domesticdiscount.tk
Open in
urlscan Pro
192.161.48.66
Malicious Activity!
Public Scan
URL:
https://domesticdiscount.tk/images/ktbnetbank/krungthai/otp2.html
Submission: On December 03 via automatic, source openphish
Submission: On December 03 via automatic, source openphish
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 40 HTTP transactions.
The main IP is 192.161.48.66, located in
Los Angeles, United States and
belongs to ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US.
The main domain is domesticdiscount.tk.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 25th 2018. Valid for: 3 months.
This is the only time domesticdiscount.tk was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 25th 2018. Valid for: 3 months.
This is the only time domesticdiscount.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: KTB Bank (Financial) PayPal (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 36 | 192.161.48.66 192.161.48.66 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC) | |
| 4 | 2001:df3:2900... 2001:df3:2900:0:202:12:117:134 | 24060 (KTB-KTBCS...) (KTB-KTBCS-TH KTB COMPUTER SERVICES COMPANY LIMITED) | |
| 40 | 2 |
36
192.161.48.66
(Los Angeles, United States)
ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US)
PTR: la-cpanel-1.serverhostname.net
ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US)
PTR: la-cpanel-1.serverhostname.net
| domesticdiscount.tk |
4
2001:df3:2900:0:202:12:117:134
(None, )
ASN24060 (KTB-KTBCS-TH KTB COMPUTER SERVICES COMPANY LIMITED, TH)
ASN24060 (KTB-KTBCS-TH KTB COMPUTER SERVICES COMPANY LIMITED, TH)
| www.ktbnetbank.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 36 |
domesticdiscount.tk
domesticdiscount.tk |
238 KB |
| 4 |
ktbnetbank.com
www.ktbnetbank.com |
91 KB |
| 40 | 2 |
| Domain | Requested by | |
|---|---|---|
| 36 | domesticdiscount.tk |
domesticdiscount.tk
|
| 4 | www.ktbnetbank.com |
domesticdiscount.tk
|
| 40 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.ktbnetbank.com |
| www.ktb.co.th |
| www.facebook.com |
| twitter.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| domesticdiscount.tk cPanel, Inc. Certification Authority |
2018-11-25 - 2019-02-23 |
3 months | crt.sh |
| www.ktbnetbank.com DigiCert SHA2 Extended Validation Server CA |
2018-03-19 - 2019-06-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://domesticdiscount.tk/images/ktbnetbank/krungthai/otp2.html
Frame ID: 37F955B1CDACA408C615A3F1FF866540
Requests: 40 HTTP requests in this frame
Screenshot
Detected technologies
LiteSpeed
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^LiteSpeed$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui.*\.js/i
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
URL: https://www.ktbnetbank.com/CMS/th/home_content_main.htm?r=2018031602
Title: หน้าแรก
Title: หน้าแรก
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/other_service/other_service.htm
Title: บริการอื่น ๆ
Title: บริการอื่น ๆ
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/product_content_main.htm
Title: รายละเอียดผลิตภัณฑ์
Title: รายละเอียดผลิตภัณฑ์
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/product/product_content_faq.html
Title: ถาม - ตอบ
Title: ถาม - ตอบ
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/detailpage/userManualWeb.html
Title: คู่มือและวิธีการใช้งาน
Title: คู่มือและวิธีการใช้งาน
Search URL Search Domain Scan URL
URL: http://www.ktb.co.th/ktb/th/download.aspx?cid=R0BUdwUlyIZmjem%2bQi3xyg%3d%3d
Title: ดาวน์โหลด
Title: ดาวน์โหลด
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/product/product_content_security.html
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/product/product_content_terms.html
Title: Terms
Title: Terms
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/product/product_content_privacy.html
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/CMS/th/contents/contact/contact.htm
Title: ติดต่อธนาคาร
Title: ติดต่อธนาคาร
Search URL Search Domain Scan URL
URL: https://www.facebook.com/KTBnetbank
Title:
Title:
Search URL Search Domain Scan URL
URL: https://twitter.com/KTBnetbank
Search URL Search Domain Scan URL
URL: http://www.youtube.com/ktbsocialmedia
Search URL Search Domain Scan URL
URL: https://www.ktbnetbank.com/consumer/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
otp2.html
domesticdiscount.tk/images/ktbnetbank/krungthai/ |
61 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login2.css
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
74 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ktb.tablerow-min.css
