midway-auth.amazon.com
Open in
urlscan Pro
52.94.216.111
Public Scan
Submitted URL: https://portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/
Effective URL: https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-eu-west-1.federate.amaz...
Submission Tags: @phishunt_io
Submission: On February 13 via api from ES
Effective URL: https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-eu-west-1.federate.amaz...
Submission Tags: @phishunt_io
Submission: On February 13 via api from ES
Summary
This website contacted 2 IPs
in 2 countries
across 3 domains to perform 13 HTTP transactions.
The main IP is 52.94.216.111, located in
Dublin, Ireland and
belongs to AMAZON-02, US.
The main domain is midway-auth.amazon.com.
TLS certificate: Issued by Amazon on May 17th 2020. Valid for: a year.
This is the only time midway-auth.amazon.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on May 17th 2020. Valid for: a year.
This is the only time midway-auth.amazon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 6 | 2600:9000:205... 2600:9000:2057:dc00:8:2011:5880:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 2600:1f18:257... 2600:1f18:257:8001:7a9c:a9a2:8f82:46aa | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 1 | 34.243.7.238 34.243.7.238 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 8 | 52.94.216.111 52.94.216.111 | 16509 (AMAZON-02) (AMAZON-02) | |
| 13 | 2 |
6
2600:9000:2057:dc00:8:2011:5880:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev |
1
2600:1f18:257:8001:7a9c:a9a2:8f82:46aa
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| 490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com |
1
34.243.7.238
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-7-238.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-7-238.eu-west-1.compute.amazonaws.com
| idp-integ.federate.amazon.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
amazon.com
2 redirects
idp-integ.federate.amazon.com midway-auth.amazon.com |
198 KB |
| 6 |
amazon.dev
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev |
712 KB |
| 1 |
amazoncognito.com
1 redirects
490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com |
2 KB |
| 13 | 3 |
| Domain | Requested by | |
|---|---|---|
| 8 | midway-auth.amazon.com |
1 redirects
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev
midway-auth.amazon.com |
| 6 | portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev |
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev
|
| 1 | idp-integ.federate.amazon.com | 1 redirects |
| 1 | 490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com | 1 redirects |
| 13 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| w.amazon.com |
| password-v2.corp.amazon.com |
| firstaid.amazon-corp.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev Amazon |
2021-02-12 - 2022-03-13 |
a year | crt.sh |
| midway-auth.dub.amazon.com Amazon |
2020-05-17 - 2021-05-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-eu-west-1.federate.amazon.com%26redirect_uri%3Dhttps%253A%252F%252Fidp-integ-eu-west-1.federate.amazon.com%252Fapi%252Fv1%252Fintermediate%26response_type%3Did_token%26scope%3Dopenid%26nonce%3DCQ4SDSGJUCND3TPB8FE6DR7VJA%26state%3DAYABeOtPLe24o725K%252FSqVrFOD2YAIwABAAN0eG4AGkNRNFNEU0dKVUNORDNUUEI4RkU2RFI3VkpBAAEAB2F3cy1rbXMAS2Fybjphd3M6a21zOmV1LXdlc3QtMTowNjY1NzA5Njk4MzM6a2V5LzMyYTk5MDAzLTY4ZDYtNGQxMS04MDExLTVmM2RmNWE0MjZjNwC4AQIBAHhPW6lBPoXJ7Cp5OUaBtOlY4ZY2KX%252Bny2SEZomo6YgaaAFSqdN6aQoP1tkb0rQeFe66AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMwpz2NcCfc0O8eOC%252BAgEQgDsRjNYk34Ns2wru%252BQouwGdhYc4x25lyGYUGBvMT%252Fkyq8s3iMVqttZE6beZzs6jUH2BbXypZSroUqAA6oQIAAAAADAAAEAAAAAAAAAAAAAAAAADT68m%252FdOrP%252FWmOWu4jJLU9%252F%252F%252F%252