airdrop.aaveprotocol.app
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission: On December 04 via api from JP — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2022. Valid for: 3 months.
This is the only time airdrop.aaveprotocol.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aave (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
3 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:7daf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700:303... 2606:4700:3034::6815:27b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
aaveprotocol.app
airdrop.aaveprotocol.app |
2 MB |
5 |
nftbox.cfd
nftbox.cfd |
2 MB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242 |
153 KB |
2 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 926 |
545 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 759 |
83 KB |
0 |
xn--aav-5qa.com
Failed
xn--aav-5qa.com Failed |
|
20 | 6 |
Domain | Requested by | |
---|---|---|
8 | airdrop.aaveprotocol.app |
airdrop.aaveprotocol.app
|
5 | nftbox.cfd |
airdrop.aaveprotocol.app
nftbox.cfd |
3 | cdnjs.cloudflare.com |
airdrop.aaveprotocol.app
|
2 | unpkg.com |
airdrop.aaveprotocol.app
|
1 | code.jquery.com |
airdrop.aaveprotocol.app
|
0 | xn--aav-5qa.com Failed |
airdrop.aaveprotocol.app
|
20 | 6 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.aaveprotocol.app GTS CA 1P5 |
2022-12-03 - 2023-03-03 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.nftbox.cfd GTS CA 1P5 |
2022-11-05 - 2023-02-03 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://airdrop.aaveprotocol.app/
Frame ID: E51E7B56A545D4C1ABADEA4F07BC6FE7
Requests: 39 HTTP requests in this frame
Frame:
https://airdrop.aaveprotocol.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670155200
Frame ID: CA4C8623EB0E6D66989CDC38876CDE1F
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Aave - Open Source Liquidity ProtocolAave - Open Source Liquidity ProtocolDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
41 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Aave Protocol
Search URL Search Domain Scan URL
Title: Docs
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Visit Docs
Search URL Search Domain Scan URL
Title: How to create Snapshot
Search URL Search Domain Scan URL
Title: Apply for a Grant
Search URL Search Domain Scan URL
Title: Subscribe to Aave News
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Zapper
Search URL Search Domain Scan URL
Title: Defi Saver
Search URL Search Domain Scan URL
Title: Zerion
Search URL Search Domain Scan URL
Title: InstaDapp
Search URL Search Domain Scan URL
Title: DeBank
Search URL Search Domain Scan URL
Title: Documentation
Search URL Search Domain Scan URL
Title: Get featured
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Join the Risk DAO
Search URL Search Domain Scan URL
Title: Visit Risk Forum
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: aTokens
Search URL Search Domain Scan URL
Title: Flash Loans
Search URL Search Domain Scan URL
Title: Rate Switching
Search URL Search Domain Scan URL
Title: Technical Paper
Search URL Search Domain Scan URL
Title: Aavenomics
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Branding
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
airdrop.aaveprotocol.app/ |
3 MB 2 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.js
code.jquery.com/ |
282 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ |
719 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack.js
airdrop.aaveprotocol.app/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
airdrop.aaveprotocol.app/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.js
airdrop.aaveprotocol.app/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/ |
1 MB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/web3modal@1.9.0/dist/ |
418 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
airdrop.aaveprotocol.app/Aave%20-%20Open%20Source%20Liquidity%20Protocol_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
xn--aav-5qa.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
nftbox.cfd/static/js/ |
8 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ |
88 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
406 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
rates
nftbox.cfd/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
logs
nftbox.cfd/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rates
nftbox.cfd/api/ |
52 B 556 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
