midway-auth.amazon.com
Open in
urlscan Pro
52.94.220.70
Public Scan
Submitted URL: https://beta.celebrate.pxt.amazon.dev/
Effective URL: https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-us-east-1.federate.amaz...
Submission Tags: @phishunt_io
Submission: On February 03 via api from DE — Scanned from DE
Effective URL: https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-us-east-1.federate.amaz...
Submission Tags: @phishunt_io
Submission: On February 03 via api from DE — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 3 domains to perform 13 HTTP transactions.
The main IP is 52.94.220.70, located in
Dublin, Ireland and
belongs to AMAZON-02, US.
The main domain is midway-auth.amazon.com.
The Cisco Umbrella rank of the primary domain is 77443.
TLS certificate: Issued by Amazon on November 3rd 2022. Valid for: a year.
This is the only time midway-auth.amazon.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on November 3rd 2022. Valid for: a year.
This is the only time midway-auth.amazon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 5 | 2600:9000:20e... 2600:9000:20eb:6800:1:82b6:f040:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 2600:1f18:257... 2600:1f18:257:8000:a1b8:35cd:2d88:482 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 1 | 3.228.67.20 3.228.67.20 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 9 | 52.94.220.70 52.94.220.70 | 16509 (AMAZON-02) (AMAZON-02) | |
| 13 | 2 |
5
2600:9000:20eb:6800:1:82b6:f040:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| beta.celebrate.pxt.amazon.dev |
1
2600:1f18:257:8000:a1b8:35cd:2d88:482
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| fed-celebratev2-beta.auth.us-east-1.amazoncognito.com |
1
3.228.67.20
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-67-20.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-67-20.compute-1.amazonaws.com
| idp-integ.federate.amazon.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
amazon.com
2 redirects
idp-integ.federate.amazon.com midway-auth.amazon.com — Cisco Umbrella Rank: 77443 |
235 KB |
| 5 |
amazon.dev
beta.celebrate.pxt.amazon.dev |
434 KB |
| 1 |
amazoncognito.com
1 redirects
fed-celebratev2-beta.auth.us-east-1.amazoncognito.com |
1 KB |
| 13 | 3 |
| Domain | Requested by | |
|---|---|---|
| 9 | midway-auth.amazon.com |
1 redirects
beta.celebrate.pxt.amazon.dev
midway-auth.amazon.com |
| 5 | beta.celebrate.pxt.amazon.dev |
beta.celebrate.pxt.amazon.dev
|
| 1 | idp-integ.federate.amazon.com | 1 redirects |
| 1 | fed-celebratev2-beta.auth.us-east-1.amazoncognito.com | 1 redirects |
| 13 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| w.amazon.com |
| password-v2.corp.amazon.com |
| t.corp.amazon.com |
| firstaid.amazon-corp.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| beta.celebrate.pxt.amazon.dev Amazon RSA 2048 M02 |
2023-02-02 - 2024-03-03 |
a year | crt.sh |
| midway-auth.dub.amazon.com Amazon |
2022-11-03 - 2023-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-us-east-1.federate.amazon.com%26redirect_uri%3Dhttps%253A%252F%252Fidp-integ-us-east-1.federate.amazon.com%252Fapi%252Fv1%252Fintermediate%26response_type%3Did_token%26scope%3Dopenid%26nonce%3DI230203033247865IAD4FDRI35FTTKZ%26state%3Dv1us-east-1_I230203033247865IAD4FDRI35FTTKZ_AgR4teOmDlc1rURnp1wo33FqDF8kJue1r6HMSkT_k-Ar_FsAKAABAAN0eG4AH0kyMzAyMDMwMzMyNDc4NjVJQUQ0RkRSSTM1RlRUS1oAAQAHYXdzLWttcwBLYXJuOmF3czprbXM6dXMtZWFzdC0xOjA2NjU3MDk2OTgzMzprZXkvMTI3MTg5MWUtNDYwYy00M2YxLWE3Y2EtMmRhODJiZGM2OWNjALgBAgEAeJJUdLPswKG7tqZFUMuKQGMadS4WHwkFnY7RXE9dKz2GAb5hwZHEf7rfuseWRNN2C5UAAAB-MHwGCSqGSIb3DQEHBqBvMG0CAQAwaAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzIWmGu_z7reUnqQvUCARCAOxCH_n01nCqFkMPfZj0sMoRQ4xmrwqs9Z6CARUEpDxsrvYlhRPbsDBtOBGdcqPhlEm_H_1DucglPd_6uAgAAEAA3p7rXFbT7reyeIIHoedsw1QGfcQxUifo2R71uphUMILcXz6a8Mz206EBHx85bzVb_____AAAAAQAAAAAAAAAAAAAAAQAAAFrhdg_0E7i84lYsmwpa30Ji9e4xDg0vS1qHAtref0oXjC_y7v8k3ZO-mcHV6MLzpFLIuOUbMSfV36xES540_wus8qF1SyE0vTfFLaRYPbs4OJXfwhEuLUjBlG-qg9HxlGNmGbd28Q-u7uJU&require_digital_identity=false
Frame ID: A3453272D4F4D219D3B70F0117FD36D7
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Midway Authentication PortalPage URL History Show full URLs
- https://beta.celebrate.pxt.amazon.dev/ Page URL
-
https://fed-celebratev2-beta.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fbeta.celebrate.pxt.amazon.dev&re...
