ff-magazin.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request b1cf7d5dd846479a818ee24e59027923.html Show response ff-magazin.com/	113 KB 44 KB	584ms 524ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 04ddbd1403035cb26bdb70f8786888a73b0cdbf208675e10f245e20dd2ef4621 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8cb729e8ba1ed592-AMS content-encoding br content-type text/html date Mon, 30 Sep 2024 21:04:09 GMT last-modified Sun, 29 Sep 2024 14:43:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lyu0HWZ2JyhAwf5gsGTC5n1ylCB%2BmS%2F9O9Zj9ILeAHJ%2FyzWv6g90zKy%2BwCUImqdC50fVR0XUbrMzwVDtNDUp6VYJCjnB7Wx%2Foc6aJZfgWqn9vatFYvHiWnuPZAz2DRyqCNuNHJ%2Br%2BFkuMByyIg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	speculation ff-magazin.com/cdn-cgi/	128 B 467 B	23ms 22ms	Other application/speculationrules+json	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdMh2aBSD%2BgL0W%2FdtBOaETlVK9KcQqb6VZbB4NmrmVujo19slCiy8uZcjwSKdr0Kzn8GhW5abfttuDqMAYffx3cg3%2B76msK8lhSNSHVFeH2WhuOqgrsrNCctetJ6s0Gu8pu55RqgXsGM9ducMw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729ec0ae5d592-AMS access-control-allow-origin https://ff-magazin.com content-length 128 date Mon, 30 Sep 2024 21:04:09 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	617yUmK-YcL._RC11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css ff-magazin.com/static/css/	129 KB 31 KB	2591ms 2584ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/css/617yUmK-YcL._RC11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 48d371189b07243f6fef339c2bcdf872b3083af99cde012094dd21a1ec87d72c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "6a288407e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgT0GY6qXXhJI%2Fy2uNzvr3Ny5IYYUTQ4IV3rv7qWUfQnvbu1hwijwVf%2Fe2ylOyFXv71jnr8BiMm%2BxHimAPZuWeag4zdF2lCBCOsSqqYZAG6%2BtqZsR2LXj6lzxd25mS0Xcw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729ed9e250bc1-AMS accept-ranges bytes content-length 31217 date Mon, 30 Sep 2024 21:04:12 GMT content-type text/css last-modified Sun, 29 Sep 2024 14:43:52 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	01SdjaY0ZsL._RC31jdWD_JB_L.css,51E5CuE4VpL.css_.css ff-magazin.com/static/css/	62 KB 14 KB	1662ms 1653ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/css/01SdjaY0ZsL._RC31jdWD_JB_L.css,51E5CuE4VpL.css_.css Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b3c8d89eb313890e0459eac1e88b3db96f5a4e24690da894fb7fb76dd6aa4929 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "fbb95227e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=calYMNonYfzgy0tRcXyMX2ccvlDn%2FDGManSP9NIFfkg0YxsmlRznyLRAry7P2Ie57LsjlBE1fgSGs1yeK%2BR6Ws%2BduHqIqQpDJlK1sgRsvpTz%2BEC7WjoeCK4seuuF1XhcMA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729ed9e260bc1-AMS accept-ranges bytes content-length 13697 date Mon, 30 Sep 2024 21:04:11 GMT content-type text/css last-modified Sun, 29 Sep 2024 14:43:55 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	21sHKQBL2NL.css ff-magazin.com/static/css/	5 KB 2 KB	503ms 493ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/css/21sHKQBL2NL.css Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f592b1b49eead8f99c977ede443e7bf79500c4aef5dbf8ca05f64ec4e743d3c4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "32358f17e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4YUgmrOivKp%2FQt4CBg63ILwsfi%2FJ2mWSzah3YqiIxaGS13mreejfeLXwBATHKBzRMCVVrtHGp3UQissbfNiv5Jzfxxw%2FaM91RYX884ru4GelT9It2zx%2F3mg4A%2BURHffBg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729ed9e280bc1-AMS accept-ranges bytes content-length 1989 date Mon, 30 Sep 2024 21:04:10 GMT content-type text/css last-modified Sun, 29 Sep 2024 14:43:53 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	AuthenticationPortalSigninEU.js Show response ff-magazin.com/static/js/	2 KB 2 KB	501ms 501ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/AuthenticationPortalSigninEU.js Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c47691a714391803f4a58cb0400db014ef031fa64ea282235be2035299707eeb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "e36423127e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxm89WLGNssc79chdGTBjMbS%2BLF7b7so4HLNaHBEZGJsf5Nb8oSLuqdcvhCRCk6wWPovfFjCtUQqzWqH5RHyO5gJuxcyDggQcFsv0DNRHyK%2Fnl82ikhU%2Fkn%2BlWjguec98A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729f809d50bc1-AMS