pdfdocument.trinket.io
Open in
urlscan Pro
104.196.113.214
Malicious Activity!
Public Scan
Effective URL: https://pdfdocument.trinket.io/sites/html-0b7691074d
Submission: On September 02 via manual from ZA — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 20th 2022. Valid for: 3 months.
This is the only time pdfdocument.trinket.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 104.196.113.214 104.196.113.214 | 15169 (GOOGLE) (GOOGLE) | |
12 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:215... 2600:9000:2156:b200:1d:7a5d:2a00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.138.7.89 108.138.7.89 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.15.51 18.66.15.51 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a01:7c8:aac4... 2a01:7c8:aac4:2e8::2 | 20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam) | |
35 | 11 |
ASN15169 (GOOGLE, US)
PTR: 214.113.196.104.bc.googleusercontent.com
pdfdocument.trinket.io | |
trinket.io | |
www.trinket-shell.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
trinket-vendor-assets.trinket.io |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-89.fra56.r.cloudfront.net
trinket-avatars.trinket.io |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-51.vie50.r.cloudfront.net
trinket-cdn.trinket.io |
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
www.biochek.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212 |
280 KB |
12 |
trinket.io
1 redirects
pdfdocument.trinket.io trinket.io — Cisco Umbrella Rank: 163577 trinket-vendor-assets.trinket.io — Cisco Umbrella Rank: 259873 trinket-avatars.trinket.io trinket-cdn.trinket.io — Cisco Umbrella Rank: 243461 |
194 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
40 KB |
3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
196 KB |
2 |
trinket-shell.com
www.trinket-shell.com |
2 KB |
1 |
biochek.com
www.biochek.com |
331 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
1 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
966 B |
35 | 8 |
Domain | Requested by | |
---|---|---|
12 | cdnjs.cloudflare.com |
pdfdocument.trinket.io
cdnjs.cloudflare.com trinket.io |
5 | trinket.io |
pdfdocument.trinket.io
trinket.io cdnjs.cloudflare.com |
4 | www.google-analytics.com |
pdfdocument.trinket.io
www.google-analytics.com trinket.io |
3 | trinket-vendor-assets.trinket.io |
trinket.io
|
2 | www.trinket-shell.com |
cdnjs.cloudflare.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | pdfdocument.trinket.io | 1 redirects |
1 | www.biochek.com |
www.trinket-shell.com
|
1 | www.gstatic.com |
www.google.com
|
1 | fonts.googleapis.com |
trinket.io
|
1 | trinket-cdn.trinket.io |
trinket.io
|
1 | trinket-avatars.trinket.io |
trinket.io
|
1 | www.google.com |
trinket.io
|
35 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
trinket.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
trinket.io R3 |
2022-06-20 - 2022-09-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
trinket-shell.com R3 |
2022-07-20 - 2022-10-18 |
3 months | crt.sh |
biochek.com R3 |
2022-08-04 - 2022-11-02 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://pdfdocument.trinket.io/sites/html-0b7691074d
Frame ID: 0B13690EE6F21820D59EBEA88A76E8DF
Requests: 5 HTTP requests in this frame
Frame:
https://trinket.io/published-embed/html/0b7691074d
Frame ID: 8D4477EC2745FD888081CD171D182418
Requests: 28 HTTP requests in this frame
Frame:
https://www.trinket-shell.com/1616fe77315f4aa6/index.html
Frame ID: FAEDB42A95934AB5476B8861AAEB34C3
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Trinket by pdfdocumentPage URL History Show full URLs
-
http://pdfdocument.trinket.io/sites/html-0b7691074d
HTTP 301
https://pdfdocument.trinket.io/sites/html-0b7691074d Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Lodash (JavaScript Libraries) Expand
Detected patterns
- lodash.*\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Moment.js (JavaScript Libraries) Expand
Detected patterns
- moment(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pdfdocument.trinket.io/sites/html-0b7691074d
HTTP 301
https://pdfdocument.trinket.io/sites/html-0b7691074d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
html-0b7691074d
pdfdocument.trinket.io/sites/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0b7691074d
trinket.io/published-embed/html/ Frame 8D44 |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 8D44 |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-mfizz.css
trinket-vendor-assets.trinket.io/font-mfizz/2.0.1/css/ Frame 8D44 |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.css
trinket.io/cache-prefix-1e16ca87/css/ Frame 8D44 |
689 KB 87 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/ Frame 8D44 |
82 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.2/ Frame 8D44 |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detectizr.min.js
trinket.io/cache-prefix-6bae8498/components/detectizr/dist/ Frame 8D44 |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