F%252FwAAAAEAAAAAAAAAAAAAAAEAAAjVDL53QWf8jkKC9avM4eMnn6J2tOT%252FrTnYtJeBj%252FOLyr8%252BDiDYFEnYrBeDeurnpy%252BEeJn8hhlwnUfu4CbvsQd2mdbPp7O%252B4qrEDRXOBDfW5eT2D8fcZHq7aKc8kqkuo0GaniEE8%252FBDVXrZFNrjuT%252Bua%252BcAPFGSLCcz5moIBbelaqimjP5C75aZVTzFgRhAPr1aCITihfFuT8s1XEoNnNLef3IIWGbLazxeJTWqW0VTtHdzkXU9PnH9bdDqemXQw7DuAGCG7pTtGRbJT3z7qTez%252Fdlthwh4C3FvTgFhKdGzMW3DOg7l6UouMTp0yVqcD%252FSNJp70uGAkTzUWZwVtRSIErSD%252Fwd9pjkoZXLbjL3%252B6ucwlzj4%252Fx8OhJTL%252BXDCIszufN94OHvP4kCt8l0s%252FO%252Fjl2czAH3GJ0DO%252BnZUsB5HwxHpw5zQidol6k51ffeQq2BEPntBWnqDwELtYCmUWbxPNpPuUcB1cyVQtriWrh%252FAsc19aQSyaX%252FGKzkIs0%252B27eodh8dDXUxhG8G8S88BbgmAOjWooKMPJW3rIfiu%252BC46i1wkX19YI5A4a9jxEIpAzO1ctrj8DE08%252BHpn4%252FgGY%252Bi6jIMX7g0B3lom7zqskF8BoreKoxLjgfWpLzSr4mvjnAjMV%252FkwrdPaG7q308It5uKbQRim1WZlXhmWukgeGAO%252FW3ZL0zuicPKs0%252FLLEdujAuHr7wCbw6zhhrdWWXeLwXtKYzIeeaJK%252BBAEyCizC3bP%252Brs5INSF8U58wMcNtEj%252B400h5%252BqU1JkAvapr%252BpWnsepXwDRluXPETiulvysDA45lsbxN%252Bo80HikedbL9kClhZve4d0TVT5TsG8x7J8ziQLe6eEkpI8JYgP5TQN63QJHfe30u5DAt%252FKxH6%252FOtDqtRNaKjStRwUkZYYK39zdn9fGJ4gJwKkiyrrt97d0KBliQql9vhE0SkpEPw3B%252BEDBsEAZtCgidvEUP%252BBqO9BPD8OaCgPMKlsboYlCeMb5W4QFVd6ItgBaIZwdUakYn5m2cZdJtDA0h1qacA0K7L5xfUfdC4OH5M6GN97EOiTabslGRdBWIq3yKTrSEZBh9KYSOTxk%252B4A6Dq4s1d%252B9S4fnaDQ1zOmmS%252FVhes%252FxvNoqwLt2yn0aFYJalXY3%252F26IRn0N%252BaXIEo3gYgitJXZkNxRWEFu6hSTSBXdsrjDNpimVeEm8hUEYKCaoJwYvU%252B%252B81AIIkgZlH8DrwfkDuK08vNoWpIEJlBs4ywjV5V7reKx2btHJFM9U55B%252Bdpm9wpUnl%252Fi%252BluDly7tsk4gGtA5abG869WdvfPuRWaMhB4V5OYh3D99llH7uAU0wrESTMX%252FICTP6D7dmChPXZpZhHPnZLhOb6ng5jtZr6ZDg2Rz2w81V5byRNQLZD5MDcw62Tg%252Fz6ZBYykwsLWFJszbyQYp5SZIgzwbpLcmUGTIvY4XJQwLmdlra3TZ9dqopJidMMUBIZ0Q9wRAi7K2CLSXI8Ce93VU9tB6Rh4XSYK4fwEQVfZvW2UkIDPblmwzi%252FCMtasQniqrNQRVVOCJyWARlGGPfekhPOOV45F5QsC1IivvZaZMEyUIyvBkEHb46BeDPVLoHnzvJSBYcFVrcjfYAHTrysrL%252FiiLZ5T2upY8BBU2V4EUYxftqA2P8DYgAmwL5NtmDu%252BBzLygw1Evwfe1TGDHEXV9gaWrzvA5xjBw9ALke6VLMSHRE8arI77rRZr46TdV9IzqNkK9MdJ%252Fb544A%252FVd%252FQh0tg4FwR2RYYEwILgCH4evg1pisy%252B6iWzIFA5tzyJAs0AtsNEPQxqHVZi%252FnCuQqZF9WldiKtiWtcRP6gtUEVdMePvbnI%252Fzoy3o3wuumEeh7kRWlAVOCCyXHDKBef9m3oQ3kkXhYJs4tF0oDFmLJ5G3WESXid13djdZzEvjftO07HXsONxx1AgiL9wZjUXACnHlZ6ZgPOyIbX9uULT6G0w7k%252FJ24ehSXT5AVjtYpvySIV2HdqCYCWZbSIcG6IOM6HBfpwfm%252FOOgY4NnnBm5lS4vK2y9aEonrEqXTCRkF20wwnkxr2sD7vOXXJg%252B6RZ%252BtfBcceHDgEiRLtCrUr8nKVj%252B%252BAgrZchvHRU3zs7QokrGspWNKZ1uyB7wg6RIuKKgz%252Faf0cX1YGlQNApG1%252BJQUs6wH5PhNKbV%252FUdWgVr0JRl4YYYJ5iIcwlLQz280cfNVtNDDzgQPmkR2YdLhlf3igxHLDVmAqfsguaa9KWqgxLym2COrDA9hBS%252F3nub1p2guvIVDMZaKWxL1CX6qLSveEo2DzpN9roasOZJAh0ZKwWw7rK7pxV9%252BbwZScleKCJhyAIEAazFac0Ja%252BvxNDpj1cbNHBeJM0A%252FQzF8Chts2le7MgBORbKWy%252BQTH9sL1iMNj9laEUepFmSpjcRpBwloUOwaOp1GRY583GZrwqdu0%252Bynz7BMtOJ%252FLVv4cwUCs67%252BGDTjAvZGLF6d6QGbVPxoWTuRv%252BUUbrpkJxEiU86gJcsjLilCGBalZlnB9KdEdDOlOm7KKXaak%252FHCWfZLd%252BkwpbOUVxvKUhxl0r3pRVkFftM46z1WANIYVsbDkph5XxI9bJRqNfl4t89zwtn6UkEvAfspgxIZFpKV%252BX4YCZ%252BvtVnA8UC%252Bzm6TTHjK1S699tLvanSxBdq4W5%252B3frfkoFu%252F%252BN0GSaZOO%252FdlexU9hZDIXqoMNv5VTPwtvkziNhW1jDkBZ39yJ%252BB%252F%252F7cqb5OzCJNtEWJSCk%252BjBF7qJnqw2sn3I%252BuT5JpRLD3qW5E010O%252BuS131S0u%252B8xNQcybzSZf2mJfkWV3oQMG8QzuzJAuIfLaXhfp%252FHbhc4fmQH3QiTqh9viZ22i1wrIsps6WRRU8De5L%252Fkk8nNX1%252F7OomiDsdpCJDloH15j2FVvyPp%252BwP1ieoR4PRVhBF5nY3ImZWaxC2QW0KmHs7K2SO3xd40k8ir9EUU4T1HsunzIlNIukfFfqC4xlDZ79t%252FrVqyEAR%252BvWIKRkE6S%252Bby23%252FJJoy3LbLu8LTyqVFtD2Y3MTWeCOWiYl7DAemAGsJow48HckL1bf56oy9&noauth=1&require_digital_identity=false
Frame ID: 2F29F3CB77A6A8A459F499D208F7C891
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/ Page URL
-
https://490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fportal.us-east-1.490766033914.lo...
