kamien.top
Open in
urlscan Pro
2606:4700:30::681f:534d
Malicious Activity!
Public Scan
Effective URL: https://kamien.top/Drivefile/onedrivex/f023e2eb5242550f7daa9efc0abb5f3a/yaman/boxMrenewal.php?https://login.srf?wa=...
Submission: On October 20 via automatic, source phishtank
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 18th 2019. Valid for: a year.
This is the only time kamien.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:30:... 2606:4700:30::681f:534d | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 40 | 2a00:1288:f03... 2a00:1288:f03d:1fa::4000 | 10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.) | |
1 1 | 34.241.103.206 34.241.103.206 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1288:110... 2a00:1288:110:c104::3000 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
41 | 4 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
kamien.top |
ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
s.yimg.com | |
s1.yimg.com | |
mg.mail.yahoo.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-103-206.eu-west-1.compute.amazonaws.com
guce.yahoo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
yimg.com
s.yimg.com s1.yimg.com |
157 KB |
3 |
yahoo.com
2 redirects
mg.mail.yahoo.com guce.yahoo.com login.yahoo.com |
1005 B |
1 |
kamien.top
kamien.top |
21 KB |
41 | 3 |
Domain | Requested by | |
---|---|---|
38 | s.yimg.com |
kamien.top
|
1 | login.yahoo.com |
kamien.top
|
1 | guce.yahoo.com | 1 redirects |
1 | mg.mail.yahoo.com | 1 redirects |
1 | s1.yimg.com |
kamien.top
|
1 | kamien.top | |
41 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
overview.mail.yahoo.com |
mobile.yahoo.com |
help.yahoo.com |
www.yahoo-help.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-10-18 - 2020-10-09 |
a year | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-10-14 - 2019-11-28 |
a month | crt.sh |
*.yimg.com DigiCert SHA2 High Assurance Server CA |
2019-09-06 - 2019-12-05 |
3 months | crt.sh |
*.login.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-10-11 - 2020-04-08 |
6 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://kamien.top/Drivefile/onedrivex/f023e2eb5242550f7daa9efc0abb5f3a/yaman/boxMrenewal.php?https://login.srf?wa=wsignin=Xclusiv-3D|
Frame ID: CFE9E9F90B1229DB806E7EEFB5752479
Requests: 41 HTTP requests in this frame
Frame:
https://login.yahoo.com/?.src=ym&lang=&done=https%3A%2F%2Fmg.mail.yahoo.com%2Fmailfe%2Fresources%3Fo%3Diframe%26src%3Dlogin%26guce_referrer%3DaHR0cHM6Ly9rYW1pZW4udG9wL0RyaXZlZmlsZS9vbmVkcml2ZXgvZjAyM2UyZWI1MjQyNTUwZjdkYWE5ZWZjMGFiYjVmM2EveWFtYW4vYm94TXJlbmV3YWwucGhwP2h0dHBzOi8vbG9naW4uc3JmP3dhPXdzaWduaW49WGNsdXNpdi0zRHw%26guce_referrer_sig%3DAQAAANFFKfFiBOyfSCU_NpknEnO1galRlYDQWr0pZJVJhixy7538NQ1UZK9MWMrik_GSiChsJ72OkZBfuUHEnTdLpt5dUZ-xViGRL9TqkEIQRtK57qO9PaK0q4v228jiqKLBR4LLE976So-7WkuM3s02T4YoJ1iFCdIzpVPkpfAzhFbT
Frame ID: E0EDD2B496587B324A888FA0360567E6
Requests: 1 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: About Mail
Search URL Search Domain Scan URL
Title: Features
Search URL Search Domain Scan URL
Title: Get the App
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Visit Yahoo Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 40- https://mg.mail.yahoo.com/mailfe/resources?o=iframe&src=login HTTP 307
- https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=Z4JImrY&done=https%3A%2F%2Fmg.mail.yahoo.com%2Fmailfe%2Fresources%3Fo%3Diframe%26src%3Dlogin HTTP 302
