teslaq4.com
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Submission: On November 25 via manual from IT — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on November 21st 2022. Valid for: 3 months.
This is the only time teslaq4.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
static.tumblr.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-210-117.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
ASN60068 (CDN77 ^_^, GB)
widget-v2.smartsuppcdn.com | |
translations.smartsuppcdn.com |
ASN20940 (AKAMAI-ASN1, NL)
res-5.cloudinary.com |
ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net
bitcoinet.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
disquscdn.com
a.disquscdn.com — Cisco Umbrella Rank: 9110 c.disquscdn.com — Cisco Umbrella Rank: 4544 |
39 KB |
7 |
teslaq4.com
teslaq4.com |
147 KB |
6 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 6034 |
256 KB |
5 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com — Cisco Umbrella Rank: 47375 translations.smartsuppcdn.com |
176 KB |
4 |
tumblr.com
static.tumblr.com — Cisco Umbrella Rank: 34405 |
619 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com — Cisco Umbrella Rank: 46717 bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 43126 |
6 KB |
1 |
bitcoinet.org
bitcoinet.org |
19 KB |
1 |
cloudinary.com
res-5.cloudinary.com — Cisco Umbrella Rank: 61672 |
3 KB |
1 |
medium.com
cdn-images-1.medium.com — Cisco Umbrella Rank: 45627 |
10 KB |
1 |
twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 706 |
19 KB |
1 |
telegra.ph
telegra.ph — Cisco Umbrella Rank: 117637 |
4 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 677 |
24 KB |
42 | 12 |
Domain | Requested by | |
---|---|---|
11 | c.disquscdn.com |
teslaq4.com
|
7 | teslaq4.com |
teslaq4.com
|
6 | i.imgur.com |
teslaq4.com
|
4 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
|
4 | static.tumblr.com |
teslaq4.com
|
1 | translations.smartsuppcdn.com |
widget-v2.smartsuppcdn.com
|
1 | bitcoinet.org |
teslaq4.com
|
1 | res-5.cloudinary.com |
teslaq4.com
|
1 | cdn-images-1.medium.com |
teslaq4.com
|
1 | a.disquscdn.com |
teslaq4.com
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | www.smartsuppchat.com |
teslaq4.com
|
1 | pbs.twimg.com |
teslaq4.com
|
1 | telegra.ph |
teslaq4.com
|
1 | code.jquery.com |
teslaq4.com
|
42 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.teslaq4.com GTS CA 1P5 |
2022-11-21 - 2023-02-19 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.tumblr.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-14 - 2023-12-15 |
a year | crt.sh |
*.telegra.ph Go Daddy Secure Certificate Authority - G2 |
2022-09-13 - 2023-10-15 |
a year | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-06 - 2023-11-06 |
a year | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-01 - 2022-12-29 |
a year | crt.sh |
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-10-07 - 2023-11-08 |
a year | crt.sh |
*.smartsuppcdn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-10-19 - 2023-11-19 |
a year | crt.sh |
a.disquscdn.com Amazon |
2022-09-30 - 2023-10-29 |
a year | crt.sh |
medium.com Cloudflare Inc ECC CA-3 |
2022-10-24 - 2023-01-22 |
3 months | crt.sh |
*.cloudinary.com Go Daddy Secure Certificate Authority - G2 |
2022-01-10 - 2022-12-20 |
a year | crt.sh |
www.bitcoinet.org AlphaSSL CA - SHA256 - G2 |
2021-07-30 - 2022-08-31 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://teslaq4.com/btc/index.html
Frame ID: 736210A53D4D6ECC0E910D3196666AEC
Requests: 16 HTTP requests in this frame
Frame:
https://teslaq4.com/btc/btc1/index.html
Frame ID: 414C82D9AE98A2FA10A897F982219CAD
Requests: 22 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.ae11910a.js
Frame ID: CA6736E0192A65FF0A4745E4B65C399D
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
3445 BTC leftDetected technologies
Medium (Blogs) ExpandDetected patterns
- medium\.com
