jcb-my.cc
Open in
urlscan Pro
107.175.69.107
Malicious Activity!
Public Scan
URL:
https://jcb-my.cc/
Submission: On May 11 via manual from JP
Submission: On May 11 via manual from JP
Summary
This website contacted 7 IPs
in 4 countries
across 6 domains to perform 27 HTTP transactions.
The main IP is 107.175.69.107, located in
United States and
belongs to AS-COLOCROSSING, US.
The main domain is jcb-my.cc.
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.
This is the only time jcb-my.cc was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.
This is the only time jcb-my.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: JCB (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 17 | 107.175.69.107 107.175.69.107 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
| 2 | 52.212.101.97 52.212.101.97 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 3 | 23.79.152.104 23.79.152.104 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 54.76.54.153 54.76.54.153 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 15.237.136.106 15.237.136.106 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 99.81.11.244 99.81.11.244 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 34.251.77.56 34.251.77.56 | 16509 (AMAZON-02) (AMAZON-02) | |
| 27 | 7 |
17
107.175.69.107
(United States)
ASN36352 (AS-COLOCROSSING, US)
PTR: 107-175-69-107-host.colocrossing.com
ASN36352 (AS-COLOCROSSING, US)
PTR: 107-175-69-107-host.colocrossing.com
| jcb-my.cc |
2
52.212.101.97
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
2a02:26f0:6c00:28a::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
3
23.79.152.104
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-104.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-104.deploy.static.akamaitechnologies.com
| tags.tiqcdn.com |
1
54.76.54.153
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-153.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-153.eu-west-1.compute.amazonaws.com
| jcb.demdex.net |
2
15.237.136.106
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
| jcb.sc.omtrdc.net |
1
99.81.11.244
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
34.251.77.56
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-77-56.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-77-56.eu-west-1.compute.amazonaws.com
| jcb.tt.omtrdc.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 17 |
jcb-my.cc
jcb-my.cc |
182 KB |
| 3 |
omtrdc.net
jcb.sc.omtrdc.net jcb.tt.omtrdc.net |
948 B |
| 3 |
tiqcdn.com
tags.tiqcdn.com |
20 KB |
| 3 |
demdex.net
dpm.demdex.net jcb.demdex.net |
5 KB |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
| 1 |
adobedtm.com
assets.adobedtm.com |
13 KB |
| 27 | 6 |
| Domain | Requested by | |
|---|---|---|
| 17 | jcb-my.cc |
jcb-my.cc
|
| 3 | tags.tiqcdn.com |
jcb-my.cc
tags.tiqcdn.com |
| 2 | jcb.sc.omtrdc.net |
jcb-my.cc
|
| 2 | dpm.demdex.net |
jcb-my.cc
|
| 1 | jcb.tt.omtrdc.net |
jcb-my.cc
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | jcb.demdex.net |
jcb-my.cc
|
| 1 | assets.adobedtm.com |
jcb-my.cc
|
| 27 | 8 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.jcb.co.jp |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.jcb-my.cc R3 |
2021-05-11 - 2021-08-09 |
3 months | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
| *.tiqcdn.com DigiCert SHA2 Secure Server CA |
2021-04-19 - 2022-04-27 |
a year | crt.sh |
| *.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
| *.tt.omtrdc.net DigiCert SHA2 Secure Server CA |
2020-11-02 - 2021-11-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://jcb-my.cc/
Frame ID: CF2B1BF01078EC776FE09CD65E8C61D4
Requests: 26 HTTP requests in this frame
Frame:
https://jcb.demdex.net/dest5.html?d_nsid=0
Frame ID: FB2E289A87D34D82AA2322A9A075EEEA
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Adobe DTM
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Tealium
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
URL: https://www.jcb.co.jp/jcb_mente/mente_service.html
Title: サービス停止のご案内
Title: サービス停止のご案内
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/qa/index.html
Title: よくあるご質問
Title: よくあるご質問
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/myjcb/myjcb.html
Title: お問い合わせ
Title: お問い合わせ
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/service/additional/myjcb/
Title: MyJCBのサービスについて
Title: MyJCBのサービスについて
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/attention/
Title: サイトのご利用について
Title: サイトのご利用について
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/security/pop/secret_qa.html
Title: 詳しくはこちら
Title: 詳しくはこちら
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/service/basic/scene/pop/specific-merchant.html
Title: 特定加盟店一覧
Title: 特定加盟店一覧
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/
Title: JCBカードサイト
Title: JCBカードサイト
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/privacy/
Title: プライバシーポリシー
Title: プライバシーポリシー
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/myjcb/kitei.html
Title: MyJCB利用者規定
Title: MyJCB利用者規定
Search URL Search Domain Scan URL
URL: https://www.jcb.co.jp/security/
Title: JCBのセキュリティについて
Title: JCBのセキュリティについて
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://cm.everesttech.net/cm/dd?d_uuid=78420306348459459503361992063408363333 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJsZIwAAABkInykN
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
jcb-my.cc/ |
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.css
jcb-my.cc/static/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frame.css
jcb-my.cc/static/css/ |
32 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
global.js
jcb-my.cc/static/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.2.1.min.js
jcb-my.cc/static/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
master.js
jcb-my.cc/static/js/ |
1 KB 784 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ua-parser.js
jcb-my.cc/static/js/ |
