amazon.com-verify.ed9d0f5f1f76be8b348f0.site
Open in
urlscan Pro
188.166.18.197
Malicious Activity!
Public Scan
Effective URL: https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/signin.php?sslchannel=true&sessionid=W4m1bmetTz2mGOCAvD9jtKCtvwXWhlhmjaYFrZwZZ5dPDHEXW79bXnxz...
Submission Tags: @phishunt_io
Submission: On March 26 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by R3 on March 26th 2024. Valid for: 3 months.
This is the only time amazon.com-verify.ed9d0f5f1f76be8b348f0.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 188.166.18.197 188.166.18.197 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
4 | 2a02:26f0:480... 2a02:26f0:480:f::213:7ec6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
10 | 2a02:26f0:350... 2a02:26f0:3500:12::1730:17bf | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:9000:220... 2600:9000:2204:1a00:3:12d0:8d40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 34.193.81.196 34.193.81.196 | 14618 (AMAZON-AES) (AMAZON-AES) | |
37 | 5 |
ASN14061 (DIGITALOCEAN-ASN, US)
amazon.com-verify.ed9d0f5f1f76be8b348f0.site |
ASN20940 (AKAMAI-ASN1, NL)
m.media-amazon.com |
ASN20940 (AKAMAI-ASN1, NL)
images-na.ssl-images-amazon.com |
ASN16509 (AMAZON-02, US)
d35uxhjf90umnp.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-81-196.compute-1.amazonaws.com
fls-na.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
ed9d0f5f1f76be8b348f0.site
1 redirects
amazon.com-verify.ed9d0f5f1f76be8b348f0.site |
515 KB |
10 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 872 |
369 KB |
4 |
media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 375 |
126 KB |
3 |
amazon.com
fls-na.amazon.com — Cisco Umbrella Rank: 1292 |
464 B |
1 |
cloudfront.net
d35uxhjf90umnp.cloudfront.net |
12 KB |
37 | 5 |
Domain | Requested by | |
---|---|---|
20 | amazon.com-verify.ed9d0f5f1f76be8b348f0.site |
1 redirects
amazon.com-verify.ed9d0f5f1f76be8b348f0.site
|
10 | images-na.ssl-images-amazon.com |
amazon.com-verify.ed9d0f5f1f76be8b348f0.site
|
4 | m.media-amazon.com |
amazon.com-verify.ed9d0f5f1f76be8b348f0.site
|
3 | fls-na.amazon.com |
amazon.com-verify.ed9d0f5f1f76be8b348f0.site
|
1 | d35uxhjf90umnp.cloudfront.net |
images-na.ssl-images-amazon.com
|
37 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
amazon.com-verify.ed9d0f5f1f76be8b348f0.site R3 |
2024-03-26 - 2024-06-24 |
3 months | crt.sh |
m.media-amazon.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-29 - 2024-08-28 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
fls-na.amazon.com Amazon RSA 2048 M02 |
2023-12-21 - 2025-01-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/signin.php?sslchannel=true&sessionid=W4m1bmetTz2mGOCAvD9jtKCtvwXWhlhmjaYFrZwZZ5dPDHEXW79bXnxzVR3OsG010Y47YnCRr5kwNs2g
Frame ID: 8A5A7D496F6ECFE4C53E13257EC94EEF
Requests: 37 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/
HTTP 302
https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/ Page URL
- https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/signin.php?sslchannel=true&sessionid=W4m1bmetTz2mGOCAvD9jtKCtvwXWhlhmjaYF... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/
HTTP 302
https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/ Page URL
- https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/signin.php?sslchannel=true&sessionid=W4m1bmetTz2mGOCAvD9jtKCtvwXWhlhmjaYFrZwZZ5dPDHEXW79bXnxzVR3OsG010Y47YnCRr5kwNs2g Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/ HTTP 302
- https://amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/ Redirect Chain
|
384 B 683 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
signin.php
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/ |
31 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
141 KB 142 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
20 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.payment.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
12 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
additional-methods.min.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
17 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.maskedinput.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Valid.AU.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
40 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enc.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/assets/js/ |
8 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
31bJewCvY-L.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/js/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sempak1.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/js/ |
15 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
61A6IErPNXL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/css/ |
133 KB 133 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01SdjaY0ZsL._RC_31jdWD+JB+L.css,51ndJ60shfL.css_.css
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/css/ |
57 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
21PFuszay6L.css
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sempak4.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/js/ |
14 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sempak3.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/js/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sempak5.js
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/gp/media/js/ |
2 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFPk-9IF4FqAqY-.woff2
m.media-amazon.com/images/S/sash/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pDxWAF1pBB0dzGB.woff2
m.media-amazon.com/images/S/sash/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61yXDIPmT-L._RC%7C11Y+5x+kkTL.js,51KMV3Cz2XL.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js
images-na.ssl-images-amazon.com/images/I/ |