- https://login.yahoo.com/?.src=ym&lang=&done=https%3A%2F%2Fmg.mail.yahoo.com%2Fmailfe%2Fresources%3Fo%3Diframe%26src%3Dlogin%26guce_referrer%3DaHR0cHM6Ly9rYW1pZW4udG9wL0RyaXZlZmlsZS9vbmVkcml2ZXgvZjAyM2UyZWI1MjQyNTUwZjdkYWE5ZWZjMGFiYjVmM2EveWFtYW4vYm94TXJlbmV3YWwucGhwP2h0dHBzOi8vbG9naW4uc3JmP3dhPXdzaWduaW49WGNsdXNpdi0zRHw%26guce_referrer_sig%3DAQAAANFFKfFiBOyfSCU_NpknEnO1galRlYDQWr0pZJVJhixy7538NQ1UZK9MWMrik_GSiChsJ72OkZBfuUHEnTdLpt5dUZ-xViGRL9TqkEIQRtK57qO9PaK0q4v228jiqKLBR4LLE976So-7WkuM3s02T4YoJ1iFCdIzpVPkpfAzhFbT
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
boxMrenewal.php
kamien.top/Drivefile/onedrivex/f023e2eb5242550f7daa9efc0abb5f3a/yaman/ |
108 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
103 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
458 B 428 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
1 KB 711 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
466 B 377 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
330 B 347 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
382 B 380 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 909 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
405 B 365 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
489 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
1 KB 830 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
507 B 474 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 912 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 923 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
1 KB 719 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 859 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
768 B 546 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
390 B 389 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
904 B 650 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
657 B 518 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
1 KB 757 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
1006 B 717 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
2 KB 983 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
95 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_en-US_f_p_bestfit_2x.png
s1.yimg.com/rz/d/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo_mail_en-US_s_f_pw_351x40_mail.png
s.yimg.com/rz/d/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
751 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g-r-min.js
s.yimg.com/rq/darla/2-8-9/js/ |
154 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combo
s.yimg.com/zz/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
login.yahoo.com/ Frame E0ED Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| MBR_config function| validateForm object| DARLA object| $sf undefined| Y undefined| $yac object| _Y object| DARLA_CONFIG4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.yahoo.com/ | Name: AS Value: v=1&s=gURehhir&d=A5dadccc0|e0MqJbf.2SpsMR7O5w3Ruquq0CfG0AhgFWEHxjz0a45TCdGzS8VMEaEdhsRfPEM70uqcgSkwCIlzrBEPLjW3gfUEKb_MojSxrY3ihq7UP2IhYBdeCaUinZrAxBZK0W.xM403B2SSNeJo96YZcIll923mFjiyEQ3aTS..r3VRmmOYBprUYSythbwfGNUZv.G60XOCc3KgIXeKLBXteyOXci.vTw3DH9U21JXk5MOmYMgzlrf3g72m30NgNNXhCXths7putKWfUtRJZpI992xzHNbZPxIYNRt6qrsbAlmcBxOG0A5u8nKyCfMIxILFOwAjfPvDt33fMgozo5.JeooJEXzdKhaaJNSxglB2pkV9A8NsRX9pwZMEcBJn3r7Ofiefe2d76O6HzjBbPKsMuqwWrBMPFP.g9HW1RPsGEn4C1zx2tCBKq0ILHm7W53.CviJUcu74Afk7jMjvNKPgEBTF.NDUMGfyOpvGTHwgECaQDc2e9V_WRD0HRyTdbbG3CLP4fpe25RRjekxeq533ut1eNM1QAJtkp5vzjNMener_qZW5EvmNbLCglCCMZSnx2INawXffaD378Jeu7nEDkNT0yn.hYleYxRcPW4Lj9vnbmkEyHePLXfqFKXimi4s164gqhNRRUOvbWT.uFowErahJbwjHgXtzEcSijLA.o_ZbrtfIZrc5py_7C2lJilm8n6HC9cv_Z0Oi7eRz3iqkxzcaK6ebKGzaQIKF79PmWw1mFPVwkGCs_oes7.xnOHYcqaQpNTzTCuQGPfhYt4XUtjg78el0QKpQkPixnamg0tx155_z3OesgBB5Ayhf2k8X9_Xt.IuQ.vVswhXo44Y4JVj3N8Apn4ioF5jGIqyIQrpHpNHwZtBsHnuP.FJe9c9_C9tcg5RskZk0WGxyUEjv551R.fnZR2PKzYMxoRyh_3BXSICjMghaeukqGaoNH6KGAexzqDLifScFR2G3I4ADTJGCfU1a53acjLRf_Ik8b.eiiXSiqpLmfVnAR7rkzwChkKT8dUX.jfZGt_69Lki.BKkIpbDb4NfTaAivMVmxSbWgtgxViVpK87xhVC6lhFw4LEM3e_ZxW9n4JeBw27WSzE6Xp5.Ru4HALoH9ZG.K59d2wo7q3HUgTFwH1boksEXQlBLURN9flc59yVBlS3nBCw--~A |