40 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
browser.js
jcb-my.cc/static/js/ |
2 KB 662 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login2.js
jcb-my.cc/static/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsa.js
jcb-my.cc/static/js/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellitelib-07dcfb8765c9dfde9e662180182d3d7dda0f6107.js
jcb-my.cc/static/js/ |
360 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
jcb-my.cc/static/picture/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon_blank.png
jcb-my.cc/static/picture/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
error-icon.png
jcb-my.cc/static/picture/ |
350 B 421 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_footer.png
jcb-my.cc/static/picture/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.cookie.js
jcb-my.cc/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frame.js
jcb-my.cc/static/js/ |
31 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
362 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ |
36 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/jcb/main/prod/ |
32 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.4.js
tags.tiqcdn.com/utag/jcb/main/prod/ |
151 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
jcb.demdex.net/ Frame FB2E |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
jcb.sc.omtrdc.net/ |
2 B 312 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YJsZIwAAABkInykN
dpm.demdex.net/ Redirect Chain
|
42 B 973 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
jcb.tt.omtrdc.net/m2/jcb/mbox/ |
96 B 392 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 202 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s19636028112503
jcb.sc.omtrdc.net/b/ss/jcb-corporate-2015-dev/1/JS-2.17.0-LBQ1/ |
43 B 244 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: JCB (Financial)152 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| focusNext function| focusTo function| openProhibitCharactersWindowJcb function| openProhibitCharactersWindowIy function| allDisable function| getCookie function| setCookie function| removeCookie object| RegAndroid object| RegiPhone function| isSmp function| isSpWidth function| getUrlParam function| getRedirectUrl function| getUrl function| removeSmpCookieForDomain function| removeSmpSessionCookie function| displaySmpLink function| smpRedirect function| modePcRedirect function| pcRedirect function| setRwdFlag function| getIOSVersionNumber function| $ function| jQuery function| popup function| popup2 function| CloseWin function| closeWinOrDispGuide function| func function| clear function| LinkSelect function| UAParser function| assertBrowser string| HA string| ZA string| HN string| ZN string| HS string| ERROR string| COMPLETE string| INPUT string| myjId string| password string| myjIdState string| passwordState string| myjIdErrMsg string| passwordErrMsg string| loginButtonState boolean| submitted_form1 function| onLoad function| initValidate function| validateMyJId function| updateMyJId function| validatePassword function| updatePassword function| loginButtonUpdate function| isLength function| isType function| isSubmitted_form1 function| setSubmitted_form1 function| invalidEnter function| invalidEnterForm function| mouseOverForm function| mouseOverButton function| mouseOutButton function| getDevicePrint function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s boolean| utag_condload string| utag_lh object| utag function| utag_condloader boolean| __tealium_twc_switch object| bannerConfig object| $tlm_commn object| _uxa object| s_i_jcb-corporate-2015-dev4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .jcb-my.cc/ | Name: utag_main Value: v_id:01795dda330e001aea259701755600072001206a00b08$_sn:1$_ss:1$_st:1620779051601$ses_id:1620777251601%3Bexp-session$_pn:1%3Bexp-session |
|
| .jcb-my.cc/ | Name: mbox Value: session#d26a25dd76114a399e95b536f082602b#1620779112 |
|
| .jcb-my.cc/ | Name: check Value: true |
|
| .jcb-my.cc/ | Name: AMCV_0FC4F0F5558BD5EB7F000101%40AdobeOrg Value: 1075005958%7CMCIDTS%7C18759%7CvVersion%7C4.4.1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
jcb-my.cc
jcb.demdex.net
jcb.sc.omtrdc.net
jcb.tt.omtrdc.net
tags.tiqcdn.com
107.175.69.107
15.237.136.106
23.79.152.104
2a02:26f0:6c00:28a::1e80
34.251.77.56
52.212.101.97
54.76.54.153
99.81.11.244
1cf2d9d5b537a4343efdbdd67a9c357040e1f81ed95e479f9c1460060d060d5e
3840a7ff0d23710887d512dbd2d51d2ebe8746bdda8f549a4d3a4f8a04b06b75
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6034aa1a5202485c861be5b8b5664b920a6ba8e02f65bea1ba7419ad736145c1
6c27bac251b506a38d02775961f89b6ff54046f272e9b22843049975454afe8c
6cbb66adfdf4ea55ecfd301ee111e49290506520d07ee8ff59340adb76b4817c
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80adebc84b57ccb10f21a41231e22b5b051bbe66a81385536650b42e1fd2b50a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88456c84c0bdf7fea3e5d9837338461fa39c61c2ffb90ccc25e1f278ec8784f2
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8c0d7e49b1d6c45e7a20f13e16970b84b73a4243b8f687e498e4e6d586e7d26e
938505976842f1f9f8df80d926a827802a878028ce4764e67983903656462b58
93b334e1a1d3b1f7ad60a247c93d72e8d3c03db8b81bc4c4184ad3a3d7ce5b62
9d9b2f645209759ba362d984e41d1626b9fd54dcadf63278628f6af85428b40f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5e79cd46c424df8b1efcdc74892c7b4af1596ace9662d1797ee69609cb23202
a7b5ed4e1ea25b784783da785c7837932a4667d8b6a52b808f2ad77ecbd19d66
ac58673b14612ab2093fc8448d7dc5fc14c237a6bddbf5c3e49f2e1e8c7d1a74
b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea
dd8e7c6375bd6ccc23582eec91b4f1417b6f582dfc48e40b7ae3a63d7b0ae949
ec6d0f3ca6da83cd50d0f6626fbaca69fd7490b88ba7af48ffe29b9a5fecc308
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6bf85d1dce0e4e94ed0625105bf642f301c3609a53b58753c35e74b7bf2c2e3
f8f5145a4f8960212b8539ea9e9f8c6b7c3cd940ca3e438b62bdbd9ffd93d73c