www.trustwallet.quickhelpdesk.live
Open in
urlscan Pro
162.55.238.94
Malicious Activity!
Public Scan
Submission: On July 20 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.
This is the only time www.trustwallet.quickhelpdesk.live was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Trustwallet (Crypto)Domain & IP information
ASN24940 (HETZNER-AS, DE)
PTR: server2.lytehosting.com
www.trustwallet.quickhelpdesk.live |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
acquisitionlab.s3.ap-southeast-2.amazonaws.com |
ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 19018 |
393 KB |
7 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 255 |
70 KB |
5 |
trustwallet.com
trustwallet.com — Cisco Umbrella Rank: 57727 |
564 KB |
4 |
gstatic.com
fonts.gstatic.com |
76 KB |
4 |
flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 44215 |
16 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 367 |
159 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2651 |
23 KB |
1 |
freepik.com
img.freepik.com — Cisco Umbrella Rank: 25061 |
4 KB |
1 |
vista.com
cdn.create.vista.com — Cisco Umbrella Rank: 450457 |
70 KB |
1 |
tinypic.host
tinypic.host — Cisco Umbrella Rank: 799138 |
174 KB |
1 |
amazonaws.com
acquisitionlab.s3.ap-southeast-2.amazonaws.com |
9 KB |
1 |
tidio.co
1 redirects
code.tidio.co — Cisco Umbrella Rank: 15282 |
486 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74 |
1 KB |
1 |
quickhelpdesk.live
www.trustwallet.quickhelpdesk.live |
7 KB |
39 | 14 |
Domain | Requested by | |
---|---|---|
8 | widget-v4.tidiochat.com |
www.trustwallet.quickhelpdesk.live
code.tidio.co |
7 | cdnjs.cloudflare.com |
www.trustwallet.quickhelpdesk.live
|
5 | trustwallet.com |
www.trustwallet.quickhelpdesk.live
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | cdn-icons-png.flaticon.com |
www.trustwallet.quickhelpdesk.live
|
4 | cdn.jsdelivr.net |
www.trustwallet.quickhelpdesk.live
cdn.jsdelivr.net |
1 | stackpath.bootstrapcdn.com |
www.trustwallet.quickhelpdesk.live
|
1 | img.freepik.com |
www.trustwallet.quickhelpdesk.live
|
1 | cdn.create.vista.com |
www.trustwallet.quickhelpdesk.live
|
1 | tinypic.host |
www.trustwallet.quickhelpdesk.live
|
1 | acquisitionlab.s3.ap-southeast-2.amazonaws.com |
www.trustwallet.quickhelpdesk.live
|
1 | code.tidio.co | 1 redirects |
1 | fonts.googleapis.com |
www.trustwallet.quickhelpdesk.live
|
1 | www.trustwallet.quickhelpdesk.live | |
39 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
apps.apple.com |
play.google.com |
trustwallet.com |
chrome.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.trustwallet.quickhelpdesk.live R3 |
2023-07-20 - 2023-10-18 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
*.s3-ap-southeast-2.amazonaws.com Amazon RSA 2048 M01 |
2023-04-11 - 2024-02-07 |
10 months | crt.sh |
freepik.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-10 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
tinypic.host GTS CA 1P5 |
2023-07-10 - 2023-10-08 |
3 months | crt.sh |
create.vista.com Cloudflare Inc ECC CA-3 |
2022-12-14 - 2023-12-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.trustwallet.quickhelpdesk.live/
Frame ID: EE9F94005ED27FA3995C305241D515D8
Requests: 30 HTTP requests in this frame
Frame:
https://widget-v4.tidiochat.com/1_175_0/static/js/chunk-WidgetIframe-ceb9127a58d2ba374148.js
Frame ID: 4CE93074E7DAC5C14046CA1EC16982BE
Requests: 5 HTTP requests in this frame
Frame:
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 29869C5369372A7840D63490D6495BB7
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Trust Wallet Help DeskDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
OWL Carousel (Widgets) Expand
Detected patterns
- <link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
- owl\.carousel.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: DOWNLOAD ON THE App Store
Search URL Search Domain Scan URL
Title: GET IT ON Google Play
Search URL Search Domain Scan URL
Title: DOWNLOAD APK 6.0+ Android
Search URL Search Domain Scan URL
Title: AVAILABlE Chrome Web Store
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://code.tidio.co/4f7fgrqi3sjnffi2h9qkosd6ao1duulo.js HTTP 302
- https://widget-v4.tidiochat.com/1_175_0/static/js/render.ceb9127a58d2ba374148.js
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.trustwallet.quickhelpdesk.live/ |
31 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ |
227 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ |
72 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
render.ceb9127a58d2ba374148.js
widget-v4.tidiochat.com/1_175_0/static/js/ Redirect Chain
|
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy3CZEi3TOJ0M17ftx0w.png
acquisitionlab.s3.ap-southeast-2.amazonaws.com/cms/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2175370.png
cdn-icons-png.flaticon.com/128/2175/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
300218.png
cdn-icons-png.flaticon.com/128/300/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
888839.png
cdn-icons-png.flaticon.com/128/888/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
888846.png
cdn-icons-png.flaticon.com/128/888/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_hero.png
trustwallet.com/assets/images/ |
88 KB 88 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_cards.png
trustwallet.com/assets/images/ |