310 KB 93 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21ZMwVh4T0L._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61LkS2hKHIL.js_.js
images-na.ssl-images-amazon.com/images/I/ |
104 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01wGDSlxwdL.js
images-na.ssl-images-amazon.com/images/I/ |
521 B 735 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
419yJ4MADrL.js
images-na.ssl-images-amazon.com/images/I/ |
20 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8135BpGZX3L.js
images-na.ssl-images-amazon.com/images/I/ |
323 KB 90 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
31jdfgcsPAL.js
images-na.ssl-images-amazon.com/images/I/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71eWg4Y0WcL.js
images-na.ssl-images-amazon.com/images/I/ |
171 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
517CHLnJ5ZL.js
images-na.ssl-images-amazon.com/images/I/ |
58 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8178jsL3v3L.js
images-na.ssl-images-amazon.com/images/I/ |
260 KB 66 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71WECYLMGgL.js
images-na.ssl-images-amazon.com/images/I/ |
151 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mPGmT0r6IeTyIee.png
m.media-amazon.com/images/S/sash/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonEmber_W_Bd.woff2
m.media-amazon.com/images/G/01/wg/assets/fonts/ |
64 KB 64 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
d35uxhjf90umnp.cloudfront.net/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uedata
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/rd/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATVPDKIKX0DER:134-2656945-7130221:V38FTKKB9C8HY6YYGQNH$uedata=s:%2Frd%2Fuedata%3Fld%26v%3D0.273635.0%26id%3DV38FTKKB9C8HY6YYGQNH%26m%3D1%26sc%3DV38FTKKB9C8HY6YYGQNH%26ue%3D22%26bb%3D67%26cf%3D67%26...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 150 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATVPDKIKX0DER:134-2656945-7130221:V38FTKKB9C8HY6YYGQNH$uedata=s:%2Frd%2Fuedata%3Fld%26v%3D0.273635.0%26id%3DV38FTKKB9C8HY6YYGQNH%26sc0%3Daui%3Asw%3Appft%3Acallback_ricb%26bb0%3D70%26pc0%3D77%26ld0%...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/ |
315 B 515 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| $ function| jQuery object| Aes object| Base64 object| Utf8 string| gentot string| udud string| keluaran string| ctrTxt number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl string| ue_surl number| ue_int number| ue_fcsn number| ue_urt string| ue_rpl_ns number| ue_ddq string| ue_fpf number| ue_sbuimp number| ue_ibft number| ue_sswmts number| ue_jsmtf number| ue_fnt number| ue_lpsi number| ue_no_counters string| ue_lob number| ue_sjslob number| ue_swi function| ue_viz number| ue_hoe number| ue_ihb object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart number| ue_ihe object| amzn function| cf object| metadataList undefined| input undefined| authenticationFormList number| index object| fwcimCmd object| jQuery19106671592006425453 object| regeneratorRuntime object| SiegeCrypto object| jQuery16408838334946491155 boolean| loginWithOTPState string| updatedHtml object| acic function| setImmediate function| clearImmediate number| __fwcimLoaded object| fwcim object| pie3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/ | Name: PHPSESSID Value: 70a57e0a28ebe3462f887aabd0bfdcb5 |
|
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/ | Name: csm-hit Value: tb:s-V38FTKKB9C8HY6YYGQNH|1711482145014&t:1711482145014 |
|
amazon.com-verify.ed9d0f5f1f76be8b348f0.site/ | Name: id_pkel Value: n0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon.com-verify.ed9d0f5f1f76be8b348f0.site
d35uxhjf90umnp.cloudfront.net
fls-na.amazon.com
images-na.ssl-images-amazon.com
m.media-amazon.com
188.166.18.197
2600:9000:2204:1a00:3:12d0:8d40:21
2a02:26f0:3500:12::1730:17bf
2a02:26f0:480:f::213:7ec6
34.193.81.196
020005e5fccce973dc8258de8a6400da20de1da01cddeda88cd8cfc4b489d4a9
2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89
3160a8c386a1832b765f41e091abb3dca7edc74e78c9d9c0f2d72604c9c27600
355d9c76cbb74124fc0a1e85e9a0e10ede19eac1cdace5b3e7996be55f27e85c
4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
6369118b817a8a0549092cce8b77d77ac7ec88cc76a66d3ed9e32e9c4f6fb23f
65e3ba66df0c9c45a17ac62283069d21d5e4a473d649a1d574a562a44f9a09c3
8a1ca9608771693d06b0109e1e442d495da603f32182a6527f9f1026c84780e9
8d84ad474faaa046d460c0404509f6dca9a02327f5f1f91ea6521f4cd2f38f09
92bee7f295df95fe203942c3147ecb19642f2be170bdef88288ef1adf750f2be
940cab6b7e6da2f4b437e516e861d17dbb54d695c2d0cacff08d9d0f5fb9fbb8
9494b5f25ab38baf3668843af019a487f87e05c9cb51694967be69ccb86d20c8
9741b8fcee135784a67c89f65aa8cd2d706e77ae27dcc9e0614cd183917494cc
976ac37b118aad77fd165020c0764b14c019d9d0ff17bfad4cb1a52dae1f0cac
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
af7b3921c48ce9b55ba9fdc2eb2a6baad96f74813fd86925c2f5a7526aa975ca
b647f19b39a924bb0bcfcd5a5617b20428b3a40d9a990e06bcd31b96c2c6141e
b7c97b9e03813c8a6caaf7dfe64a0d9581334a9c6b8714fcbe5356f6fab936b0
bc351c64cd81a9b0f1d9e00bb14fc9b1c4cd6fff55a173e856b2e1fd055e1c9e
bdec81d204fb4893c23f31b2dd4cf8a110eec9c06638ac98a11569b2476e6d05
be140b96f3f3f95050e2557f4fc3821be0408fb76bf4907ce132d9aabf06db6e
c459460a568697ea2988106b3a9d38d9dee5de28636734cbf1fd0bae75b0006c
cc6dbb9b29dd9e2a8d7ff0d089665d14407387cd75dbda3b1398340afe343ac1
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
cefdc9fcf77ce8e017d3e52346fbf97be83f527cfedad5b8a621710eb1f56fac
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db95da6f750a3e6f82699b4d3b000280636fb741ea0f03d16fdccd13a7066d09
dec6803bdf4650ca3d9ad30a7ec0ea5466e5e94b835591a0cf7dcc9db2f7c250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fae8d9892169edc72006fbc01c8a55c20c98ddd38f1fb927e817d290f398ca92
fccb6bdf1465e9629f69a143ab791809b9686cbe35bbe6466c2498024fae1c9c