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
18 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.10.3.custom-min.css
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.10.1.min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
91 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ktb-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
74 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.xml2json.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ktb.core-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.custom.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
281 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.blockUI.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flexslider.css
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contentLayout.css
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading135.gif
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
netbankVDOcall.png
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-fieldselection.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
2 KB 629 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vkeyboard-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
printScript-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login-setting-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
21 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tooltipBubble-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mousewheel.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
1 KB 602 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
campaign-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.placeholder.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.jplayer.min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-facebook.png
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-twiter.png
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-youtube.png
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convenience.jpg
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close_vkey.png
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close_vkey.png
domesticdiscount.tk/images/ktbnetbank/krungthai/KTB%20netbank%20_%20Internet%20Banking_files/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.xml2json.js
domesticdiscount.tk/images/ktbnetbank/krungthai/resources/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
headerReptBg.jpg
domesticdiscount.tk/images/ktbnetbank/krungthai/images/background/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Header_BG.jpg
www.ktbnetbank.com/consumer/resources/themes/themeOne/images/background/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headName.png
www.ktbnetbank.com/consumer/resources/themes/themeOne/images/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
grays.png
domesticdiscount.tk/images/ktbnetbank/krungthai/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
language.png
www.ktbnetbank.com/consumer/resources/themes/themeOne/images/icons/lang/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
campaign-min.js
domesticdiscount.tk/images/ktbnetbank/krungthai/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keyboardBG1.png
www.ktbnetbank.com/consumer/resources/themes/themeOne/images/vkeyboard/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skyFooter.jpg
domesticdiscount.tk/images/ktbnetbank/krungthai/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close_vkey.png
domesticdiscount.tk/images/ktbnetbank/krungthai/KTB%20netbank%20_%20Internet%20Banking_files/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: KTB Bank (Financial) PayPal (Financial)131 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| openAddAccountForm object| targetPane number| count_reloadImageCode number| count_listenImageCode number| showPageSpeed number| hidePageSpeed object| ajax_load function| ShowContent function| displayData function| showContentWithTemplateAndData function| updateBarImage function| slideContentWithTemplateAndData function| waiting function| stopWaiting function| alertAccept function| showMsg function| warningIE function| closewaringIE function| closeMsg function| showAds function| closeAds function| waiting2 function| waiting2error function| stopWaiting2 function| stopError2 object| NavigationType number| ktpPosition_effect_speed boolean| isDOM boolean| isIE4 boolean| isNS4 function| isMSIE8 function| isAndroidNotChrome function| loadScript function| imagePath function| showLoading function| getRef