alldocument2701-2863.trinket.io
Open in
urlscan Pro
104.196.113.214
Malicious Activity!
Public Scan
Submission: On September 01 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 20th 2022. Valid for: 3 months.
This is the only time alldocument2701-2863.trinket.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 104.196.113.214 104.196.113.214 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
12 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2a00:1450:400... 2a00:1450:4001:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:215... 2600:9000:2156:a800:1d:7a5d:2a00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.138.7.19 108.138.7.19 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.15.12 18.66.15.12 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a01:7c8:aac4... 2a01:7c8:aac4:2e8::2 | 20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam) | |
37 | 11 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.113.196.104.bc.googleusercontent.com
alldocument2701-2863.trinket.io | |
trinket.io | |
www.trinket-shell.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
trinket-vendor-assets.trinket.io |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-19.fra56.r.cloudfront.net
trinket-avatars.trinket.io |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-12.vie50.r.cloudfront.net
trinket-cdn.trinket.io |
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
www.biochek.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212 |
280 KB |
12 |
trinket.io
alldocument2701-2863.trinket.io trinket.io — Cisco Umbrella Rank: 163577 trinket-vendor-assets.trinket.io — Cisco Umbrella Rank: 259873 trinket-avatars.trinket.io trinket-cdn.trinket.io — Cisco Umbrella Rank: 243461 |
194 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
40 KB |
3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
196 KB |
2 |
trinket-shell.com
www.trinket-shell.com |
2 KB |
1 |
biochek.com
www.biochek.com |
331 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
1 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
969 B |
37 | 8 |
Domain | Requested by | |
---|---|---|
12 | cdnjs.cloudflare.com |
alldocument2701-2863.trinket.io
cdnjs.cloudflare.com trinket.io |
6 | trinket.io |
alldocument2701-2863.trinket.io
trinket.io cdnjs.cloudflare.com |
5 | www.google-analytics.com |
alldocument2701-2863.trinket.io
www.google-analytics.com trinket.io |
3 | trinket-vendor-assets.trinket.io |
trinket.io
|
2 | www.trinket-shell.com |
cdnjs.cloudflare.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.biochek.com |
www.trinket-shell.com
|
1 | www.gstatic.com |
www.google.com
|
1 | fonts.googleapis.com |
trinket.io
|
1 | trinket-cdn.trinket.io |
trinket.io
|
1 | trinket-avatars.trinket.io |
trinket.io
|
1 | www.google.com |
trinket.io
|
1 | alldocument2701-2863.trinket.io | |
37 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
trinket.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
trinket.io R3 |
2022-06-20 - 2022-09-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
trinket-shell.com R3 |
2022-07-20 - 2022-10-18 |
3 months | crt.sh |
biochek.com R3 |
2022-08-04 - 2022-11-02 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://alldocument2701-2863.trinket.io/sites/html-29e7c23bb5
Frame ID: 7AA8535237D36290629C728E86A6F448
Requests: 5 HTTP requests in this frame
Frame:
https://trinket.io/published-embed/html/29e7c23bb5
Frame ID: 441DB7C9D647005A302F3E0DF3089981
Requests: 30 HTTP requests in this frame
Frame:
https://www.trinket-shell.com/2f7acd3759190903/index.html
Frame ID: 9CF39D7E8C8C1B6A43031FD954C73840
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Trinket by alldocument2701-2863Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Lodash (JavaScript Libraries) Expand
Detected patterns
- lodash.*\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Moment.js (JavaScript Libraries) Expand
Detected patterns
- moment(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
html-29e7c23bb5
alldocument2701-2863.trinket.io/sites/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
29e7c23bb5
trinket.io/published-embed/html/ Frame 441D |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 441D |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-mfizz.css
trinket-vendor-assets.trinket.io/font-mfizz/2.0.1/css/ Frame 441D |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.css
trinket.io/cache-prefix-1e16ca87/css/ Frame 441D |
689 KB 87 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/ Frame 441D |
82 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.2/ Frame 441D |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detectizr.min.js
trinket.io/cache-prefix-6bae8498/components/detectizr/dist/ Frame 441D |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
md5.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 441D |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sha1.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 441D |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 441D |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ Frame 441D |