logs
nftbox.cfd/api/ |
23 B 492 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 KB 103 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 KB 103 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
448 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
94 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
166 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
airdrop.aaveprotocol.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame CA4C |
41 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pica.js
airdrop.aaveprotocol.app/cdn-cgi/challenge-platform/h/g/scripts/ Frame CA4C |
24 KB 10 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7745156f2ef71c83
airdrop.aaveprotocol.app/cdn-cgi/challenge-platform/h/g/cv/result/ Frame CA4C |
2 B 686 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- xn--aav-5qa.com
- URL
- https://xn--aav-5qa.com/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aave (Crypto)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery object| _ethers object| ethers function| setImmediate function| clearImmediate object| WalletConnectProvider object| Web3Modal function| savepage_ShadowLoader function| webpackHotUpdateethereum_crypto_drainer_v1_frontend object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected function| CoinbaseWalletSDK function| CoinbaseWalletProvider function| WalletLink function| WalletLinkProvider object| regeneratorRuntime function| updateWeb3Modal4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.aaveprotocol.app/ | Name: __ddg1_ Value: dktjVdOFYRW28kOCZYKB |
|
airdrop.aaveprotocol.app/ | Name: ref Value: No |
|
airdrop.aaveprotocol.app/ | Name: user Value: connected |
|
.aaveprotocol.app/ | Name: __cf_bm Value: alDGW_d1jnRBZdqniCDitQpp6bgvDlaaU90Ah3cPJ34-1670162591-0-AblXYCMmZhM5DXgHUzIINCZcprOSns0ER58TDtSGqS8Zd6KnRSSN+d/tfQ4kA8le/lThz/jbBK/3KV8Zo86ucgcXe3ESS2ApvvnOdXTCQC+iqkEUaXYT/16oCduTFP+UQzCnD0yK2jo5cUjofxO9HW0= |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
airdrop.aaveprotocol.app
cdnjs.cloudflare.com
code.jquery.com
nftbox.cfd
unpkg.com
xn--aav-5qa.com
xn--aav-5qa.com
2001:4de0:ac18::1:a:1a
2606:4700:3034::6815:27b
2606:4700::6810:7daf
2606:4700::6811:180e
2a06:98c1:3120::3
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
0d6bb1db32cd796935856fc4b6155206c8fafc62c7b9b82194aaf9801f3193cb
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
16fcfd9aac26b3f38265866e72db353779ae839192d1c2943672bbb9916f2c0e
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
1de840916dd1d4e91e6128830977fff16e6e044998fa68eac3eb01334c7855be
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
20379fe01b077979f0ddf15bd54e30022922aba1f224be1fc18e38b92d6865bd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
34fbce69712be4cb937f84213976ec6bd08af800f134ec6f21ff78e9b4bf883c
37f8dc6f81210bd5c5925d36ab4e0bf6c207bda674ecd36b2e7a4d5afe98fda7
39ca1c0ef49f69f346781cd7c8a739eefc3c3af41196ebf23d141afef3891cc0
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
53e912cce5ed34e73bdcc985a63709e13d7e29c0295bf004f23956ae8a47ec52
5480952751c8ed74be6f99a84dab4852975bf88099fdb96ef661084700f2bb59
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
73f246049508215d1dc1b232dfc451282266b3073f6578ec94882dcd981da835
761b0ce335a262440ebeb2b1817bcc858f947895d05426fd651a4db54472a95f
85dd56bdfee7c03e1bd92d77dead75eab1044c2a730357be5785263283622e10
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
9991625109fae255b27bdc17f1eb4f2e860f2744da216b50e4523eeca3451887
9d3d6e311cc5e391839a77de67fcd97b97dbb7121315c0c549b972ceb2f76b9b
9dec79b09b0f15bb3923ec7f414ebad722de8f4acd9605a9f2bbf6981f2e2fa6
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a9a2502021a88cb7593fe591f2da0519a97ba22cdefae89988c9019d99eef899
b71bb4537d8a488ab30889808b0dff7366cb5ac722037d4cd069564c8a765530
bb3e66e5187de940a6b22d2831c7627bebf4eeca52cf5c9e0d49363131f81719
c435dbbad4cee2e05b706c0fe9501124b78a43ffbf41806b77c8bf6cea04559a
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
cbb496cbc066b465a48afff46b11b5993dc754266a7b581a4b975a0b8a40f978
ce65999d8cb41688a6aa4323c9429368d10980b75b151bcc3979c542c206ab01
d0e4aa89ec94a8ec49637d646f810036c7d4f913a168f7e042584a5bad0dcf8e
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e34a14a796dbb64b38462294c99f9c50e03b83fb78418a8b613387c716c0a39e
e52d9f27333244c26a3d0e1c625e267c0b5d10a336fa06db74b957e1d7212e7e
f790329ab14d2e29ee90435c96b63b3bc331e68a985419db4cca80581038152e