function| GetXYPosition function| getClientlength function| getClientWidth function| getClientHeight function| getURLParam function| getPositionLeft function| getPositionTop function| GetPosition function| SetPostion function| InitSlider function| SetSlider function| parseXMLwithCallback function| ApplyImagePath function| BindDataListToTemplate function| replaceValueWithName function| BindJsonToTemplate function| loadXmlToJson function| ActivateScroll function| applyTheme function| BindObjectToTemplate function| getPageCount function| initTouch function| touchScrollPayBill function| touchScroll function| mousewheelToScroll string| ktamUrl string| ProspectusUrl string| subContext string| themeName string| application_root_path string| language string| sessionKey object| bookmarkObj function| setupMainPage function| setLanguage function| loadActionForm function| setupHomePage function| openTopPopupMenu function| changeDropBoxBG function| saveStatistic function| setupLoginPage object| BHLoginForm object| keypads object| keyboardENs object| keyboardENShifts object| keyboardTHs object| keyboardTHShifts string| LANG_TH string| LANG_EN string| SECTION_HEADER string| SECTION_FOOTER string| SECTION_DETAIL function| createKeyboard function| getKeyboardRawStr function| createKeypad object| mapKeyboard object| mapKeypad function| Keypad function| changeVKeyboardLangue function| doPrint function| doPrintIgnoreScroll function| getMaxChildWidth string| extendFront_ string| extendBehind_ string| isDDR_ string| ignoreScroll undefined| maxChildWidth function| createDropdown function| genJSONObject function| setupForgotPage function| createDropdown2Level object| BHForceChangePasswordForm object| BHForceChangeUserIdForm object| BHAtmBatchRegisterForm object| BHActivateUserByTopForm object| BHForgotForm object| BHActivateIdForm object| BHDeactivateIdForm string| bubbleImage string| bubbleImage2 string| bubbleImage3 function| getElementsByClassName function| bindBubble function| bindBubbleDynamic function| bindBubbleDynamicBottom function| bindBubbleTxtInput function| attachBubble function| attachBubbleSmall function| attachBubbleBottom function| detachBubble function| findPos object| BrowserDetect object| jQuery1101075741489417878330 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
domesticdiscount.tk
www.ktbnetbank.com
192.161.48.66
2001:df3:2900:0:202:12:117:134
067cf2fd5c86173719fccb46e3f98d35d569d904997531cc9b9ddf4fd240d592
0817a56f12bbcff53dfaac0eb3f49909cf68ffcabd8c4055be8211f255d2e0ee
0aaf929567477933bcccb44bac06659f445f58323c1369bdb0e45bf5a73cc635
1d950e544b61bf86cbdbbb3615f06cff789e6e395e60cfb9602680bfa5f130ad
3630bd75a918ed773d02d19f71d06f899cbc9865714509325531e8339ef8af5f
36dbd8f816542774a5b62c4641a40f753edb2a471296f0f2c9ead1c0eb87c6d7
448acf08cb660bb59ac659ddc84e5d79af0cd7a5f76a908047a917b550eea34e
473ef353300605fc380bebe16c39f3eae3501a70ced784e201756b9c3a3ba8ef
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
4c4863fa78a3cb7022eab68553df67f3884cea25e3e8e89081951cf50b51b41a
4fe2ba0eeaad37a3c07770337b024a00fb04279c915d611cd091cb2804746d0b
52b5c14db3619a49df5ac008a22bfad9d7dfa0455139fd6313dcfa0e3dc2eb72
52ba62d72c3cfac368cc622c9efd4eac60158923361a4fff6b57a730c125d978
6f07309b3baa1ccfb7086cd6b17a4eba17c25aeac54c489212db66468ad785d5
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83
71ffb87dcd03e70382385a476d679dc399102c9125be899ae59d51f3ac020bb6
75ad6d984b5f7c6573bbc06e925af268b634bfa10a64dab98091b62e15c30054
7ac25dc72694f1b413706c8921930406cafe6d8a7775403dbb53e8c68ed8bc8d
8ff0453fe4ff062392c6522770f9d1ce6046744f4a21baeb5fe718a2e44f6d43
937fc8439209a4c6c86548675a207cf82ff645c4933f8414208dadecf8f5a7c6
95e8bb651cdbc5d4f3f745d2e2c67ffec4fcc919f225cee7bc971c4b08959983
9f647f08933b2af5216757b2d96c009235fc176e37b905cbc078d84bb5701fec
ab6c7b283eb273a147bce1dcf8a2e47a06b5393637804d085a7f1c2f95cf08b6
ba929cd49a6a6e737d0ba1c9083dec0cae821a482769856ad35bb2678e9a7317
c2db53c903fb81da8ccfaeeaed115c0cdbe7d8c4d633a69ebb365082124f98d5
c5f161b6a0cc4712a9f73ccc49a4504c48f515580d2816cb32f593f96f27b9eb
c6aada8ba17eefef714da7a23b1bce0ce096fb474711b6023a8222f1c1046f68
cddbf405266cd4b3e66229592e63666012dbceaaad02635af5da9d303bfd3ed1
cf44b1adc0289d65fe18b66de7902f41a95a2f85d6103df6baa614db44d4efe4
d5c1f2b2ce3197cfe375d8aecac81a28214821c54f246d2675fe6d3829136ec5
d74cfac8ff595872ca3f6837e46c36039e00bac0b927d664d3310a2463ea048c
dadf4072dafe84715fffe5a6fcafb4b61269b63063ebb4b8c908b838521a5512
fb38029056b55c4b7ef018f3ee79e82495bab50a87f9ce160022d9d35d02d238