850 B 969 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trinket-logo.png
trinket.io/cache-prefix-1e16ca87/img/ Frame 441D |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar-default.png
trinket-avatars.trinket.io/ Frame 441D |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.min.js
trinket-vendor-assets.trinket.io/lodash/2.4.1/dist/ Frame 441D |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bluebird.min.js
trinket-vendor-assets.trinket.io/bluebird/3.5.1/js/browser/ Frame 441D |
78 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ Frame 441D |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ Frame 441D |
248 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed-html-output-954c7a61.js
trinket-cdn.trinket.io/ Frame 441D |
134 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 441D |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dropzone.min.css
cdnjs.cloudflare.com/ajax/libs/dropzone/4.0.1/min/ Frame 441D |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 441D |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ Frame 441D |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 441D |
391 KB 156 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 441D |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 441D |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ Frame 441D |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
asset-browser.html
trinket.io/cache-prefix-1e16ca88/js/plugins/ Frame 441D |
7 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
www.trinket-shell.com/ Frame 441D |
28 B 624 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PUT H/1.1 |
metrics
trinket.io/api/trinkets/631064e72b4c21144abcba48/ Frame 441D |
68 B 457 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ Frame 441D |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
www.trinket-shell.com/2f7acd3759190903/ Frame 9CF3 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe-pdf-icon-logo-png-transparent.png
www.biochek.com/wp-content/uploads/2018/07/ Frame 9CF3 |
329 KB 331 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga string| thisLocation object| reportLink object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
trinket.io/published-embed/html | Name: browser_id Value: id16620255071780.40315127037810017 |
|
.trinket.io/ | Name: session Value: Fe26.2**a2c1a6b8d5b7df19224cf76882ec3d86a1738a40e22524f072131ab9579d6983*gLNxiHQn3Wv7TgmG_5n_mw*5K1ZgPusI4s75_OaxfLpr0uBtH9ebocxJs1B9NFpMG1pmkj6b5hz9tI1bj95UNVP**0b0fe234d7fcf492ea7be3017a39e1cea4abf22206838667db230a062054cd7a*3-RciX6PRcW4hO4vP9yN5FJJ7laQJKlsm81iXW27j3A |
|
.trinket.io/ | Name: _ga Value: GA1.2.1571366460.1662025506 |
|
.trinket.io/ | Name: _gid Value: GA1.2.1421043132.1662025506 |
|
.trinket.io/ | Name: _gat Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alldocument2701-2863.trinket.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
trinket-avatars.trinket.io
trinket-cdn.trinket.io
trinket-vendor-assets.trinket.io
trinket.io
www.biochek.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.trinket-shell.com
104.196.113.214
108.138.7.19
18.66.15.12
2600:9000:2156:a800:1d:7a5d:2a00:93a1
2606:4700::6811:180e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a01:7c8:aac4:2e8::2
030698989ef937abed0065f38a07b31f6a3b8afd633f25f7d76c545b5176d77a
1f967802628fc296ef367ea5064d52db6eb6d01bbafd828fa675f24a7761e5d5
26ddfeba7a963dd4607fd593782de6b8e9e623145b86fb9f0e4214235d98e0a4
26e7dcf56d9438d267606b01f90fa29dd3940008d6cd2e42b8c112e02f819620
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
35d6b5ff288bb35acdf34369164428e02a6898c7f662da4fc86d9208f6edd0e8
4a46dfc79fd850877881578acc9a321e47c703e9e43547952d6f6c344e508f9e
5c5afa7a4b832733e301fae05acaf113af677317bf0ae8c152796d62c34f8d0c
5d87e6a9aa1d204487584703b271120f73b999d549e7827694761f97231cbcf8
73ce8efce9d5f61a81c8503ba0fa3639fa7173f324fd5f1b84945db1f19b2c25
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a7dcb207863b588dd58e49adb2dc0fca02fae2bd10571e7ccd087067ae09f12
7b8ef13a45ecd495c56e38e9a11af5fcb85572a4b34661a63eab2b510795b3e8
80ea67035bd48ad0e9afaa95d8e353cc5c5740a827c2f0423a49491fa847ab21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
941f10d88020f9feb73015bd78b4e9913f2d791ab5eb56fa6918c0af99ee711d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6a76f3e05cee63e625e819a4ab68afa33cfc87f8cf0ea76e615ac5668c1802f
a6ac545a492e8298055b5665b7324fb6b6a0c4a55ef87dde42b0805a41ac3732
acb523217b430eb3971319a912315ec522ea6f78f9a4b0b87d5769cce375f800
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7cd00aad65aaffdeac870e9f03f19411507806e6e04ab39f1512c562b3ece06
da055cd26cef65d8d77975d9659c957ca42035c56bd9cc3c423b4624121a4da3
df61117d7806f863533acc213c4fdf87a667c109fc708eb4bedb9d35e30adb1a
e651dfff4603151fd6639d6cf9d24986df9a9419f64b1155a8f4004364c496f7
ec6c8ff09a6254c2dd80eba5e5471e6955e789f91d7db169212e54e0a7c5c4b4
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a