HTTP 302
https://idp-integ.federate.amazon.com/api/oauth2/v1/authorize?client_id=amazonCelebrateV2-beta&redirect_uri=https%... HTTP 302
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-integ-us-east-1.federate.amazon.com... HTTP 302
https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-us-... Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://w.amazon.com/index.php/NextGenMidway/FAQ
Title: Why am I here?
Title: Why am I here?
Search URL Search Domain Scan URL
URL: https://password-v2.corp.amazon.com/selfReset
Title: Reset password
Title: Reset password
Search URL Search Domain Scan URL
URL: https://t.corp.amazon.com/create/templates/d126c643-16e9-4673-bf09-2a2b3986d7d5
Title: quicklink
Title: quicklink
Search URL Search Domain Scan URL
URL: https://firstaid.amazon-corp.com/
Title: chat with IT support
Title: chat with IT support
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://beta.celebrate.pxt.amazon.dev/ Page URL
-
https://fed-celebratev2-beta.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fbeta.celebrate.pxt.amazon.dev&response_type=code&client_id=js6b4qssg0nb4du0ujd98eqip&state=wVcocxO6eQMDPZ69UjsCVMBVBOFJF43g&scope=openid
HTTP 302
https://idp-integ.federate.amazon.com/api/oauth2/v1/authorize?client_id=amazonCelebrateV2-beta&redirect_uri=https%3A%2F%2Ffed-celebratev2-beta.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid&response_type=code&state=H4sIAAAAAAAAAD2R23KiQBCG32WuhSBnuBMUNCFATHCNW1upOSFnRodR49a--85upXLVXf39fai_fwMIfCC4QiGflPlH_JaiMB-4BmYASRJRQs9wotlmGcoSlqWG28g8cX7UBmQSoYmGeC491UxyInk1TYz7Dw-ITlDFtKPo3wCV3SYV9vA-DiqhF6mlUotHQmVayvRrwxH4P8HI6FAT8GsGKkmuOzziW2bTl-dlfrC9ouHh7jnYBVn0GJnGUXa1Uua9Lofes-rE_WzZddp3F7Y_hG9PP-ja1u7BoBuP94y1zYbUFrfIunihWZZ6qWALLc7ji_MhTBMF1xNKwr7Xr2K7TR3HdZ7SeA7zw2pbYC3cC27d3ldJqAVc8t41slh8eq9msTqX2lSxqvROSdp16xbmLNKafPG-bM0kILfkvDnvt9FhIQp5cScvLilRvg266Mp_x6CYKvX7IV-W4fE41NOo4rGXvT3w57ZjGZ4lwwww4Jew43QGznKoTrAJHRcplm2biunoWHF1T1M8g1CMIIIEu-DPXw1yvzH4AQAA.H4sIAAAAAAAAADM0vr6EJWIFx7XrHEGbdsgXiTuZuj1fztn3zYEv4IK68RQAhG8MGSAAAAA.4 HTTP 302
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-integ-us-east-1.federate.amazon.com&redirect_uri=https%3A%2F%2Fidp-integ-us-east-1.federate.amazon.com%2Fapi%2Fv1%2Fintermediate&response_type=id_token&scope=openid&nonce=I230203033247865IAD4FDRI35FTTKZ&state=v1us-east-1_I230203033247865IAD4FDRI35FTTKZ_AgR4teOmDlc1rURnp1wo33FqDF8kJue1r6HMSkT_k-Ar_FsAKAABAAN0eG4AH0kyMzAyMDMwMzMyNDc4NjVJQUQ0RkRSSTM1RlRUS1oAAQAHYXdzLWttcwBLYXJuOmF3czprbXM6dXMtZWFzdC0xOjA2NjU3MDk2OTgzMzprZXkvMTI3MTg5MWUtNDYwYy00M2YxLWE3Y2EtMmRhODJiZGM2OWNjALgBAgEAeJJUdLPswKG7tqZFUMuKQGMadS4WHwkFnY7RXE9dKz2GAb5hwZHEf7rfuseWRNN2C5UAAAB-MHwGCSqGSIb3DQEHBqBvMG0CAQAwaAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzIWmGu_z7reUnqQvUCARCAOxCH_n01nCqFkMPfZj0sMoRQ4xmrwqs9Z6CARUEpDxsrvYlhRPbsDBtOBGdcqPhlEm_H_1DucglPd_6uAgAAEAA3p7rXFbT7reyeIIHoedsw1QGfcQxUifo2R71uphUMILcXz6a8Mz206EBHx85bzVb_____AAAAAQAAAAAAAAAAAAAAAQAAAFrhdg_0E7i84lYsmwpa30Ji9e4xDg0vS1qHAtref0oXjC_y7v8k3ZO-mcHV6MLzpFLIuOUbMSfV36xES540_wus8qF1SyE0vTfFLaRYPbs4OJXfwhEuLUjBlG-qg9HxlGNmGbd28Q-u7uJU HTTP 302