|
.yahoo.com/ | Name: GUCS Value: AWeCSJq2 |
|
kamien.top/ | Name: PHPSESSID Value: 037b59ae3dcb9d27ebc26b7402c21fa6 |
|
.kamien.top/ | Name: __cfduid Value: d83b06a28f431e296839521b584dbd8a41571584830 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
guce.yahoo.com
kamien.top
login.yahoo.com
mg.mail.yahoo.com
s.yimg.com
s1.yimg.com
2606:4700:30::681f:534d
2a00:1288:110:c104::3000
2a00:1288:f03d:1fa::4000
34.241.103.206
07ab9c83e2c885f69196cb182dabdf6ebfca453e66738cf64f750dd4a032bab1
0c5f97320bc1077ad6d15844f0c0797559449d86efcc6289341962d3fc329faa
1964fce978741fc197cf983ac77fbfef27ef4fc33106f86dbef5089201225440
19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208
1c498f235bfb98d52d72176bca335eba92a1a6f5675c5445dcae82319b7b7e6d
2122e2260d9d0078102d13a7faae9c23839b3e90c376d7194d1126ee6e3c2400
22ee15e3316988313c81c9bbc18b8f47ce92b47ec6df666dd1426259e3849ced
29d7186955ad2fe6e8e1c1141ddcbb5fd83a9cc30cca585bd126ab6e7bad13a6
329fb413d06d0d0fafeda4d9c876b6c1f23511f8db6d2801c8a65d934d67de21
45fda329df93a24736060dda89f5b4758e83b2167d8931c30c7654c16bae0d64
4c4fd730516da40afa76ecd017afaa11fa90b9f5958ea7613e89345ac7828879
4e0251a6ddbfbd38bbc5258ffc279b525c8e8630065a57a5a2dc451c29da768b
509d523fb7fdf8df12b9d075f5d83dd536009c988e11ec7747cb1e4fa1e9a5b2
5303bdf63a764fff44c4eb43cad8304ed336d431ed79c249fe91fc6a6b37f310
546a0f2cb1fe0910e04dc4197d04d45e8dde1ea1540005474dd5764b1786a85b
54ccaf3674c7afc7753040ebe97c93bb6936821f39389e8c34f52acdeedffbd9
58900c3231ba4be87444629a23733e96bdd65753640e91cf6f8c689df0fc09c7
6aef12ae44fc3b46536b156840b68f55808bbc128448db267b9272135bf97342
6f3c09045aa362de3605fb40c3d15c716b06cd392dc33a9a1426ba3f0ab48bc2
728a67a63679bd13fd9c09115773e2fc3bbf7f50c3a59dd9abac3c527a29277b
7699bfccfeace63bd997e63dc8f1b83e502afe35bd2a55656efd60dc1442523e
78a4a3625fd882634fbf027cad7fe67ccdc6434a80510de2f25a92e3efc11e74
82c0a0d4d9b7644e800f027ed38bef3fa3b104e82c354351fea54d8858a481f1
86527ec354b48ba17a5294dd3ec4825d98a43c3d65e4fb17c964c61a6e0f36c4
88d8929af7afc045253543dfd647fd647783dc937f903d7e969f13eed41700ad
923b910d759b80bd19e0d7542f280b85c68ffebaeeeebcc97e041c3fd3a6e85b
945a9a8c6fd33111df11c49a7ca51367fb5d870d71effa3e48a0613a2d09079a
9790c6e12990b6daa43e9b251abc0471f828724a3d49cc4239a0959d6d0ba6d5
9a23f1ec6cf8c366cee79e43629de69b82bc0310dc1c3eda7599e7f8385dcbbe
aae70a1bc4c6a3b7550eae6ceb277100cad5928b5ad2f397e7b48b9bf5e71efb
b6630790863b8a9557f1160855c0f3449ec8f670f1e5e7375dee3e0f183f87cf
b8d3fe095d6f58cd95a7aa6cd7290d81c36881202a2970a6388071eb67a20865
c57b3301e95053154b9a370da84a77b971b62bc66473759342410d07b5fc69a2
cfb31c01f5155aa5e99efe1bab036e220a71d7cd0dfc8c541fa9cf5e6f092aab
d0704b8df9fbd05e1cd8edc2be49b871d54a21c3b7b39373f00b7b95d4fbc60d
de0ec3640e9d5e8389fa199fd57e236e8c08b88cc3613bc225b6253c96e6767e
e81c940c57075f3b594ea2a224f5605cebc624e47a70d7cddc8ce7763bf7ff5a
eb4139a77a2e939174fdd4feb528d46b71c60f89e1fb37cc0d9bb5113b437943
ed6d98796a0501122b4122b4101f0022828c2775589f572c0ed37f76f87cf81b
f2d2954c92bde1ca42361ce83e1d02f929f1463f4f9d1b11d4e5c430c9aff8b4