www.quicksign.fr
Open in
urlscan Pro
178.255.129.73
Malicious Activity!
Public Scan
Effective URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4...
Submission: On February 11 via api from BY — Scanned from FR
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 20th 2023. Valid for: a year.
This is the only time www.quicksign.fr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 30 | 178.255.129.73 178.255.129.73 | () () | |
1 2 | 2a02:26f0:480... 2a02:26f0:480:b84::2b19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2a02:26f0:480... 2a02:26f0:480:993::2b19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
33 | 4 |
ASN20940 (AKAMAI-ASN1, NL)
qwww.aexp-static.com |
ASN20940 (AKAMAI-ASN1, NL)
qicm.aexp-static.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
quicksign.fr
1 redirects
www.quicksign.fr |
694 KB |
6 |
aexp-static.com
1 redirects
qwww.aexp-static.com — Cisco Umbrella Rank: 596650 qicm.aexp-static.com — Cisco Umbrella Rank: 319920 |
43 KB |
1 |
qsn.to
1 redirects
qsn.to |
125 B |
33 | 3 |
Domain | Requested by | |
---|---|---|
29 | www.quicksign.fr |
1 redirects
www.quicksign.fr
|
4 | qicm.aexp-static.com |
www.quicksign.fr
qwww.aexp-static.com qicm.aexp-static.com |
2 | qwww.aexp-static.com |
1 redirects
www.quicksign.fr
|
1 | qsn.to | 1 redirects |
33 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.quicksign.fr Sectigo RSA Domain Validation Secure Server CA |
2023-07-20 - 2024-07-21 |
a year | crt.sh |
qwww.americanexpress.com DigiCert EV RSA CA G2 |
2023-10-27 - 2024-10-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Frame ID: 05796D65429DC07A31D9808DDCFA01E9
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
American ExpressPage URL History Show full URLs
-
https://qsn.to/5gzMQg>
HTTP 301
https://www.quicksign.fr/GENERIC_FO/redirect.do?st=5gzMQg> HTTP 302
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Amex Express Checkout (Payment processors) Expand
Detected patterns
- aexp-static\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
28 Outgoing links
These are links going to different origins than the main page.
Title: Consultez la FAQ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Cartes pour les particuliers
Search URL Search Domain Scan URL
Title: Cartes AIR FRANCE KLM - AMEX
Search URL Search Domain Scan URL
Title: Les offres adhérents Club Fnac
Search URL Search Domain Scan URL
Title: Cartes Business
Search URL Search Domain Scan URL
Title: Cartes PRO
Search URL Search Domain Scan URL
Title: Cartes Corporate
Search URL Search Domain Scan URL
Title: Carte perdue ou volée
Search URL Search Domain Scan URL
Title: Code confidentiel
Search URL Search Domain Scan URL
Title: Où utiliser votre carte ?
Search URL Search Domain Scan URL
Title: Espace commerçants
Search URL Search Domain Scan URL
Title: Services en ligne et mobile
Search URL Search Domain Scan URL
Title: Carte supplémentaire
Search URL Search Domain Scan URL
Title: Parrainage de carte
Search URL Search Domain Scan URL
Title: Assurances
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: A propos d'American Express
Search URL Search Domain Scan URL
Title: Emploi et Carrières
Search URL Search Domain Scan URL
Title: Espace Presse
Search URL Search Domain Scan URL
Title: Contactez-nous
Search URL Search Domain Scan URL
Title: Plan du site
Search URL Search Domain Scan URL
Title: Marques déposées
Search URL Search Domain Scan URL
Title: Mentions légales
Search URL Search Domain Scan URL
Title: Protection des données
Search URL Search Domain Scan URL
Title: Sécurité
Search URL Search Domain Scan URL
Title: Politique de Gestion des cookies
Search URL Search Domain Scan URL
Title: American Express Company
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://qsn.to/5gzMQg>
HTTP 301
https://www.quicksign.fr/GENERIC_FO/redirect.do?st=5gzMQg> HTTP 302
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js HTTP 301
- https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03
www.quicksign.fr/GENERIC_FO/ Redirect Chain
|
51 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.1.1.min.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ |
502 B 767 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/ |
370 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/ |
384 B 635 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ |
391 B 642 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/ |
377 B 628 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/ |
800 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dls.min.css
www.quicksign.fr/css-soa3/AMEX/ |
344 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dls.min.js
www.quicksign.fr/js-soa3/AMEX/ |
118 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.5.2.min.js
www.quicksign.fr/GENERIC_FO/scripts/ |
84 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qs-util-1.0.11.js
www.quicksign.fr/js-soa3/lib/qs/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qs-ntp-1.0.4.min.js
www.quicksign.fr/js-soa3/lib/qs/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qs-event-logger-1.3.0.min.js
www.quicksign.fr/js-soa3/lib/qs/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.js
www.quicksign.fr/GENERIC_FO/scripts/ |
197 KB 198 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.css
