twitier.live
Open in
urlscan Pro
68.65.122.76
Malicious Activity!
Public Scan
Effective URL: https://twitier.live/login1/i/flow/login.php
Submission: On February 08 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 7th 2022. Valid for: a year.
This is the only time twitier.live was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Twitter (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.241.78.86 162.241.78.86 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
8 | 68.65.122.76 68.65.122.76 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
24 | 2606:4700:10:... 2606:4700:10::6816:1883 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:10:... 2606:4700:10::ac43:2642 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
40 | 8 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server113-4.web-hosting.com
twitier.live |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8643 va.tawk.to — Cisco Umbrella Rank: 8298 |
212 KB |
8 |
twitier.live
twitier.live |
72 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
2 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440 |
39 KB |
1 |
gstatic.com
fonts.gstatic.com |
24 KB |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2447 |
73 KB |
1 |
jcedf.org
jcedf.org |
345 B |
40 | 7 |
Domain | Requested by | |
---|---|---|
22 | embed.tawk.to |
twitier.live
embed.tawk.to |
8 | twitier.live |
jcedf.org
twitier.live |
3 | fonts.googleapis.com |
embed.tawk.to
|
3 | va.tawk.to |
embed.tawk.to
|
1 | cdn.jsdelivr.net |
embed.tawk.to
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | upload.wikimedia.org |
twitier.live
|
1 | jcedf.org | |
40 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.jcedf.org R3 |
2021-12-11 - 2022-03-11 |
3 months | crt.sh |
twitier.live Sectigo RSA Domain Validation Secure Server CA |
2022-02-07 - 2023-02-07 |
a year | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-10-19 - 2022-11-17 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-28 - 2022-06-27 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://twitier.live/login1/i/flow/login.php
Frame ID: 464CD2339629A6B337F8575371A7FF67
Requests: 30 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/61f79c81ed1/css/min-widget.css
Frame ID: A0A53716DFBA3E897D4E67370ACB0878
Requests: 3 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/61f79c81ed1/css/bubble-widget.css
Frame ID: 52400D5AEBA54E32E3A51E7C0CF0D142
Requests: 3 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/61f79c81ed1/css/message-preview.css
Frame ID: B76A9B130EDF342888B4FBEED3A475AA
Requests: 2 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/61f79c81ed1/css/max-widget.css
Frame ID: 98AED3C88B00F8A9343D1F3AA757A0F5
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
TwitterPage URL History Show full URLs
- https://jcedf.org/exit/2.html?id=WLf9G9522287WLf9G95222871644320832 Page URL
- https://twitier.live/login1/i/flow/login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Tawk.to (Live Chat) Expand
Detected patterns
- //embed\.tawk\.to
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://jcedf.org/exit/2.html?id=WLf9G9522287WLf9G95222871644320832 Page URL
- https://twitier.live/login1/i/flow/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
2.html
jcedf.org/exit/ |
103 B 345 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login.php
twitier.live/login1/i/flow/ |
5 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
twitier.live/login1/i/flow/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.redirect.js
twitier.live/login1/i/flow/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
twitier.live/login1/i/flow/js/ |
623 B 485 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
twitier.live/login1/i/flow/bootstrap/js/ |
61 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
twitier.live/login1/i/flow/bootstrap/css/ |
158 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
twitier.live/login1/i/flow/css/ |
2 KB 663 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.png
twitier.live/login1/i/flow/img/ |
787 B 987 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2048px-Twitter_Verified_Badge.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/e/e4/Twitter_Verified_Badge.svg/ |
72 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1fra8ilvf
embed.tawk.to/6201294db9e4e21181bddbb3/ |
2 KB 941 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-main.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
121 B 189 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-vendor.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
192 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
144 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-runtime.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-app.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
151 B 293 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
register
va.tawk.to/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-settings
va.tawk.to/v1/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en.js
embed.tawk.to/_s/v4/app/61f79c81ed1/languages/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
942 B 781 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
546 B 670 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ |
70 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
min-widget.css
embed.tawk.to/_s/v4/app/61f79c81ed1/css/ Frame A0A5 |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bubble-widget.css
embed.tawk.to/_s/v4/app/61f79c81ed1/css/ Frame 5240 |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
message-preview.css
embed.tawk.to/_s/v4/app/61f79c81ed1/css/ Frame B76A |
37 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame A0A5 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
max-widget.css
embed.tawk.to/_s/v4/app/61f79c81ed1/css/ Frame 98AE |
72 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 5240 |
22 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame B76A |
7 KB 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 5240 |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 98AE |
7 KB 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame A0A5 |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ |
295 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
v3
va.tawk.to/log-performance/ |
5 B 344 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Twitter (Social Network)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| bootstrap object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window object| emojione4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
va.tawk.to/ | Name: ss Value: 1zx2l49bis |
|
va.tawk.to/ | Name: tawkUUID Value: e0PAS6vke%2BlESs7YHjLUNk5rAqlJolAgSaI84HW0f%2BjJDUEBlql7EufmS9CXF0%2Ft%7C%7C2 |
|
twitier.live/ | Name: TawkConnectionTime Value: 0 |
|
.twitier.live/ | Name: __tawkuuid Value: e::twitier.live::ksrF4v9Gn56bNK4Y5cy4XiqFanTIvsCxJ6TWiJ1STKAzxY0XzokDclnYGdUy6RdF::2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
jcedf.org
twitier.live
upload.wikimedia.org
va.tawk.to
162.241.78.86
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700::6810:5814
2620:0:862:ed1a::2:b
2a00:1450:4001:800::200a
2a00:1450:4001:810::2003
68.65.122.76
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
0ad589bf743a187084905d411a3ceb71a73a10da7ab91f2dc4c6e5dc7d0cee9f
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
17d7355e7df1ee4e892cc486a7d1157679b74901940c8bc356a73ca5d0f93333
1db66f31dd3cd452ed4468001911c0c108d8639845e1cd6db4755f162014d93d
217327cca6a59790ab8f0c0b4479d1daefe73478b9f65429688084e3ef189364
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
3c724dd6478f067068d172c8066da01e2c97479bd75157aafa65ef8bbe4fe7e4
444b98c7adf87869526e93cf722a1208ed7612dd8e355320d43a578b5b4aa7aa
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
4b4331a6bc768de00916107395e9453b2ed542ab00ec80a29fbdbd3375915b42
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
651c9ec8a669bab8b6ea1ca1d08cd1d5df8acb91ab895660726a9eb4461d03c7
6d69ae5c4892d35573385da52afebec92fb02feaf7670b0684c1b2aa6f2cfb98
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9c95a10b7a413eee802a08d27da8d2ebad1b1463ce898080a10d0efe5bcf0b7d
a31468a8bcc6a38df3e647708976a861d3579155082a3dc8ec193a58b73f7d38
a44a41a1ca5c56b7c8e93f6ac217c528a9fb559c3060d08816655dd8e047a177
a5421b5cf5694f67e635ea551689d418438abe696b03a2e961a65cc1d5022eba
a6cdb2fe9d4f3c136d30f4e57f96a0aa063ddb093c1c6fefcf3943eee3e834b7
b126d9a214a72de525e4092536f8b196706433328d7bf122c295937d4ba99a10
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
d51e06cb8173746b72685b018e63354580020fd78161516a62aef89f3a0eb736
dd74603391915eda19222c51e5b0ea4bafc3ba91ec382884f377d72efe7637e8
f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e