HTTP 302
https://idp-integ.federate.amazon.com/api/oauth2/v1/authorize?client_id=integ.f3.excelsior.midway.federate.oidc&re... HTTP 302
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-integ-eu-west-1.federate.amazon.com... HTTP 302
https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-eu-... Page URL
Detected technologies
Ruby
(Programming Languages)
Expand
Overall confidence: 50%
Detected patterns
Detected patterns
- meta csrf-param /^authenticity_token$/i
Ruby on Rails
(Web Frameworks)
Expand
Overall confidence: 50%
Detected patterns
Detected patterns
- meta csrf-param /^authenticity_token$/i
Amazon Web Services
(PaaS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://w.amazon.com/index.php/NextGenMidway/FAQ
Title: Why am I here?
Title: Why am I here?
Search URL Search Domain Scan URL
URL: https://password-v2.corp.amazon.com/selfReset
Title: reset password
Title: reset password
Search URL Search Domain Scan URL
URL: https://firstaid.amazon-corp.com/
Title: chat with IT support
Title: chat with IT support
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/ Page URL
-
https://490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fportal.us-east-1.490766033914.local.excelsior.f3.amazon.dev&response_type=code&client_id=7nri50ik9roosv534nlivvp52c&identity_provider=Midway&scope=openid%20email%20profile&state=wTHOO3cCjlyVjZJYTSofvBudg25HCwhY&code_challenge=krUuc6fQwWacSpI-r-tChqbJCW-LIDDiN2jC-LKCMOY&code_challenge_method=S256
HTTP 302
https://idp-integ.federate.amazon.com/api/oauth2/v1/authorize?client_id=integ.f3.excelsior.midway.federate.oidc&redirect_uri=https%3A%2F%2F490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid&response_type=code&state=ZXlKMWMyVnlVRzl2YkVsa0lqb2lkWE10WldGemRDMHhYM3BMVUZoYVRGbG5NeUlzSW5CeWIzWnBaR1Z5VG1GdFpTSTZJazFwWkhkaGVTSXNJbU5zYVdWdWRFbGtJam9pTjI1eWFUVXdhV3M1Y205dmMzWTFNelJ1YkdsMmRuQTFNbU1pTENKeVpXUnBjbVZqZEZWU1NTSTZJbWgwZEhCek9pOHZjRzl5ZEdGc0xuVnpMV1ZoYzNRdE1TNDBPVEEzTmpZd016TTVNVFF1Ykc5allXd3VaWGhqWld4emFXOXlMbVl6TG1GdFlYcHZiaTVrWlhZaUxDSnlaWE53YjI1elpWUjVjR1VpT2lKamIyUmxJaXdpY0hKdmRtbGtaWEpVZVhCbElqb2lUMGxFUXlJc0luTmpiM0JsY3lJNld5SnZjR1Z1YVdRaUxDSmxiV0ZwYkNJc0luQnliMlpwYkdVaVhTd2ljM1JoZEdVaU9pSjNWRWhQVHpOalEycHNlVlpxV2twWlZGTnZablpDZFdSbk1qVklRM2RvV1NJc0ltTnZaR1ZEYUdGc2JHVnVaMlVpT2lKcmNsVjFZelptVVhkWFlXTlRjRWt0Y2kxMFEyaHhZa3BEVnkxTVNVUkVhVTR5YWtNdFRFdERUVTlaSWl3aVkyOWtaVU5vWVd4c1pXNW5aVTFsZEdodlpDSTZJbE15TlRZaUxDSnViMjVqWlNJNkltaGhXakE0WmxVNGVrbDFXbFYzVmtJNVNGZEJkVVIyYUMxSGJqTmpPVUZ1WW1nMFgzTlNOMUpuYm1zeFFqY3hXVWhvVTFGaVRHRnJZMUZyVUVwV1VuUkpkRVpuV0hnMExVaE9hamR0UW5ocFVtVjVOa0l3U1RCMk5YSkdhMUppVkhwTU4waFlNVlJwU25jd1kweEtMVUpIZDNSTVFWTkpVR05xVFZOU1dqUk1ZV05pUzNKeU5rMUtieloyVUdWSmMzWmFUVzVtYUVSVlFqZzNlRE5KTkdSNlh6bEdZMlp6WVZkMVNTSXNJbk5sY25abGNraHZjM1JRYjNKMElqb2lORGt3TnpZMk1ETXpPVEUwTFdWNFkyVnNjMmx2Y2kxbU15NWhkWFJvTG5WekxXVmhjM1F0TVM1aGJXRjZiMjVqYjJkdWFYUnZMbU52YlNJc0ltTnlaV0YwYVc5dVZHbHRaVk5sWTI5dVpITWlPakUyTVRNeU1UazNOekFzSW5ObGMzTnBiMjRpT201MWJHd3NJblZ6WlhKQmRIUnlhV0oxZEdWeklqcHVkV3hzTENKemRHRjBaVVp2Y2t4cGJtdHBibWRUWlhOemFXOXVJanBtWVd4elpYMD06ZFpqdyszaFZXT2ZTczJyUzJpSWJsQ0RONzJqNDJXSjZmNzBSaXYyNDVtUT06Mw%3D%3D HTTP 302