https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-us-east-1.federate.amazon.com%26redirect_uri%3Dhttps%253A%252F%252Fidp-integ-us-east-1.federate.amazon.com%252Fapi%252Fv1%252Fintermediate%26response_type%3Did_token%26scope%3Dopenid%26nonce%3DI230203033247865IAD4FDRI35FTTKZ%26state%3Dv1us-east-1_I230203033247865IAD4FDRI35FTTKZ_AgR4teOmDlc1rURnp1wo33FqDF8kJue1r6HMSkT_k-Ar_FsAKAABAAN0eG4AH0kyMzAyMDMwMzMyNDc4NjVJQUQ0RkRSSTM1RlRUS1oAAQAHYXdzLWttcwBLYXJuOmF3czprbXM6dXMtZWFzdC0xOjA2NjU3MDk2OTgzMzprZXkvMTI3MTg5MWUtNDYwYy00M2YxLWE3Y2EtMmRhODJiZGM2OWNjALgBAgEAeJJUdLPswKG7tqZFUMuKQGMadS4WHwkFnY7RXE9dKz2GAb5hwZHEf7rfuseWRNN2C5UAAAB-MHwGCSqGSIb3DQEHBqBvMG0CAQAwaAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzIWmGu_z7reUnqQvUCARCAOxCH_n01nCqFkMPfZj0sMoRQ4xmrwqs9Z6CARUEpDxsrvYlhRPbsDBtOBGdcqPhlEm_H_1DucglPd_6uAgAAEAA3p7rXFbT7reyeIIHoedsw1QGfcQxUifo2R71uphUMILcXz6a8Mz206EBHx85bzVb_____AAAAAQAAAAAAAAAAAAAAAQAAAFrhdg_0E7i84lYsmwpa30Ji9e4xDg0vS1qHAtref0oXjC_y7v8k3ZO-mcHV6MLzpFLIuOUbMSfV36xES540_wus8qF1SyE0vTfFLaRYPbs4OJXfwhEuLUjBlG-qg9HxlGNmGbd28Q-u7uJU&require_digital_identity=false Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
beta.celebrate.pxt.amazon.dev/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.f83b9687.chunk.css
beta.celebrate.pxt.amazon.dev/static/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.beac7355.chunk.css
beta.celebrate.pxt.amazon.dev/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.abb54da7.chunk.js
beta.celebrate.pxt.amazon.dev/static/js/ |
1 MB 404 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.1bc676a5.chunk.js
beta.celebrate.pxt.amazon.dev/static/js/ |
80 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
midway-auth.amazon.com/ Redirect Chain
|
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-032f3df1c0e93b21ade1c01bccab57816053e09b3a8d40cff456a84628ab3376.css
midway-auth.amazon.com/assets/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-0bb729805126ba527e9601632e4f53c4627878f23a601c6afebebc37c985e56a.js
midway-auth.amazon.com/assets/ |
365 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login-aa32185be48fcb19ba1e262bd763b2f42b75778784446caebdb82b8c6208aa73.js
midway-auth.amazon.com/assets/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yubikey-with-lock-5555a15fa7c43bd7778dbabf1c87ccd5b8cfcca373bc6d355648a054d3628d50.png
midway-auth.amazon.com/assets/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajax-spinner-8ca9fe045cf585735bce86ab8ca873f396696ca879d783db9918d4c83a41e208.gif
midway-auth.amazon.com/assets/ |
23 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
warning-icon-e50eece4de2050077708614013680c4d934561e8625efe04024162e13b598c94.png
midway-auth.amazon.com/assets/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amazon-logo-cabbd5a0efd8cbe9bbce9472937b612b286632bd561cef6462b3ed638295b80e.png