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Clipboard.js (Miscellaneous) Expand
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
teslaq4.com/btc/ |
36 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.slim.min.js
code.jquery.com/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http__get-mcafee.market_b_index_files_clipboard.js
static.tumblr.com/do7iv2w/swtpwjat5/ |
8 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http__get-mcafee.market_b_index_files_bootstrap.js
static.tumblr.com/do7iv2w/Rddpwjavf/ |
36 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m2.css
static.tumblr.com/bejxdgc/NDhpx23f1/ |
64 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-branding-base.css
static.tumblr.com/bejxdgc/H7hpx23gv/ |
510 KB 511 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
big.css
teslaq4.com/assets/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments.css
teslaq4.com/assets/ |
151 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u.css
teslaq4.com/assets/ |
203 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51a37631516be9ff2d22b.png
telegra.ph/file/ |
5 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode.FAHV6Bk8ck.png
teslaq4.com/btc/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
351kRoj.gif
i.imgur.com/ |
69 KB 70 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IY9Gx6Ok_400x400.jpg
pbs.twimg.com/profile_images/1590968738358079488/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.html
teslaq4.com/btc/btc1/ Frame 414C |
77 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
def31fc5f88d58714995766224402ba435166975.json
bootstrap.smartsuppchat.com/widget/ |
1 KB 653 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comments.css
teslaq4.com/assets/ Frame 414C |
151 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noavatar92.png
a.disquscdn.com/images/ Frame 414C |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
2 KB 716 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/7583/7385/ Frame 414C |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/9024/4726/ Frame 414C |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/27849/6513/ Frame 414C |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rhJ6eVw.jpg
i.imgur.com/ Frame 414C |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/27664/8908/ Frame 414C |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/28917/2462/ Frame 414C |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/28574/6860/ Frame 414C |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/26955/8733/ Frame 414C |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/28074/8772/ Frame 414C |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*0RSQXHX61dj0KM_8YVg7ew.png
cdn-images-1.medium.com/max/800/ Frame 414C |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vxqonnllavoc1oxip9y5.png
res-5.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco/v1475671229/ Frame 414C |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/28656/9582/ Frame 414C |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mz4eKzr.jpg
i.imgur.com/ Frame 414C |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bitcoin-logo-png.png
bitcoinet.org/004new/ Frame 414C |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MlUy1gU.png
i.imgur.com/ Frame 414C |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8z676sv.jpg
i.imgur.com/ Frame 414C |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MrHkBGo.jpg
i.imgur.com/ Frame 414C |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/28670/9160/ Frame 414C |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
c.disquscdn.com/uploads/users/13821/5703/ Frame 414C |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.ae11910a.js
widget-v2.smartsuppcdn.com/static/js/ Frame CA67 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.12acd1fb.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame CA67 |