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-integ-eu-west-1.federate.amazon.com&redirect_uri=https%3A%2F%2Fidp-integ-eu-west-1.federate.amazon.com%2Fapi%2Fv1%2Fintermediate&response_type=id_token&scope=openid&nonce=CQ4SDSGJUCND3TPB8FE6DR7VJA&state=AYABeOtPLe24o725K%2FSqVrFOD2YAIwABAAN0eG4AGkNRNFNEU0dKVUNORDNUUEI4RkU2RFI3VkpBAAEAB2F3cy1rbXMAS2Fybjphd3M6a21zOmV1LXdlc3QtMTowNjY1NzA5Njk4MzM6a2V5LzMyYTk5MDAzLTY4ZDYtNGQxMS04MDExLTVmM2RmNWE0MjZjNwC4AQIBAHhPW6lBPoXJ7Cp5OUaBtOlY4ZY2KX%2Bny2SEZomo6YgaaAFSqdN6aQoP1tkb0rQeFe66AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMwpz2NcCfc0O8eOC%2BAgEQgDsRjNYk34Ns2wru%2BQouwGdhYc4x25lyGYUGBvMT%2Fkyq8s3iMVqttZE6beZzs6jUH2BbXypZSroUqAA6oQIAAAAADAAAEAAAAAAAAAAAAAAAAADT68m%2FdOrP%2FWmOWu4jJLU9%2F%2F%2F%2F%2FwAAAAEAAAAAAAAAAAAAAAEAAAjVDL53QWf8jkKC9avM4eMnn6J2tOT%2FrTnYtJeBj%2FOLyr8%2BDiDYFEnYrBeDeurnpy%2BEeJn8hhlwnUfu4CbvsQd2mdbPp7O%2B4qrEDRXOBDfW5eT2D8fcZHq7aKc8kqkuo0GaniEE8%2FBDVXrZFNrjuT%2Bua%2BcAPFGSLCcz5moIBbelaqimjP5C75aZVTzFgRhAPr1aCITihfFuT8s1XEoNnNLef3IIWGbLazxeJTWqW0VTtHdzkXU9PnH9bdDqemXQw7DuAGCG7pTtGRbJT3z7qTez%2Fdlthwh4C3FvTgFhKdGzMW3DOg7l6UouMTp0yVqcD%2FSNJp70uGAkTzUWZwVtRSIErSD%2Fwd9pjkoZXLbjL3%2B6ucwlzj4%2Fx8OhJTL%2BXDCIszufN94OHvP4kCt8l0s%2FO%2Fjl2czAH3GJ0DO%2BnZUsB5HwxHpw5zQidol6k51ffeQq2BEPntBWnqDwELtYCmUWbxPNpPuUcB1cyVQtriWrh%2FAsc19aQSyaX%2FGKzkIs0%2B27eodh8dDXUxhG8G8S88BbgmAOjWooKMPJW3rIfiu%2BC46i1wkX19YI5A4a9jxEIpAzO1ctrj8DE08%2BHpn4%2FgGY%2Bi6jIMX7g0B3lom7zqskF8BoreKoxLjgfWpLzSr4mvjnAjMV%2FkwrdPaG7q308It5uKbQRim1WZlXhmWukgeGAO%2FW3ZL0zuicPKs0%2FLLEdujAuHr7wCbw6zhhrdWWXeLwXtKYzIeeaJK%2BBAEyCizC3bP%2Brs5INSF8U58wMcNtEj%2B400h5%2BqU1JkAvapr%2BpWnsepXwDRluXPETiulvysDA45lsbxN%2Bo80HikedbL9kClhZve4d0TVT5TsG8x7J8ziQLe6eEkpI8JYgP5TQN63QJHfe30u5DAt%2FKxH6%2FOtDqtRNaKjStRwUkZYYK39zdn9fGJ4gJwKkiyrrt97d0KBliQql9vhE0SkpEPw3B%2BEDBsEAZtCgidvEUP%2BBqO9BPD8OaCgPMKlsboYlCeMb5W4QFVd6ItgBaIZwdUakYn5m2cZdJtDA0h1qacA0K7L5xfUfdC4OH5M6GN97EOiTabslGRdBWIq3yKTrSEZBh9KYSOTxk%2B4A6Dq4s1d%2B9S4fnaDQ1zOmmS%2FVhes%2FxvNoqwLt2yn0aFYJalXY3%2F26IRn0N%2BaXIEo3gYgitJXZkNxRWEFu6hSTSBXdsrjDNpimVeEm8hUEYKCaoJwYvU%2B%2B81AIIkgZlH8DrwfkDuK08vNoWpIEJlBs4ywjV5V7reKx2btHJFM9U55B%2Bdpm9wpUnl%2Fi%2BluDly7tsk4gGtA5abG869WdvfPuRWaMhB4V5OYh3D99llH7uAU0wrESTMX%2FICTP6D7dmChPXZpZhHPnZLhOb6ng5jtZr6ZDg2Rz2w81V5byRNQLZD5MDcw62Tg%2Fz6ZBYykwsLWFJszbyQYp5SZIgzwbpLcmUGTIvY4XJQwLmdlra3TZ9dqopJidMMUBIZ0Q9wRAi7K2CLSXI8Ce93VU9tB6Rh4XSYK4fwEQVfZvW2UkIDPblmwzi%2FCMtasQniqrNQRVVOCJyWARlGGPfekhPOOV45F5QsC1IivvZaZMEyUIyvBkEHb46BeDPVLoHnzvJSBYcFVrcjfYAHTrysrL%2FiiLZ5T2upY8BBU2V4EUYxftqA2P8DYgAmwL5NtmDu%2BBzLygw1Evwfe1TGDHEXV9gaWrzvA5xjBw9ALke6VLMSHRE8arI77rRZr46TdV9IzqNkK9MdJ%2Fb544A%2FVd%2FQh0tg4FwR2RYYEwILgCH4evg1pisy%2B6iWzIFA5tzyJAs0AtsNEPQxqHVZi%2FnCuQqZF9WldiKtiWtcRP6gtUEVdMePvbnI%2Fzoy3o3wuumEeh7kRWlAVOCCyXHDKBef9m3oQ3kkXhYJs4tF0oDFmLJ5G3WESXid13djdZzEvjftO07HXsONxx1AgiL9wZjUXACnHlZ6ZgPOyIbX9uULT6G0w7k%2FJ24ehSXT5AVjtYpvySIV2HdqCYCWZbSIcG6IOM6HBfpwfm%2FOOgY4NnnBm5lS4vK2y9aEonrEqXTCRkF20wwnkxr2sD7vOXXJg%2B6RZ%2BtfBcceHDgEiRLtCrUr8nKVj%2B%2BAgrZchvHRU3zs7QokrGspWNKZ1uyB7wg6RIuKKgz%2Faf0cX1YGlQNApG1%2BJQUs6wH5PhNKbV%2FUdWgVr0JRl4YYYJ5iIcwlLQz280cfNVtNDDzgQPmkR2YdLhlf3igxHLDVmAqfsguaa9KWqgxLym2COrDA9hBS%2F3nub1p2guvIVDMZaKWxL1CX6qLSveEo2DzpN9roasOZJAh0ZKwWw7rK7pxV9%2BbwZScleKCJhyAIEAazFac0Ja%2BvxNDpj1cbNHBeJM0A%2FQzF8Chts2le7MgBORbKWy%2BQTH9sL1iMNj9laEUepFmSpjcRpBwloUOwaOp1GRY583GZrwqdu0%2Bynz7BMtOJ%2FLVv4cwUCs67%2BGDTjAvZGLF6d6QGbVPxoWTuRv%2BUUbrpkJxEiU86gJcsjLilCGBalZlnB9KdEdDOlOm7KKXaak%2FHCWfZLd%2BkwpbOUVxvKUhxl0r3pRVkFftM46z1WANIYVsbDkph5XxI9bJRqNfl4t89zwtn6UkEvAfspgxIZFpKV%2BX4YCZ%2BvtVnA8UC%2Bzm6TTHjK1S699tLvanSxBdq4W5%2B3frfkoFu%2F%2BN0GSaZOO%2FdlexU9hZDIXqoMNv5VTPwtvkziNhW1jDkBZ39yJ%2BB%2F%2F7cqb5OzCJNtEWJSCk%2BjBF7qJnqw2sn3I%2BuT5JpRLD3qW5E010O%2BuS131S0u%2B8xNQcybzSZf2mJfkWV3oQMG8QzuzJAuIfLaXhfp%2FHbhc4fmQH3QiTqh9viZ22i1wrIsps6WRRU8De5L%2Fkk8nNX1%2F7OomiDsdpCJDloH15j2FVvyPp%2BwP1ieoR4PRVhBF5nY3ImZWaxC2QW0KmHs7K2SO3xd40k8ir9EUU4T1HsunzIlNIukfFfqC4xlDZ79t%2FrVqyEAR%2BvWIKRkE6S%2Bby23%2FJJoy3LbLu8LTyqVFtD2Y3MTWeCOWiYl7DAemAGsJow48HckL1bf56oy9 HTTP 302
https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fclient_id%3Dhttps%253A%252F%252Fidp-integ-eu-west-1.federate.amazon.com%26redirect_uri%3Dhttps%253A%252F%252Fidp-integ-eu-west-1.federate.amazon.com%252Fapi%252Fv1%252Fintermediate%26response_type%3Did_token%26scope%3Dopenid%26nonce%3DCQ4SDSGJUCND3TPB8FE6DR7VJA%26state%3DAYABeOtPLe24o725K%252FSqVrFOD2YAIwABAAN0eG4AGkNRNFNEU0dKVUNORDNUUEI4RkU2RFI3VkpBAAEAB2F3cy1rbXMAS2Fybjphd3M6a21zOmV1LXdlc3QtMTowNjY1NzA5Njk4MzM6a2V5LzMyYTk5MDAzLTY4ZDYtNGQxMS04MDExLTVmM2RmNWE0MjZjNwC4AQIBAHhPW6lBPoXJ7Cp5OUaBtOlY4ZY2KX%252Bny2SEZomo6YgaaAFSqdN6aQoP1tkb0rQeFe66AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMwpz2NcCfc0O8eOC%252BAgEQgDsRjNYk34Ns2wru%252BQouwGdhYc4x25lyGYUGBvMT%252Fkyq8s3iMVqttZE6beZzs6jUH2BbXypZSroUqAA6oQIAAAAADAAAEAAAAAAAAAAAAAAAAADT68m%252FdOrP%252FWmOWu4jJLU9%252F%252F%252F%252F%252FwAAAAEAAAAAAAAAAAAAAAEAAAjVDL53QWf8jkKC9avM4eMnn6J2tOT%252FrTnYtJeBj%252FOLyr8%252BDiDYFEnYrBeDeurnpy%252BEeJn8hhlwnUfu4CbvsQd2mdbPp7O%252B4qrEDRXOBDfW5eT2D8fcZHq7aKc8kqkuo0GaniEE8%252FBDVXrZFNrjuT%252Bua%252BcAPFGSLCcz5moIBbelaqimjP5C75aZVTzFgRhAPr1aCITihfFuT8s1XEoNnNLef3IIWGbLazxeJTWqW0VTtHdzkXU9PnH9bdDqemXQw7DuAGCG7pTtGRbJT3z7qTez%252Fdlthwh4C3FvTgFhKdGzMW3DOg7l6UouMTp0yVqcD%252FSNJp70uGAkTzUWZwVtRSIErSD%252Fwd9pjkoZXLbjL3%252B6ucwlzj4%252Fx8OhJTL%252BXDCIszufN94OHvP4kCt8l0s%252FO%252Fjl2czAH3GJ0DO%252BnZUsB5HwxHpw5zQidol6k51ffeQq2BEPntBWnqDwELtYCmUWbxPNpPuUcB1cyVQtriWrh%252FAsc19aQSyaX%252FGKzkIs0%252B27eodh8dDXUxhG8G8S88BbgmAOjWooKMPJW3rIfiu%252BC46i1wkX19YI5A4a9jxEIpAzO1ctrj8DE08%252BHpn4%252FgGY%252Bi6jIMX7g0B3lom7zqskF8BoreKoxLjgfWpLzSr4mvjnAjMV%252FkwrdPaG7q308It5uKbQRim1WZlXhmWukgeGAO%252FW3ZL0zuicPKs0%252FLLEdujAuHr7wCbw6zhhrdWWXeLwXtKYzIeeaJK%252BBAEyCizC3bP%252Brs5INSF8U58wMcNtEj%252B400h5%252BqU1JkAvapr%252BpWnsepXwDRluXPETiulvysDA45lsbxN%252Bo80HikedbL9kClhZve4d0TVT5TsG8x7J8ziQLe6eEkpI8JYgP5TQN63QJHfe30u5DAt%252FKxH6%252FOtDqtRNaKjStRwUkZYYK39zdn9fGJ4gJwKkiyrrt97d0KBliQql9vhE0SkpEPw3B%252BEDBsEAZtCgidvEUP%252BBqO9BPD8OaCgPMKlsboYlCeMb5W4QFVd6ItgBaIZwdUakYn5m2cZdJtDA0h1qacA0K7L5xfUfdC4OH5M6GN97EOiTabslGRdBWIq3yKTrSEZBh9KYSOTxk%252B4A6Dq4s1d%252B9S4fnaDQ1zOmmS%252FVhes%252FxvNoqwLt2yn0aFYJalXY3%252F26IRn0N%252BaXIEo3gYgitJXZkNxRWEFu6hSTSBXdsrjDNpimVeEm8hUEYKCaoJwYvU%252B%252B81AIIkgZlH8DrwfkDuK08vNoWpIEJlBs4ywjV5V7reKx2btHJFM9U55B%252Bdpm9wpUnl%252Fi%252BluDly7tsk4gGtA5abG869WdvfPuRWaMhB4V5OYh3D99llH7uAU0wrESTMX%252FICTP6D7dmChPXZpZhHPnZLhOb6ng5jtZr6ZDg2Rz2w81V5byRNQLZD5MDcw62Tg%252Fz6ZBYykwsLWFJszbyQYp5SZIgzwbpLcmUGTIvY4XJQwLmdlra3TZ9dqopJidMMUBIZ0Q9wRAi7K2CLSXI8Ce93VU9tB6Rh4XSYK4fwEQVfZvW2UkIDPblmwzi%252FCMtasQniqrNQRVVOCJyWARlGGPfekhPOOV45F5QsC1IivvZaZMEyUIyvBkEHb46BeDPVLoHnzvJSBYcFVrcjfYAHTrysrL%252FiiLZ5T2upY8BBU2V4EUYxftqA2P8DYgAmwL5NtmDu%252BBzLygw1Evwfe1TGDHEXV9gaWrzvA5xjBw9ALke6VLMSHRE8arI77rRZr46TdV9IzqNkK9MdJ%252Fb544A%252FVd%252FQh0tg4FwR2RYYEwILgCH4evg1pisy%252B6iWzIFA5tzyJAs0AtsNEPQxqHVZi%252FnCuQqZF9WldiKtiWtcRP6gtUEVdMePvbnI%252Fzoy3o3wuumEeh7kRWlAVOCCyXHDKBef9m3oQ3kkXhYJs4tF0oDFmLJ5G3WESXid13djdZzEvjftO07HXsONxx1AgiL9wZjUXACnHlZ6ZgPOyIbX9uULT6G0w7k%252FJ24ehSXT5AVjtYpvySIV2HdqCYCWZbSIcG6IOM6HBfpwfm%252FOOgY4NnnBm5lS4vK2y9aEonrEqXTCRkF20wwnkxr2sD7vOXXJg%252B6RZ%252BtfBcceHDgEiRLtCrUr8nKVj%252B%252BAgrZchvHRU3zs7QokrGspWNKZ1uyB7wg6RIuKKgz%252Faf0cX1YGlQNApG1%252BJQUs6wH5PhNKbV%252FUdWgVr0JRl4YYYJ5iIcwlLQz280cfNVtNDDzgQPmkR2YdLhlf3igxHLDVmAqfsguaa9KWqgxLym2COrDA9hBS%252F3nub1p2guvIVDMZaKWxL1CX6qLSveEo2DzpN9roasOZJAh0ZKwWw7rK7pxV9%252BbwZScleKCJhyAIEAazFac0Ja%252BvxNDpj1cbNHBeJM0A%252FQzF8Chts2le7MgBORbKWy%252BQTH9sL1iMNj9laEUepFmSpjcRpBwloUOwaOp1GRY583GZrwqdu0%252Bynz7BMtOJ%252FLVv4cwUCs67%252BGDTjAvZGLF6d6QGbVPxoWTuRv%252BUUbrpkJxEiU86gJcsjLilCGBalZlnB9KdEdDOlOm7KKXaak%252FHCWfZLd%252BkwpbOUVxvKUhxl0r3pRVkFftM46z1WANIYVsbDkph5XxI9bJRqNfl4t89zwtn6UkEvAfspgxIZFpKV%252BX4YCZ%252BvtVnA8UC%252Bzm6TTHjK1S699tLvanSxBdq4W5%252B3frfkoFu%252F%252BN0GSaZOO%252FdlexU9hZDIXqoMNv5VTPwtvkziNhW1jDkBZ39yJ%252BB%252F%252F7cqb5OzCJNtEWJSCk%252BjBF7qJnqw2sn3I%252BuT5JpRLD3qW5E010O%252BuS131S0u%252B8xNQcybzSZf2mJfkWV3oQMG8QzuzJAuIfLaXhfp%252FHbhc4fmQH3QiTqh9viZ22i1wrIsps6WRRU8De5L%252Fkk8nNX1%252F7OomiDsdpCJDloH15j2FVvyPp%252BwP1ieoR4PRVhBF5nY3ImZWaxC2QW0KmHs7K2SO3xd40k8ir9EUU4T1HsunzIlNIukfFfqC4xlDZ79t%252FrVqyEAR%252BvWIKRkE6S%252Bby23%252FJJoy3LbLu8LTyqVFtD2Y3MTWeCOWiYl7DAemAGsJow48HckL1bf56oy9&noauth=1&require_digital_identity=false Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.80baa5c3.chunk.css