md5.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 8D44 |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sha1.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 8D44 |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 8D44 |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ Frame 8D44 |
850 B 966 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trinket-logo.png
trinket.io/cache-prefix-1e16ca87/img/ Frame 8D44 |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar-default.png
trinket-avatars.trinket.io/ Frame 8D44 |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.min.js
trinket-vendor-assets.trinket.io/lodash/2.4.1/dist/ Frame 8D44 |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bluebird.min.js
trinket-vendor-assets.trinket.io/bluebird/3.5.1/js/browser/ Frame 8D44 |
78 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ Frame 8D44 |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ Frame 8D44 |
248 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed-html-output-954c7a61.js
trinket-cdn.trinket.io/ Frame 8D44 |
134 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 8D44 |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dropzone.min.css
cdnjs.cloudflare.com/ajax/libs/dropzone/4.0.1/min/ Frame 8D44 |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8D44 |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ Frame 8D44 |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/mBwkfBPLFWI0ygbsp8eJNMkw/ Frame 8D44 |
392 KB 157 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 8D44 |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 8D44 |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
asset-browser.html
trinket.io/cache-prefix-1e16ca88/js/plugins/ Frame 8D44 |
7 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
www.trinket-shell.com/ Frame 8D44 |
28 B 624 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ Frame 8D44 |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
www.trinket-shell.com/1616fe77315f4aa6/ Frame FAED |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe-pdf-icon-logo-png-transparent.png
www.biochek.com/wp-content/uploads/2018/07/ Frame FAED |
329 KB 331 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga string| thisLocation object| reportLink object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
trinket.io/published-embed/html | Name: browser_id Value: id16621107737880.8344673362846016 |
|
.trinket.io/ | Name: session Value: Fe26.2**c0804452c26226caabe2302a76111b751bef4353c789773f2325732a0c50bcb1*-829oEr06KMrAA9HdVhJJA*JNK66msbHuXQq0BftNKiNe1LwBO0nZAwl5vOXO5DNG8pZelbmxEQq0W73Lt6NTC7**42d8d5a09dc2c40f8ef008e4278d4232866e33626e60edb33f9c82c442daa8b4*DAWpK6XCKsrG3Lkkz939FQHh3pwOr2zI4cM8NB06gnA |
|
.trinket.io/ | Name: _ga Value: GA1.2.158482528.1662110773 |
|
.trinket.io/ | Name: _gid Value: GA1.2.1384607359.1662110773 |
|
.trinket.io/ | Name: _gat Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
pdfdocument.trinket.io
trinket-avatars.trinket.io
trinket-cdn.trinket.io
trinket-vendor-assets.trinket.io
trinket.io
www.biochek.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.trinket-shell.com
104.196.113.214
108.138.7.89
18.66.15.51
2600:9000:2156:b200:1d:7a5d:2a00:93a1
2606:4700::6811:180e
2a00:1450:4001:800::2004
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a01:7c8:aac4:2e8::2
030698989ef937abed0065f38a07b31f6a3b8afd633f25f7d76c545b5176d77a
1e686cf5fa891e5403a9f292b8f3028065ae8408e6266cdc31008c341d099195
26ddfeba7a963dd4607fd593782de6b8e9e623145b86fb9f0e4214235d98e0a4
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
35d6b5ff288bb35acdf34369164428e02a6898c7f662da4fc86d9208f6edd0e8
4a46dfc79fd850877881578acc9a321e47c703e9e43547952d6f6c344e508f9e
5d87e6a9aa1d204487584703b271120f73b999d549e7827694761f97231cbcf8
73ce8efce9d5f61a81c8503ba0fa3639fa7173f324fd5f1b84945db1f19b2c25
79463c0ff990b7544625981b713bae2ab04781ac5aa456e32997ba5c06b2d6a8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8ef13a45ecd495c56e38e9a11af5fcb85572a4b34661a63eab2b510795b3e8
80ea67035bd48ad0e9afaa95d8e353cc5c5740a827c2f0423a49491fa847ab21
941f10d88020f9feb73015bd78b4e9913f2d791ab5eb56fa6918c0af99ee711d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6a76f3e05cee63e625e819a4ab68afa33cfc87f8cf0ea76e615ac5668c1802f
a6ac545a492e8298055b5665b7324fb6b6a0c4a55ef87dde42b0805a41ac3732
a8bb42d18f57262023fe404f57189ca25288d97b626221debdffb76ea8b1284d
b1bd7628007ad0b0bf006f28f7691786b5045c9c843a2d8c61aa482cdfa0928a
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da055cd26cef65d8d77975d9659c957ca42035c56bd9cc3c423b4624121a4da3
df61117d7806f863533acc213c4fdf87a667c109fc708eb4bedb9d35e30adb1a
e651dfff4603151fd6639d6cf9d24986df9a9419f64b1155a8f4004364c496f7
ec6c8ff09a6254c2dd80eba5e5471e6955e789f91d7db169212e54e0a7c5c4b4
f516bf1c2249adfed524a28ef83221e3d95007c363fd979f48a0e95beeeee267
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f7ae27f9091c0a2dd629b926fddc347723b48f65af094defdd3c1e6aa717b37d
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a