midway-auth.amazon.com/assets/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| generate_browser_fingerprint_v3 function| set_encrypted_fp function| get_encrypted_fp function| add_fp_data function| create_cookie_for_detected_browser function| getWindowLocation function| createDomElement function| validateNextUrl function| encodeElement function| parseQuery function| lsTest function| validateSuccessUrl function| u2fSupported function| showErrorMessage function| hideErrorMessage function| showGeneralErrorMessage function| hideGeneralErrorMessage function| str2ab function| ab2str string| encrypted_fp number| MAX_ALLOWED_FP_LENGTH object| u2f undefined| js_api_version function| $ function| jQuery object| jQuery112407760163949802805 function| setImmediate function| clearImmediate number| __fwcimLoaded object| fwcim object| MidwayAuthClientSideMetrics object| I18n function| parseUrl function| getU2FEnabled function| does_username_look_valid function| showAuthSuccessScreen function| authenticationSuccess function| handleTokenResponse function| authenticationFailure function| startU2fLogin function| requestU2fChallenge function| handleAuthChallenge function| handleU2fResponse function| handleWebAuthnResponse function| showU2fErrorMessage function| hideU2fErrorMessage5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| fed-celebratev2-beta.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: dec4c7da-c944-4138-99a3-d075598cd750 |
|
| fed-celebratev2-beta.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: 9SDnm95iL8ykpwtXlvpXZCTKWeH60zBn23JzOpkjIdi5s5dHUQeOON9NupA0GPGv7_u44bBwqbLCmm2wuRRN7787KNG1aPZERUc0CXus5xYELC0BsRRNm83OGuy9S4UErf0thphf9qLNllHkaPpF0jPAYDk4LBdxLrIrXRFZAuU |
|
| fed-celebratev2-beta.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: 9SDnm95iL8ykpwtXlvpXZCTKWeH60zBn23JzOpkjIdi5s5dHUQeOON9NupA0GPGv7_u44bBwqbLCmm2wuRRN7787KNG1aPZERUc0CXus5xYELC0BsRRNm83OGuy9S4UErf0thphf9qLNllHkaPpF0jPAYDk4LBdxLrIrXRFZAuU |
|
| midway-auth.amazon.com/ | Name: kerberos_disabled Value: 1 |
|
| midway-auth.amazon.com/ | Name: session Value: eyJraWQiOiIyNTIiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..t3KUh7cU04z2AH_3RbrFhA.Xap8aEuwJgxedLogBsVDnYpva0PbVDLOflnjN7A84cHgRohGbDRR0MTq4mdANhxAuxC3_bzrC42YoMmcGf6F_7JVqUdxTF4NzxR6Li8f1PVwa3YhtYggZwH2wRUzfnFaGcwMh235NndV8_vPxKkEwDasnDBuiHnPid5N5Gb3qgFrMVRmZEClQtf14IjnKroUq0e8E0eElkMYUgbmxYvnmCda2PItcoXBDLbU6OhBkbNXgDjMBMNtm_E3xCHqsNh5.1BBHi6rr7dY9aYiF6t1L4Q |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beta.celebrate.pxt.amazon.dev
fed-celebratev2-beta.auth.us-east-1.amazoncognito.com
idp-integ.federate.amazon.com
midway-auth.amazon.com
2600:1f18:257:8000:a1b8:35cd:2d88:482
2600:9000:20eb:6800:1:82b6:f040:93a1
3.228.67.20
52.94.220.70
032f3df1c0e93b21ade1c01bccab57816053e09b3a8d40cff456a84628ab3376
0bb729805126ba527e9601632e4f53c4627878f23a601c6afebebc37c985e56a
409ff09a0b65784fd3f78f0b05b60d22a51a02d501c6979bc37989b2ae2c424e
5555a15fa7c43bd7778dbabf1c87ccd5b8cfcca373bc6d355648a054d3628d50
57cdfb46f82b23f06f0c59b59b5a218b021751b89be6033e878dbd6e9a39b365
6859dd0247a53a49c61defb3aba9111ec92725d827f0590d8c366eb1e32f4d1c
8ca9fe045cf585735bce86ab8ca873f396696ca879d783db9918d4c83a41e208
a0d3c1366fe7137ea107170043392ba03d54b049184ae237167d1e4fe3ecc5a5
aa32185be48fcb19ba1e262bd763b2f42b75778784446caebdb82b8c6208aa73
cabbd5a0efd8cbe9bbce9472937b612b286632bd561cef6462b3ed638295b80e
dc4afdc30aa1ac3ee80a9cd833dacfac7d3ebb3770163edcc28397f72ac01dc8
e50eece4de2050077708614013680c4d934561e8625efe04024162e13b598c94
ebebd418394dfba820e55fee29aff7bdec904e09d76a1856643f41ed8dfa91fe