usa2024.net
Open in
urlscan Pro
104.21.46.120
Malicious Activity!
Public Scan
Effective URL: https://usa2024.net/
Submission Tags: phisherman
Submission: On March 27 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by GTS CA 1P5 on March 14th 2023. Valid for: 3 months.
This is the only time usa2024.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.138.139 172.67.138.139 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 104.21.46.120 104.21.46.120 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 172.67.38.66 172.67.38.66 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.86.20 104.16.86.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
44 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8059 va.tawk.to — Cisco Umbrella Rank: 7923 |
219 KB |
17 |
usa2024.net
1 redirects
usa2024.net |
352 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334 |
39 KB |
44 | 3 |
Domain | Requested by | |
---|---|---|
22 | embed.tawk.to |
usa2024.net
embed.tawk.to |
17 | usa2024.net |
1 redirects
usa2024.net
|
5 | va.tawk.to |
embed.tawk.to
|
1 | cdn.jsdelivr.net |
embed.tawk.to
|
44 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.usa2024.net GTS CA 1P5 |
2023-03-14 - 2023-06-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-28 - 2023-05-28 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://usa2024.net/
Frame ID: 89574332FE29DBB23639A371FEB8888C
Requests: 36 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/641d54f6f05/css/message-preview.css
Frame ID: E5508BB1283E421B2B9F41E906C3870C
Requests: 1 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/641d54f6f05/css/min-widget.css
Frame ID: 6B8D31EA1FC05A6125202D15B5716899
Requests: 1 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/641d54f6f05/css/bubble-widget.css
Frame ID: 13855916F13E0A33920C1DB514AF57F5
Requests: 3 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/641d54f6f05/css/max-widget.css
Frame ID: 9FABD11D4C74D57E4B0D611535CA5424
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Biggest giveaway CRYPTO of $100 000 000Page URL History Show full URLs
-
http://usa2024.net/
HTTP 301
https://usa2024.net/ Page URL
Detected technologies
Tawk.to (Live Chat) ExpandDetected patterns
- //embed\.tawk\.to
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://usa2024.net/
HTTP 301
https://usa2024.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
usa2024.net/ Redirect Chain
|
46 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
44 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creator.png
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
217 KB 218 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.png
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
105 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
random.min.js
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qrcode.min.js
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1grde1559
embed.tawk.to/640f129431ebfa0fe7f24490/ |
2 KB 944 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.png
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/images/ |
555 B 555 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background2.png
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/images/ |
555 B 555 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish-700.woff2
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/fonts/mulish/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish-800.woff2
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/fonts/mulish/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish-400.woff2
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/fonts/mulish/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish-500.woff2
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/fonts/mulish/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish-600.woff2
usa2024.net/Biggest%20giveaway%20CRYPTO%20of%20$100%20000%20000_files/fonts/mulish/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-main.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
121 B 182 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-vendor.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
206 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
193 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-runtime.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-app.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
151 B 287 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-settings
va.tawk.to/v1/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
start
va.tawk.to/v1/session/ |
982 B 990 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
start
va.tawk.to/v1/session/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.js
embed.tawk.to/_s/v4/app/641d54f6f05/languages/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-2c78ba82.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
942 B 530 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
546 B 419 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/641d54f6f05/js/ |
73 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
message-preview.css
embed.tawk.to/_s/v4/app/641d54f6f05/css/ Frame E550 |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
min-widget.css
embed.tawk.to/_s/v4/app/641d54f6f05/css/ Frame 6B8D |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bubble-widget.css
embed.tawk.to/_s/v4/app/641d54f6f05/css/ Frame 1385 |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
max-widget.css
embed.tawk.to/_s/v4/app/641d54f6f05/css/ Frame 9FAB |
74 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ |
295 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 1385 |
22 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 1385 |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v3
va.tawk.to/log-performance/ |
5 B 115 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v3
va.tawk.to/log-performance/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| data object| Tawk_API object| Tawk_LoadStart function| Vue function| Random function| QR8bitByte function| QRCodeModel object| QRMode object| QRErrorCorrectLevel object| QRMaskPattern object| QRUtil object| QRMath function| QRPolynomial function| QRRSBlock function| QRBitBuffer object| QRCodeLimitLength function| QRCode string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.usa2024.net/ | Name: __ddg1_ Value: f6hZiUnsvnZgL2yxzpNP |
|
usa2024.net/ | Name: twk_idm_key Value: eNG4nbF_QpGHeR3yPuiOx |
|
usa2024.net/ | Name: TawkConnectionTime Value: 0 |
|
.usa2024.net/ | Name: twk_uuid_640f129431ebfa0fe7f24490 Value: %7B%22uuid%22%3A%221.70gABVZrCKYzGX2gJKIWvDjWiv6cWDpz8ozmCiOvO1BItyinoEn9oINIWSew2B3wmpR1hZVJZmisGHnXoKVLROZUhRcCaBAXeX4t1E45dhORiJeiLkMQ%22%2C%22version%22%3A3%2C%22domain%22%3A%22usa2024.net%22%2C%22ts%22%3A1679959618522%7D |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
embed.tawk.to
usa2024.net
va.tawk.to
104.16.86.20
104.21.46.120
172.67.138.139
172.67.38.66
05da7242dd779875526433f7f326a4dc31faa01e1b48773e47198cf1c114852c
070ea06b38d3fca521fa8587d37e905519fbcb661dd67062381f978908830541
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
27c90a77cbe67458dbaa1c52a9cc955d62a4e39bd999c62b52582f122371fca7
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34be89044c825815f1d9c9a336c3719d1fac8d36c24a83c4c1ecc94992530d08
39168c3e8d0df798eca54f36a1726171062cabfe874afe293dbe36c3636ff3f2
447393868b8d0d79a22a7cf66703f8f458de16377ecde2f465744b6c09986c92
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4f703ca93b84daf0ba8298ddf9c6bc8420d8dac01b1966b2608d0efd0a4b24b5
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
58d193046726823019c92755da4f5757c2d8fc393bd8ef19eaaaf631216139b8
590c44a63c0439b876ff55395be95412a992855b5506f73400740de2234fa8e5
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
8140cf76df763f4bc7cae73d3e854750ca2ff6bb2097f57c656aa14f6cd876d7
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
9be28c21e6aecf7890ac1cc0f7178c277a97e3d63d1a81c23fa4385e5d5406f7
abd9f756ab6f8d858e73f4b8d8194ed99333d58fcadafbb50cac353fbaf9a03f
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
ce561b50d63db44dd8a0bf43b38d941319cc0f5e60c525d881d483d606d92443
d21e8d6124f75e39b74ed6208c0d47d4ce335f38b02eaf1a30739bc783327e22
d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
dd8b8f595188c813108781f358cba4f7f08dad9ab0b73d4a5b99478f49357ba2
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f67471bd055cce603d7d7c9d3b70b9a5c3a8aedede8b1f11b53dd21fd5566659
f7f691762aa8697167af6f9d2dadd15a98629f9d2f91495fcefa41bfbefbe540
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867