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/static/css/ |
704 KB 136 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.d7d0fe34.chunk.css
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.bf38e436.chunk.js
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/static/js/ |
2 MB 556 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.b660b3c3.chunk.js
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/static/js/ |
71 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
settings.json
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev/ |
870 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
midway-auth.amazon.com/ Redirect Chain
|
14 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-b3e81c3ff8e75e7b8a2b9a55bf247cfce557e1e9891269778e0a1a9cad484d7e.css
midway-auth.amazon.com/assets/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-7342dee2c573196a853249586782b5ec742c17518d791c5260e463f4547f15e1.js
midway-auth.amazon.com/assets/ |
256 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login-210d6b0049c968cd0960854030f860ddd535fda0d8d9e94bc606299610dd26b2.js
midway-auth.amazon.com/assets/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yubikey-with-lock-5555a15fa7c43bd7778dbabf1c87ccd5b8cfcca373bc6d355648a054d3628d50.png
midway-auth.amazon.com/assets/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajax-spinner-8ca9fe045cf585735bce86ab8ca873f396696ca879d783db9918d4c83a41e208.gif
midway-auth.amazon.com/assets/ |
23 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amazon-logo-cabbd5a0efd8cbe9bbce9472937b612b286632bd561cef6462b3ed638295b80e.png
midway-auth.amazon.com/assets/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
77 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| generate_browser_fingerprint_v3 function| set_encrypted_fp function| get_encrypted_fp function| add_fp_data function| create_cookie_for_detected_browser function| onAeaAndroidDevice function| biometricsOnLoadAndroid function| promptForTouchIDAndroid function| hideBiometricsErrorMessage function| showBiometricsErrorMessage function| parseQuery function| lsTest function| validateNextUrl function| validateSuccessUrl function| authenticationSuccess2 function| getIDToken function| u2fSupported function| requestU2fChallenge2 function| showErrorMessage function| hideErrorMessage function| showGeneralErrorMessage function| hideGeneralErrorMessage function| onAeaiOSDevice function| showBiometricsIfAvailable