accept-ranges bytes content-length 1224 date Mon, 30 Sep 2024 21:04:12 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:21 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H2	200	A21TJRUUN4KGV:259-1082621-3382720:B0M1ZEV6D7RPCPCAMSZJ$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DB0M1ZEV6D7RPCPCAMSZJ:0 fls-eu.amazon.com/1/batch/1/OP/	43 B 151 B	121ms 34ms	Image image/gif	52.48.171.237 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fls-eu.amazon.com/1/batch/1/OP/A21TJRUUN4KGV:259-1082621-3382720:B0M1ZEV6D7RPCPCAMSZJ$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DB0M1ZEV6D7RPCPCAMSZJ:0 Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.171.237 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-171-237.eu-west-1.compute.amazonaws.com Software / Resource Hash a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/ Response headers x-amzn-requestid 84484500-2897-4458-a380-b5cbb840887b content-length 43 date Mon, 30 Sep 2024 21:04:12 GMT content-type image/gif
GET H3	200	61xJcNKKLXL._RC11Y_5x_kkTL.js,514Z0GBG2eL.js,31quly41aVL.js,31LHsGF3dBL.js,01N6xzIJxbL.js,51NnTYPBTOL.js,01rpauTep4L.js,31KAmOFMMyL.js,6115_vE3YgL.js,01KsMxlPtzL.js_.js Show response ff-magazin.com/static/js/	310 KB 125 KB	2662ms 2661ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/61xJcNKKLXL._RC11Y_5x_kkTL.js,514Z0GBG2eL.js,31quly41aVL.js,31LHsGF3dBL.js,01N6xzIJxbL.js,51NnTYPBTOL.js,01rpauTep4L.js,31KAmOFMMyL.js,6115_vE3YgL.js,01KsMxlPtzL.js_.js?AUIClients/AmazonUI Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7a749e1ac030cd46fa63792b706e389756a71caec5d1d92048238bf0de145760 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "3773eb157e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewLVrZYL2HuMsh2CpkBxoorVfaND3%2FXp2jvzA3CypvxXdCdpOghMs6cUI3SlMSeuRWMoOHtJZaPqwt9TV6w0WgTuBBZAR20C0GHEJkXli6XuRijmtIk4FFe8MCBhHXpSUw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbe00bc1-AMS date Mon, 30 Sep 2024 21:04:15 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:28 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	21ZMwVh4T0L._RC21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61Ar-B9CLsL.js_.js Show response ff-magazin.com/static/js/	117 KB 43 KB	3253ms 3252ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/21ZMwVh4T0L._RC21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61Ar-B9CLsL.js_.js?AUIClients/AuthenticationPortalAssets&cGoCHRzK Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 71fe9e8b96067b662d7f2cb0d6222ad60ef3fa16eaa69bc431f8d3ae4f5dd0ac Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "2b3b6f187e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FuoC3%2BqzzHtnPWD5tJvqknR%2FWgueE7qc5v0UQyeeIwK5Hhlh91mpFVsRaNHlpRVQlGhDf8hv%2BUmCtpY7Dwd2b6xKWDzUVMBZMl%2FTFOX%2FbnVPYxq8gCz98IBr%2Fn81jY2vA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbe20bc1-AMS accept-ranges bytes content-length 43350 date Mon, 30 Sep 2024 21:04:15 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:32 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	01wGDSlxwdL.js Show response ff-magazin.com/static/js/	521 B 943 B	3440ms 3439ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/01wGDSlxwdL.js?AUIClients/AuthenticationPortalInlineAssets Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "f2f7a9197e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZnRP1LaMP6WEF6yqtc%2Ba8cDuYtzFeW6kBwjPIuP8pOrLjKqOxQaewp2BmQtETR%2FrYctJ5AhKLOioJuDtlNIbzH604aIABBHxX%2Bo2roMUYJMurXQrk8NhfIC%2FlTUvk79zA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbe60bc1-AMS accept-ranges bytes content-length 488 date Mon, 30 Sep 2024 21:04:15 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:34 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	41PUkKpoyiL.js Show response ff-magazin.com/static/js/	24 KB 10 KB	613ms 613ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/41PUkKpoyiL.js?AUIClients/CVFAssets Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f95bdd8640307794cff380cef8333b1ee6fc78dc37aa904356c896e4611a13b6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "fe431a177e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWd5bBekfQRP6USgD9kfePAKaV0%2BI4JjBFa5uKZLItJuSsGybomOsYHCrIzZ3dkQqww8t23yL2nKzTbmoHwliVPOYLEZhmuw1znOAT3XfiCYRDPPmFk4YvtjB9jf%2Bp2FZg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbe90bc1-AMS accept-ranges bytes content-length 9833 date Mon, 30 Sep 2024 21:04:13 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:30 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	8150jbgvn9L.js Show response ff-magazin.com/static/js/	323 KB 124 KB	817ms 816ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/8150jbgvn9L.js?AUIClients/SiegeClientSideEncryptionAUI Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ff7231c17f8ac6bb63f69feee9f023841df9d2f8534e0ecca62e5c8fe376e1ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "437bb5147e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BismNZ7%2F8GO%2Ff7%2FC0Bu6RxkW0DpYhYNlh61RonuTkdB4Y8cEyF92sMk8ReH5Z2AI8n8sA1Palp6VMTUg1M8LTeydmhnBJIbFx3wELvgoyQnWgVwYwnxSNbiso2G8Q7hWKA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbeb0bc1-AMS alt-svc h3=":443"; ma=86400 date Mon, 30 Sep 2024 21:04:13 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:26 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	31jdfgcsPAL.js Show response ff-magazin.com/static/js/	14 KB 5 KB	477ms 477ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/31jdfgcsPAL.js?AUIClients/AmazonUIFormControlsJS Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "fb3d9177e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbNl3Cz8Z6%2FA03VyV14DIqR8hxiihvPBHH6RdmcNSR4S6c4KUpr0bvyG%2Bm150IprQsMZSwiSpgYok86616XGawoJ5kcD%2FDtQ3hIg%2Frmumdpm%2BSUS9%2BBIxFEcxqGAN6TGaQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbec0bc1-AMS accept-ranges bytes content-length 4838 date Mon, 30 Sep 2024 21:04:12 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:31 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	71MFMsTQG0L.js Show response ff-magazin.com/static/js/	177 KB 55 KB	7847ms 7846ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/71MFMsTQG0L.js?AUIClients/IdentityWebAuthnAssets Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6f9fb9a85e64db39d08786e8c785d2daa249d20a245ef39649211c0df777c2fb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "d288a1157e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJqh8yIivgfT%2BhTE%2FNcdepVUw6a2exyKnWVWLzlxR3%2BdoQcFIMBqPAFoZg8V3sybqpfVyavrfmU4Es3prtW2VBJfxpryvYKelZHH0G3hqsjtj7MCEVieAKQz3jePYvduVQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbed0bc1-AMS accept-ranges bytes content-length 55760 date Mon, 30 Sep 2024 21:04:20 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:27 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	51RddlGAZmL.js Show response ff-magazin.com/static/js/	58 KB 19 KB	1832ms 1832ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/51RddlGAZmL.js?AUIClients/IdentityJsCommonAssets Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 73109ed7757bc9921ab63789df583202cb772709a571977a70bd737e17945d91 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "ce346c167e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0MEbfQL85quWbjA3Xx50awBLeHM%2BpltCfHbnAc0JoFut%2ByneH5mqheZGwSSzuk%2FxOwZLTNeE3EyWxppBJeOOJFCkrz4WvTJrARVZrNsNLz2D%2FtBrhTRA1ZjKAkV1TFX0w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fdfbee0bc1-AMS accept-ranges bytes content-length 19050 date Mon, 30 Sep 2024 21:04:14 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:28 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	71v46YykigL.js Show response ff-magazin.com/static/js/	256 KB 98 KB	967ms 966ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/71v46YykigL.js?AUIClients/FWCIMAssets Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 96d1c72a1edd9637dbe30c1b0693316a2a0885c94da9b6a3b61fc573dd9737f9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "d3ec65157e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WL2Jgu14zKv8pRcEZgy5yG1lWogvO0ODJZ%2F0u2b2WbH8lah082OwgXwhOtVqXhtUbwp0J%2FgaQZnM%2BwFW4DSnX7yBfvemlqg75H%2FVX8KtcmK3hiPNp0IfEjjLQ7Hb%2FA4kZw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fe0bef0bc1-AMS