524 KB 144 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9714ee62.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame CA67 |
114 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaults
translations.smartsuppcdn.com/api/v1/widget/translations/lang/en/ Frame CA67 |
5 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery string| ADDRESS function| wait function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans object| times function| setProgress number| ctd object| clipboard object| _smartsupp function| smartsupp boolean| SMARTSUPP_LOADED object| $smartsupp object| tr string| INT string| OUT string| TXID string| TXID2 string| INCIN string| INOUT number| trans2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
teslaq4.com/ | Name: ssupp.vid Value: viLwpg3OiF4xQ |
|
teslaq4.com/ | Name: ssupp.visits Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.disquscdn.com
bitcoinet.org
bootstrap.smartsuppchat.com
c.disquscdn.com
cdn-images-1.medium.com
code.jquery.com
i.imgur.com
pbs.twimg.com
res-5.cloudinary.com
static.tumblr.com
telegra.ph
teslaq4.com
translations.smartsuppcdn.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
146.75.116.193
149.154.164.13
18.195.210.117
192.0.77.40
193.109.246.58
199.232.194.49
2001:4de0:ac18::1:a:2b
2600:9000:21f3:ca00:6:8656:f5c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:7::a29f:9804
2a02:26f0:6c00:286::523
2a02:6ea0:c700::10
2a02:6ea0:c700::19
2a06:98c1:3121::3
0f4452800780ae71ecb63b107e62ba985554407df32425a91416a3687c39cb1e
195e9b5b9a8526ea8e5bb119ce32cc65550ee79dace6aded9809040595d49468
1fb86faf97c6e4d43224aed17c15fbe66beb2d6e3da4f989b8b56615917e7e90
290c40793e501443936e70d00af12c4cdbb4d7b345a614731354e26e0aa9c75a
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
2e1b6f6eba2154d3ec903bf754ec64f3908fce7b06b6312734f9b334b524a945
30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84
329e78b4d2ca494ee7ed05e3baf6c80ae36af9977dcf9679850ea2f085b0e480
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3c2a4fcf7c45434385a0ced9a4263b5ca00c20e19618441c8836879283ce2bf4
43b9a121dc783cb2727bd154299d772301a0b833ba9eafb7e39a956fe62a36c7
4946ed6bdd2a343d84e96a5eb3e7df829340039e105d7e142992c32940adc3f0
4edb91d880958d290e76c6678b1584b4eca8747b643720f827b79548272c7b25
5041f74608262ff980fd675d54f9efc700c09e5fe8f36e61a16817f572305ca1
509b5ba7321967ca585381f4fb4deaa70badd47005631569cc9d5f34448f8acc
51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
60c6f305c2f53373ea45547505e65375033ff2dd6ae2b1d0cd6770d7dbbd9a96
60cfa28b7eb57e5ec992f652f1f5061c3e46047cb2454b980eb6de61d18aafa4
6126b33edb7d1fb744bb158002f29941f12e3cc8869d2228aa3764308c44b823
7a0d6cbf8e1df80325986639e1681263dacde952e8d6cc52da0c822926e85097
8628b5fdbe7c30f90244833095e33d9e8b6f13bdc6a4e98cc4d1854095ca31b3
8fd5616e009e22d6655472d3ffa3906f0a2cf9a42a45b434f2a607b474b2bcd4
9870fc2b678d8df515dc6c96eded04f83d89ebecf5eaf223d1b15915837fde5b
98e75d49a78ba9d4de665766d68554662f4fd4bdcd4187f320afbc946d8c4db9
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a91c981b3b5d12ca2ce664bd78737f490278ae0973d5297aa5ff87631a606945
ac45685655b3fa89252de4b5c6ba123ce72764d707c3a8bc213394a74352f0b1
ae73df4b0f9deff30bab1c43fb70ed1ce3d027e1cd2d0b2fc9be80b7c5fc6a93
aee03f32eaf0f0be700dc8dfa012de0c5d13e3ea2d774519360c4a9d59921a76
af1f612986de271c45f95cd021cec4739e8e9603d45a05b2acbc7349a1bcb761
b2cef027f5ecb58b1430c44b295c1cd34e66d36bdd5e6a8ae1ada00e36da9b94
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
d595128e907b1698738303076564353264230574ffa99b1a2fea2b7ff5d65630
da3059697f642fb02d5b60e3ae48db8d756a423dffcadd0b934678862e04e97e
db2c90435c2b444d41f028b2eeedb8db12baecb141d3bcfa2c8bcff3f7216faf
dc551405fda0ca6241baa4723407604302cbc9b75d7cfb440e1d0be09f2dff45
e6634582ebe091dc504d27a360a01416fba144be42b2efa87ee1bfde511fd3e3
e9d0ed0c04e6893f1afbde913352cba6aef5895dd629f47efcef0e0f62eb4b8a
ea17e0590ca4d7e707276675c7649529a36ca883430ce1ae45310f790ae11447
f1e3f521ede83768f1d2cf22bb45f20da8db96a7676d7657fb6d187e141d1f3c