function| biometricsAvailableCallback function| showBiometricsPane function| biometricsOnLoad function| promptForTouchID function| biometricsAuthenticationCallback function| midwayOnLoad function| submitPassword function| submitOTP function| handleU2fResponse2 function| finishedAuth function| showMidwayErrorMessage function| hideMidwayErrorMessage function| oneTimeLDAPOnLoad function| submitOneTimeLDAPPassword function| showOneTimeLDAPErrorMessage function| hideOneTimeLDAPErrorMessage string| encrypted_fp number| MAX_ALLOWED_FP_LENGTH object| u2f undefined| js_api_version function| $ function| jQuery object| jQuery112407669232810007505 object| Raven function| setImmediate function| clearImmediate number| __fwcimLoaded object| fwcim function| parseUrl function| getU2FEnabled function| does_username_look_valid function| showAuthSuccessScreen function| authenticationSuccess function| handleTokenResponse function| authenticationFailure function| startU2fLogin function| requestU2fChallenge function| str2ab function| ab2str function| handleAuthChallenge function| handleU2fResponse function| handleWebAuthnResponse function| showU2fErrorMessage function| hideU2fErrorMessage2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| midway-auth.amazon.com/ | Name: session Value: eyJraWQiOiIxNTYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..4Z3zyZ1QxUCU_g0xqSR8dA.Ld5VvXNCmtKJ159dheo3FsWSGtnLaorxoxPg-F-DiAjYjgIfVhve4QRi70JLLlToVxw2v7Y43r_dB_AZKIFqTiuclNjoAURrwy0z2LW94qc49kFskTmHP5-chgW3W2gpvlev6-GGpmlomlqZTajCBNWUJZb6epPgJMpfd7DItc8GJI90MEdnke6xNIrdeX4U5F5X72v-tWhrnbmDONy4xmFcZLiQ3CEq_I1d0zCtTj6WEuIB9tvUPKATkw21q3sN.SMcS0EOszNJQSbgppd85vQ |
|
| midway-auth.amazon.com/ | Name: kerberos_disabled Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
490766033914-excelsior-f3.auth.us-east-1.amazoncognito.com
idp-integ.federate.amazon.com
midway-auth.amazon.com
portal.us-east-1.490766033914.local.excelsior.f3.amazon.dev
2600:1f18:257:8001:7a9c:a9a2:8f82:46aa
2600:9000:2057:dc00:8:2011:5880:93a1
34.243.7.238
52.94.216.111
210d6b0049c968cd0960854030f860ddd535fda0d8d9e94bc606299610dd26b2
5555a15fa7c43bd7778dbabf1c87ccd5b8cfcca373bc6d355648a054d3628d50
7342dee2c573196a853249586782b5ec742c17518d791c5260e463f4547f15e1
89f5e94c38e4c15d4ac9762f86e80b998f6fc4692ddf6db66a1141e301b6c9b7
8ca9fe045cf585735bce86ab8ca873f396696ca879d783db9918d4c83a41e208
9f8a86497e1ddc5916492344f8c2e8f2e9a867c4f27ee2fcd33b3102002f12d1
a1b278d5ee60fac3fcc2c4fc507febae7d660c95d3719405a4c632ad201887a8
b3e81c3ff8e75e7b8a2b9a55bf247cfce557e1e9891269778e0a1a9cad484d7e
c90c4598cd32ec49d28b26643de104a5cb3350db14c50f7459eeee5d2bd2f871
cabbd5a0efd8cbe9bbce9472937b612b286632bd561cef6462b3ed638295b80e
cf6a7f6e7261581973bb7173aa288c9c9e0c0e8fad7664a548294307e81bf305
e9162cf90497b77bc3f15618cae3de1fb173b20e433968b28ff1b2338c5ac615