date Mon, 30 Sep 2024 21:04:13 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:27 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	A16Ccz05m-L.js ff-magazin.com/static/js/	415 KB 0	2335ms 2335ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/A16Ccz05m-L.js?AUIClients/ACICAssets Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ff-magazin.com Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "dce4a0137e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8lKF6lGjUQg%2FeM6I0VtmO6sx98aaZsu1kyBbKT30j3M3tF1zISGEYbs3ba5fvLnmPMjZdZYMpzqDm4vPMZNNEjetoKnno%2B1MNnDM%2BTnbdsWOa81RHmA681nWv1DbuxEQQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fe0bf00bc1-AMS date Mon, 30 Sep 2024 21:04:14 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:24 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H3	200	mPGmT0r6IeTyIee.png ff-magazin.com/static/image/	27 KB 28 KB	4608ms 4607ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ff-magazin.com/static/image/mPGmT0r6IeTyIee.png Requested by Host: ff-magazin.com URL: https://ff-magazin.com/static/css/617yUmK-YcL._RC11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/static/css/617yUmK-YcL._RC11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "a4dd997e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFrNzlMcWJCDK5Nd5pGkA%2B6XH9Z06%2BB19HKuIwKynFEEYS1jTzt8C10nzGHrbdXyxVistOUcVMteH6F3WqwLiCs7Ae6%2FOgOz8av6fsUMNpuUuPgZntt3J%2BgvlDYlILRSlQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb729fe1bf60bc1-AMS accept-ranges bytes content-length 27972 date Mon, 30 Sep 2024 21:04:17 GMT content-type image/png last-modified Sun, 29 Sep 2024 14:44:07 GMT x-powered-by ASP.NET server cloudflare vary Accept-Encoding
GET H3	200	showads.v2.js Show response ff-magazin.com/static/js/	23 B 593 B	480ms 477ms	Fetch application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ff-magazin.com/static/js/showads.v2.js?category=ad&adstype=-ad-column-&ad_size=-housead- Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag "55ebadf7e12db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkNAVOjutoAImqbhYexLaUWOK117PIVjedSyMJ2b1kgppfYUqvcjn3QocJsRkQ8nS7Rqr1swOtVl6NnJwlBZYbxIVWaAsOIANwcm5YzzednHLORnGAv5eULDVLPuHOdXrQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cb72a0ad9150bc1-AMS accept-ranges bytes content-length 141 date Mon, 30 Sep 2024 21:04:14 GMT content-type application/javascript last-modified Sun, 29 Sep 2024 14:44:17 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H2	200	index.js Show response d35uxhjf90umnp.cloudfront.net/	37 KB 12 KB	82ms 23ms	Script application/javascript	2600:9000:2490:fe00:3:12d0:8d40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35uxhjf90umnp.cloudfront.net/index.js Requested by Host: ff-magazin.com URL: https://ff-magazin.com/static/js/71v46YykigL.js?AUIClients/FWCIMAssets Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:fe00:3:12d0:8d40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ff-magazin.com/ Response headers vary Accept-Encoding content-encoding gzip etag W/"a216acbf4c266a507cb6c7de4d63d883" x-amz-version-id .WCB9yvxzufrsvypRZW5w_pUwNZ4.SCn age 76239 via 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id KrLyDI2EYoz94pWAJkEmN7fORf9Bj8LVhob-_T7YARjipmTPRZb3xw== date Sun, 29 Sep 2024 23:53:40 GMT content-type application/javascript last-modified Tue, 27 Apr 2021 20:18:23 GMT server AmazonS3 x-amz-cf-pop FRA56-P6 x-amz-server-side-encryption AES256
POST H2	204	/ fls-eu.amazon.com/1/batch/1/OE/	0 165 B	34ms 32ms	Ping text/plain	52.48.171.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fls-eu.amazon.com/1/batch/1/OE/ Requested by Host: ff-magazin.com URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.171.237 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-171-237.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://ff-magazin.com/ Response headers x-amzn-requestid a420e0fa-71eb-4444-9168-7678e2e968ae access-control-allow-origin * access-control-expose-headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date date Mon, 30 Sep 2024 21:04:19 GMT
