d2jj52b9gwup1c.cloudfront.net
Open in
urlscan Pro
13.224.197.210
Malicious Activity!
Public Scan
Submission: On December 18 via manual from US
Summary
TLS certificate: Issued by DigiCert Global CA G2 on July 17th 2019. Valid for: a year.
This is the only time d2jj52b9gwup1c.cloudfront.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 13.224.197.210 13.224.197.210 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
30 | 2600:9000:20e... 2600:9000:20eb:a800:12:8a03:bd80:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2a00:1450:400... 2a00:1450:4001:81e::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 3 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c04::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81d::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
37 | 5 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-210.fra2.r.cloudfront.net
d2jj52b9gwup1c.cloudfront.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d2xjwef2qye8za.cloudfront.net |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
cloudfront.net
d2jj52b9gwup1c.cloudfront.net d2xjwef2qye8za.cloudfront.net |
256 KB |
3 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
55 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
186 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
161 B |
37 | 6 |
Domain | Requested by | |
---|---|---|
30 | d2xjwef2qye8za.cloudfront.net |
d2jj52b9gwup1c.cloudfront.net
|
3 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
d2jj52b9gwup1c.cloudfront.net |
2 | www.googletagmanager.com |
d2jj52b9gwup1c.cloudfront.net
|
2 | d2jj52b9gwup1c.cloudfront.net |
d2xjwef2qye8za.cloudfront.net
|
1 | www.google.de |
d2jj52b9gwup1c.cloudfront.net
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
37 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
spnccrzone.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://d2jj52b9gwup1c.cloudfront.net/offer/list?eid=waardex&pid=maysville-online.com&aAbf5mQ=143893085231551&cc=1236713425
Frame ID: 4F8B9F645CC54E4C61938DAA255C3860
Requests: 37 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Amazon Web Services (PaaS) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Click Here Â
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1679597050&t=pageview&_s=1&dl=https%3A%2F%2Fd2jj52b9gwup1c.cloudfront.net%2Foffer%2Flist%3Feid%3Dwaardex%26pid%3Dmaysville-online.com%26aAbf5mQ%3D143893085231551%26cc%3D1236713425&ul=en-us&de=UTF-8&dt=2019%20Annual%20Visitor%20Survey&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1275223009&gjid=1241622212&cid=1252674264.1576681272&tid=UA-106765487-7&_gid=1393963896.1576681272&_r=1>m=2ouc61&z=1542189917 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106765487-7&cid=1252674264.1576681272&jid=1275223009&_gid=1393963896.1576681272&gjid=1241622212&_v=j79&z=1542189917 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106765487-7&cid=1252674264.1576681272&jid=1275223009&_v=j79&z=1542189917 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106765487-7&cid=1252674264.1576681272&jid=1275223009&_v=j79&z=1542189917&slf_rd=1&random=4002777794
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
list
d2jj52b9gwup1c.cloudfront.net/offer/ |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
d2xjwef2qye8za.cloudfront.net/browser/ |
98 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
d2xjwef2qye8za.cloudfront.net/browser/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
d2xjwef2qye8za.cloudfront.net/browser/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff
d2xjwef2qye8za.cloudfront.net/browser/ |
43 KB 44 KB |
Stylesheet
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-2.6.2-respond-1.1.0.min.js
d2xjwef2qye8za.cloudfront.net/browser/ |
18 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
d2xjwef2qye8za.cloudfront.net/browser/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
d2xjwef2qye8za.cloudfront.net/browser/ |
223 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-en.js
d2xjwef2qye8za.cloudfront.net/browser/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
returnDate.en.js
d2xjwef2qye8za.cloudfront.net/browser/ |
540 B 874 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils-ms.js
d2xjwef2qye8za.cloudfront.net/browser/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_f01.png
d2xjwef2qye8za.cloudfront.net/browser/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.js
d2xjwef2qye8za.cloudfront.net/browser/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.js
d2xjwef2qye8za.cloudfront.net/browser/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amazon_fall1000.png
d2xjwef2qye8za.cloudfront.net/browser/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img1.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img2.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3temv7e.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9PH2QqX.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EKZrmbS.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KqX499j.png
