelight/ |
54 KB 54 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
festivo1.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/headlinedark/ |
36 KB 36 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
quickbar-icons2x.png
www.paypalobjects.com/webstatic/mktg/wright/icons/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
fancy-down-arrow2x.png
www.paypalobjects.com/webstatic/mktg/2014design/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
home_n1_1x.jpg
www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/ Redirect Chain
|
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
home_n3_1x.jpg
www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/ Redirect Chain
|
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search_glass_large2x.png
www.paypalobjects.com/webstatic/mktg/2014design/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ Redirect Chain
|
35 B 44 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.com/ads/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5d531740a310fe115e8e091f6b23e51c85d6f9.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
8 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_jscode_080706.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
60 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
66 KB 66 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mapuid.gif
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ts
t.paypal.com/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s67478430706757
paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp32.png
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
4 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
midOpt.swf
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
3 KB 3 KB |
Other
application/x-shockwave-flash |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
midOpt.swf
www.paypalobjects.com/en_US/m/ |
335 B 335 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ |
5 KB 5 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google.com
- URL
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_v=j46&z=378562424
- Domain
- paypal.d1.sc.omtrdc.net
- URL
- http://paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/s67478430706757?AQB=1&ndh=1&t=8%2F1%2F2017%2020%3A56%3A33%203%200&fid=0F6676FE406C6FC9-032B1AC478486C2F&vmt=51437A79&vmf=paypal.112.2o7.net&ce=UTF-8&ns=paypal&pageName=main%3Amktg%3Apersonal%3A%3Ahome&g=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&cc=USD&ch=mktg&server=main&c1=home.dust&c7=none&v7=none%3Anone%3Anone&c8=none&c9=none&c17=PayPal%3A%20Achetez%2C%20envoyez%20de%20l%27argent%20et%20acceptez%20les%20paiements&c19=main%3Amktg%3Apersonal%3A%3Ahome&v19=D%3Dc7&c20=Unknown&c25=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&v25=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&c28=Unknown&c30=fr&c31=personal&v31=main%3Amktg%3Apersonal%3A%3Ahome&c35=out&c36=ciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca&c39=D%3DpageName&c40=3d5ab1dfaa922&c47=D%3DpageName&c50=fr_fr&c53=h.25.3%7C01.17.2013&c71=Nodejs&c72=UTF-8&h1=main_mktg_personal_&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1598&bh=1132&p=Chrome%20PDF%20Viewer%3BShockwave%20Flash%3BWidevine%20Content%20Decryption%20Module%3BNative%20Client%3B&AQE=1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ciirdf.ca/ | Name: s_sess Value: %20s_ppv%3D39%3B%20s_cc%3Dtrue%3B%20v31%3Dmain%253Amktg%253Apersonal%253A%253Ahome%3B%20s_sq%3D%3B |
|
.ciirdf.ca/ | Name: s_pers Value: %20s_fid%3D0F6676FE406C6FC9-032B1AC478486C2F%7C1549659393532%3B%20gpv_c43%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1486589193534%3B%20tr_p1%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1486589193535%3B%20gpv_events%3Dno%2520value%7C1486589193536%3B |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ciirdf.ca
paypal.d1.sc.omtrdc.net
t.paypal.com
www.google-analytics.com
www.google.com
www.paypalobjects.com
paypal.d1.sc.omtrdc.net
www.google.com
2a00:1450:400e:805::200e
64.26.174.92
95.101.242.48
95.101.242.51
03e10e46f0fae29dc24f4cb322a78a321b0e53195269d78f627d78193332b8f2
0893a0c42b636e0c1ae17b78325011c54267b003902430314d33d178ff3a0620
0ccb75f987d5cd3ae4aa52bac7875c2977a44f5851258c466c73bfb209cb47ce
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1ad0d534c724af7e45da87aab5ed45f8ed68027751ad7e3c773bd947e45e776c
1ba6e28987701d51cbbe89271833bb00d4049978ecfe399b98bab5b4019879c1
3b76dc63be619f59219bf3cb6d1efe76c5d7759f8fe34a251b604df99a29d096
3e5e7ada07b81c61389cce569f5e54c9dec0fccf9fec0f7b25f5947bac1ecbcc
40a50eff9416a012b8332cd3fbf98f850d845704497350bf06e7bde141174fa0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
54bd5c318bbe7054546c25210272518082a2ae7edfb77645b2003f0270221cf4
5680450e332b59731870c82f644abce99ffe9edfa3d8096648d7bf1e04f23584
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
74f4fc2a3fd6f901662374ee82a447226523e3e2e2701bb39910c7b4e907c105
7c65abf1ec01c147983415383b760b2ead09552e3cdd7cfaf985a8a25907b651
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91a4ad2cb6333a7d8799e1fe241004d2726959c26facc98aa15a6cf617e0e609
94ffc263295036858354cea9af2d7f0e45e1a030e781edd1655727c4b0eb226c
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214
98ecaad59fce14516bd1c79d6361e1f798a6cf3d077b68b5807adc153c5fb389
994cecff0e6c4728f23d55b697d65e23dfea6d902ba8386400fa241989215b08
9bbf1ce51d9751054757ff383e410a379a4b1ee26527334f4add83fbfba1d36c
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
aee6175c60943c60a98f3f8522f6e864cb5bd8175b25c90ce40bbab5574bdf8f
b3087c485bf57fe2873693d950ec3d7bba1b35ddee8ab85ffa47d4ec39a70ff9
b935814d911d2dc8a7abfedc4e31f9cda4c2f21821107ca66b3ca23801dae353
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
d0cedbc32feda8a7d49d8001322349facde45156b6d9ec572ca2b15444b3c110
e3c743b9295adde3148e2295d616cfba622401545a4d09f1ee6ed91a8723e5b9
eb6f838f26f4f83874589d12375be105b093a117619ee7be32c536874fa16062