POST H/1.1	200 OK	com.amazon.eel.katal.metrics.core.nexus.gamma unagi-na.amazon.com/1/events/	2 B 403 B	372ms 107ms	Ping application/json	44.215.129.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://unagi-na.amazon.com/1/events/com.amazon.eel.katal.metrics.core.nexus.gamma Requested by Host: ff-magazin.com URL: https://ff-magazin.com/static/js/51RddlGAZmL.js?AUIClients/IdentityJsCommonAssets Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 44.215.129.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-215-129-188.compute-1.amazonaws.com Software Server / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://ff-magazin.com/ Response headers Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Encoding gzip Connection keep-alive x-amzn-RequestId 63f24981-891c-4c3b-b186-d7a5114b94a9 x-amz-rid 1A3SSSM2N71HGKXJMCG1 Content-Length 22 Date Mon, 30 Sep 2024 21:04:21 GMT Content-Type application/json Vary Content-Type,Accept-Encoding,User-Agent Server Server
GET		A16Ccz05m-L.js ff-magazin.com/static/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ff-magazin.com

URL

https://ff-magazin.com/static/js/A16Ccz05m-L.js?AUIClients/ACICAssets

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_furl string| ue_surl number| ue_fcsn number| ue_urt string| ue_rpl_ns number| ue_ddq string| ue_fpf number| ue_sbuimp number| ue_lpsi string| ue_lob number| ue_swi function| ue_viz number| ue_hoe number| ue_ihb object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart function| _pSetI function| _sw function| _pd number| ue_ihe function| csa object| app object| amzn function| cf object| metadataList object| input object| authenticationFormList number| index object| fwcimCmd boolean| acicShouldSetup function| acicEventListener function| submitForm function| setAAToken function| getClientContext function| getFwcimBlob function| getEmailAddress function| isTestEmailPattern object| ue_mbl string| ue_pty string| ue_spty number| ue_adb number| ue_adb_rtla number| ue_wtc_c number| ue_ibe function| _uess number| ue_fadb function| ue_isAdb object| ue_utils number| ue_unrt number| ue_adb_chk function| setImmediate function| clearImmediate number| __fwcimLoaded object| fwcim object| pie object| regeneratorRuntime object| SiegeCrypto object| jQuery16409272507340213811

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ff-magazin.com/	1970-01-21 08:19:30	Name: csm-hit Value: tb:s-B0M1ZEV6D7RPCPCAMSZJ|1727730252470&t:1727730255001&adb:adblk_no
			ff-magazin.com/	1970-01-20 23:55:31	Name: id_pkel Value: n0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ff-magazin.com/b1cf7d5dd846479a818ee24e59027923.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d35uxhjf90umnp.cloudfront.net
ff-magazin.com
fls-eu.amazon.com
unagi-na.amazon.com
ff-magazin.com
188.114.96.3
2600:9000:2490:fe00:3:12d0:8d40:21
2a06:98c1:3121::3
44.215.129.188
52.48.171.237
04ddbd1403035cb26bdb70f8786888a73b0cdbf208675e10f245e20dd2ef4621
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89
432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48d371189b07243f6fef339c2bcdf872b3083af99cde012094dd21a1ec87d72c
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
6f9fb9a85e64db39d08786e8c785d2daa249d20a245ef39649211c0df777c2fb
71fe9e8b96067b662d7f2cb0d6222ad60ef3fa16eaa69bc431f8d3ae4f5dd0ac
73109ed7757bc9921ab63789df583202cb772709a571977a70bd737e17945d91
7a749e1ac030cd46fa63792b706e389756a71caec5d1d92048238bf0de145760
88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5
96d1c72a1edd9637dbe30c1b0693316a2a0885c94da9b6a3b61fc573dd9737f9
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
b3c8d89eb313890e0459eac1e88b3db96f5a4e24690da894fb7fb76dd6aa4929
c47691a714391803f4a58cb0400db014ef031fa64ea282235be2035299707eeb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f592b1b49eead8f99c977ede443e7bf79500c4aef5dbf8ca05f64ec4e743d3c4
f95bdd8640307794cff380cef8333b1ee6fc78dc37aa904356c896e4611a13b6
ff7231c17f8ac6bb63f69feee9f023841df9d2f8534e0ecca62e5c8fe376e1ba