www.quicksign.fr/GENERIC_FO/css/ |
24 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
www.quicksign.fr/GENERIC_FO/scripts/custom/ |
3 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dls-logo-bluebox-solid.svg
www.quicksign.fr/images-soa3/external/AMEX/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gold_di_480x304.png
www.quicksign.fr/images-soa3/external/AMEX/cartes/ |
112 KB 113 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.gif
qwww.aexp-static.com/nav/ngn/img/ |
43 B 204 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inav_intlEapp.js
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/ Redirect Chain
|
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ |
24 B 550 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ |
24 B 550 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ |
24 B 550 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
637 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BentonSans-Regular.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ |
45 KB 45 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HelveticaNeue%20Regular.ttf
www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/ |
40 KB 40 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ |
24 B 550 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ |
24 B 550 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inav_intlEapp.css
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/ |
26 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
AUNP4GOKSIGPKZQOZS
www.quicksign.fr/GENERIC_FO/rest/bel/ |
44 B 619 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iNav_ngi_sprite_footer.gif
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ |
934 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iNav_ngi_sprite_new.gif
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ |
38 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| setListeners function| listenCheckboxConfirm function| webpackHotUpdate object| DLS function| qsLog function| QsMessaging function| QsUtil function| QsNtp string| belToken function| QsEventLogger object| qsEventLogger object| jQuery15206381512730636247 string| msg string| msg_code function| DP_jQuery_1707642836220 function| loadMessages boolean| qsIsSubmitted function| verifierEmail function| verifierFormatEmail boolean| visible function| hideShow string| vEmail string| vDateNaissance string| vEmailErrone object| NAV function| initOmnDefault number| ice function| omn_rmaction function| omn_rmvar function| omn_bpoclick function| omn_bpoimpression function| ctn_rmaction function| ctn_rmvar function| omn_mer_rmaction function| omn_mer_rmleadstart function| omn_mer_rmshare function| omn_mer_rmvidstart function| omn_mer_rmvidcomplete function| omn_mer_trackdownload function| omn_mer_rmvar function| omn_mer_tracklogin function| omn_relatedprodclick function| searchWidgetAction function| searchWidgetError function| searchWidgetFAQAction function| searchWidgetHyperlinkClick function| searchWidgetSearch function| omn_rmdiscuss function| omn_rmfollowcomplete function| omn_rmfollowstart function| omn_rmlogin function| omn_rmprofile function| omn_rmregcomplete function| omn_rmregstart function| omn_rmaddpaybill function| omn_rmaddsscard function| omn_rmeStatement function| t function| tl string| donneesMetier12 object| elementsDonneeMetier12 object| $itag string| itag_pagename string| itag_pmc string| itag_products function| loadErrorMessage function| postDataFlag1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.quicksign.fr/GENERIC_FO | Name: JSESSIONID Value: qsign-soa3-fo-03~059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31540000 |
X-Content-Type-Options | : nosniff |
X-Xss-Protection | : 1;mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
qicm.aexp-static.com
qsn.to
qwww.aexp-static.com
www.quicksign.fr
178.255.129.73
2a02:26f0:480:993::2b19
2a02:26f0:480:b84::2b19
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
0586275c1c028f59c6a0355bf78796801818430f663c846d38be141593b35a08
05881f9e5c1d5b75296f36a455160938f40dc06066e41e30804655de5eec5495
083e024a2e338291fd1819373cd6ff56a3fd98202464243ce2e4d27cb24dece3
16ac8b78c2479f6b37ae11d37f72560f9427c25301bf0b998fd3a6477fdc8dbb
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
3f2dc7871e73693d3077711736405df39186e481a230ba62ea77c6c1f9cbb784
48e864a6486e4c3495536fece0afa29f970e3522b7a14e3153131230af65cae8
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
53f66044d7356370e82a342254d83c381b8a1ce42ba420195261379f21da4714
55ca0661775c79539b041fb1f6bbd69f61000fe0182d18c3b99af786271582d2
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
6ba30f5bfb76974d2fb555185b8829856440e145ef66d4e1348edef4451fc008
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
9518087a26eb2fbb76327cba98f8defb638f72269a87c31a4838857c8b480f28
9ea9e26164864fd94da9b4e3097139d91ef15ce10ee7edab57bcde1d0f427095
a6c958cd31db1fc88ed8d7744e43e34e3ef03d3d79cecc813999179cf8386904
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
f2d8cf55ad5b917b333bb917219f111f39087511814cf027662fa25f61d00577
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
f328ee3dc30fa9878d87340f7e52c48e9b13fd80666e41099ed344eb791d636d
f9a43271398e748acd2e8a1c69e4b46ca5de471374d11bc18a8b1aa6af457444