118 KB 118 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_dex.png
trustwallet.com/assets/images/ |
193 KB 193 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_security.png
trustwallet.com/assets/images/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_dapps.png
trustwallet.com/assets/images/ |
132 KB 132 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WhatsApp-Image-2023-07-15-at-11.32.01-PM.jpeg
tinypic.host/images/2023/07/16/ |
173 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stock-vector-business-workspace-concept-stylish-young
cdn.create.vista.com/api/media/small/378610696/ |
69 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hacker-male-character-carry-huge-stolen-credit-card-fraud-phishing-data-steal-money-internet-email-spoofing_87771-23566.jpg
img.freepik.com/premium-vector/ |
3 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ |
1013 B 667 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/ |
79 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ |
43 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
77 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v13/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ |
90 KB 90 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr5KPxWnVaE.woff2
fonts.gstatic.com/s/kanit/v13/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr4uPhWnVaE.woff2
fonts.gstatic.com/s/kanit/v13/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr5aOhWnVaE.woff2
fonts.gstatic.com/s/kanit/v13/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-WidgetIframe-ceb9127a58d2ba374148.js
widget-v4.tidiochat.com/1_175_0/static/js/ Frame 4CE9 |
421 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 4CE9 |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tururu.mp3
widget-v4.tidiochat.com// Frame 4CE9 |
7 KB 7 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.ceb9127a58d2ba374148.js
widget-v4.tidiochat.com/1_175_0/static/js/ Frame 4CE9 |
575 KB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tururu.mp3
widget-v4.tidiochat.com// Frame 4CE9 |
7 KB 7 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 2986 |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 2986 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 2986 |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 2986 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Trustwallet (Crypto)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 number| uidEvent object| bootstrap function| $ function| jQuery function| chatboxToogleHandler object| SENTRY_RELEASE object| tidioChatApi2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.trustwallet.quickhelpdesk.live/ | Name: csrftoken Value: ggUeQifA1QCaj123gWUF3tUT4CxEkXLl |
|
.create.vista.com/ | Name: __cf_bm Value: R5fPRw4AJFMrhKcFswwxij5r8LtwXISZk5ZFkXmEmMo-1689882682-0-AX59KsXZkxIoRxHzMHT/L+1RxCD+KwSFVLYaaC+GxnKU60rsxjCCVp3tZbE8m4edm+w7vUHblAZ6l5cV8NN7eNU= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acquisitionlab.s3.ap-southeast-2.amazonaws.com
cdn-icons-png.flaticon.com
cdn.create.vista.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
img.freepik.com
stackpath.bootstrapcdn.com
tinypic.host
trustwallet.com
widget-v4.tidiochat.com
www.trustwallet.quickhelpdesk.live
104.26.9.183
162.55.238.94
2606:4700:10::6814:49cf
2606:4700:20::681a:88b
2606:4700:3035::6815:42a2
2606:4700::6811:190e
2606:4700::6812:bcf
2606:4700::6812:be3
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a02:26f0:480:9b6::312e
2a02:26f0:480:ba9::312e
2a04:4e42:600::485
3.5.169.12
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
142bdc53208c096417801147bed534f60c90b37b534278c3d2a692935cd13df3
3a18e531a002bdcdf4404dc127ca1aceab6b87fd834f383a95091352bbbe3f08
498117fdbd88a0e4e2ee67220a92f1a61863698dfb01b2f54f2c43e070e804a7
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5574c46f1e46350ec96f921183c25371dc909cb958c4871033325a5f3eb76ec5
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
581ca32a048e1a03c003c18ab143c645247b2d95cfff17e42466c648f5275178
58aaa2bde80e158fcb3f8388a2d40556a3649d7ee1daa1570c1e2bdfe07a97ef
5a2441f5a6abcae4a2c28b1c29afa2aca9ce5bc2c2c3ceeb84a1d531c4121bc3
63e0b90250bfc0151ca34166db70b82f790ea4b65de59889034f339d682ed5c8
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
7756866c32a6002a2f89312faef75c668576424263f3bfeaa2a09d51a9462b36
7b8b4431ed3a299c588a70db66d7cebaef7505654fbc61c3d8965aef2fbb7a48
7e3f1ad87b67664f894dcb80755a07c351f14446717882efe14ff2b2fb69b3b2
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9e22a088e0e411a08e2e2b74910c43d476e941d7764209516eb8bfb389fd03c0
a4598bb477615ae7a4eb92e3454798fed978f642ef18278ef6d45c00f0f5c398
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a72ca65b0e606434a233630537af3e362de616ec7cbcb189444cccf5827b0f4d
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b5b84eea5bc1e26b8259b1f8bcc80c454409ccb1306afe2c0d8bafb59caa1695
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
c0a7624972b163303a969b8d18fdcb2fc4f699f991ec7be0c1b5a4b3e12de988
c8c5336b910a0eb6da127d0ca6f86335018f60b5dcf8aec3e791870c64235139
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d942117b26d79ba2e5d54eeddf86fc18b72b51a6d6fc4b1287f562435a5f6901
dca2d30d34622ff0401d3e65258974494dde7b346a609f1607ccfb74266a0040
dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9