d2xjwef2qye8za.cloudfront.net/browser/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DsrKpkj.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plR22yu.jpg
d2xjwef2qye8za.cloudfront.net/browser/ |
1017 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comment.js
d2xjwef2qye8za.cloudfront.net/browser/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
73 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
d2xjwef2qye8za.cloudfront.net/browser/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
d2xjwef2qye8za.cloudfront.net/browser/ |
1 KB 660 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie6_pure.js
d2xjwef2qye8za.cloudfront.net/browser/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbms.js
d2xjwef2qye8za.cloudfront.net/browser/ |
627 B 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exit_ms.js
d2xjwef2qye8za.cloudfront.net/browser/ |
2 KB 766 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js1.js
d2xjwef2qye8za.cloudfront.net/browser/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
73 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getextparams
d2jj52b9gwup1c.cloudfront.net/offer/ |
20 B 532 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrome58x58.png
d2xjwef2qye8za.cloudfront.net/browser/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| yepnope object| respond function| $ function| jQuery object| _0x20b2 function| _0x1b95 function| faviconPulse function| geoip_city function| loadJSON function| loadTextFileAjaxSync object| locationJSON undefined| city undefined| sMobile undefined| sDesktop function| isMobileDevice function| returnDate object| _0x126a function| _0x20d3 string| nVer string| nAgt string| browserName string| fullVersion number| majorVersion undefined| nameOffset number| verOffset number| ix object| _0xe643 function| _0x42b4 object| _0x10a5 function| _0x2652 function| _0x4f4b7a function| _0x42bc8a function| _0x66c379 function| _0x5410b5 function| gtag object| dataLayer object| jQuery111005794383656052198 number| exDays boolean| validNavigation function| wireUpEvents function| Cookies function| docReady object| _0x30e7 function| _0x1dc5 function| addLoadEvent boolean| _link_clicked object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.d2jj52b9gwup1c.cloudfront.net/ | Name: _gat_gtag_UA_143920773_1 Value: 1 |
|
.d2jj52b9gwup1c.cloudfront.net/ | Name: _gid Value: GA1.3.1393963896.1576681272 |
|
.d2jj52b9gwup1c.cloudfront.net/ | Name: _gat_gtag_UA_106765487_7 Value: 1 |
|
.d2jj52b9gwup1c.cloudfront.net/ | Name: _ga Value: GA1.3.1252674264.1576681272 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d2jj52b9gwup1c.cloudfront.net
d2xjwef2qye8za.cloudfront.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.197.210
2600:9000:20eb:a800:12:8a03:bd80:21
2a00:1450:4001:80b::200e
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2008
2a00:1450:4001:824::2003
2a00:1450:400c:c04::9b
0ba871a68bb8af1a54a62bb7e4279733ae983b4a1234f7ee26c534b66c15dbbe
147bf9251e3078758ea901f25947c14d831d7f7388a4c7f55e510686f91a8180
1cfc8b8dfb6c180d006c444ed3b0d29a99e4660494da56be9794898ae95f0300
1f2c960c78d86e4a69d628a225dea777be3e184f83e9f4441e5a0b750c7718f4
2dea5123cd52257c0b829d41c56d4963228b45b1ec355737d60bb6645c94f50e
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624
5ffe77930f41fdd7a0a82af32e94802ec7f22b5ac6b4d9b78c43603adaf2f790
60dc662df463ede4ecd32c9f99f6adc59713ffc9dc5bb7cf35733557825bf32d
6f13a7c812ffcb6506ccbb3d3e55c149d61f62d988d4bf805a9d9c01ec691734
71773f8c559a1fdb770d7fa5720c08612d9ce7194be8bb44bdf95393f1469ce0
72e3b6817e1fafd50792b2c33bc4416683a391aa1837bee1f43fdbc210c99ccc
7c242565dc099c183fa6d55cfba8ffa02873f02e1990909d2be58db1d43015dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
91e5c1968eee9298437a097fd47978a077d667e086593ab0fd7988ef60d2ddf4
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856
a5c30b3faf79d296d5bbdd67b8b3cb65cd2b8e467211f0718b2e3452340714ce
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aca471814ce7139d23c4170a45f379d59d7ac3b87620d24ec73f28359a2e42fb
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
b8415abaabb26fe68590eb086a43ff6abb3ef683fb24e0a2e6fb86b3ec93fc91
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
c14552d34fa549f68d8e1449ace3aa2a2c5dc38feafdaca09c9a0cedc76cb75b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df981211a644b279f2bdb2db49d48931b0a888d640c5f6ae66670c9f43fc2387
df9d4020a14ecff81e540f8ceda405e2ff0e21bfa53415da0d660bbebbfb2a86
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
eee146f3954e624b69e833055cd9ba7c1dd256c4c548fbcf30df27b9de82ccc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205