194.71.70.34.bc.googleusercontent.com
Open in
urlscan Pro
34.70.71.194
Malicious Activity!
Public Scan
Submission: On December 14 via api from GB
Summary
This is the only time 194.71.70.34.bc.googleusercontent.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Magazine Luiza (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 34.70.71.194 34.70.71.194 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 151.80.204.62 151.80.204.62 | 16276 (OVH) (OVH) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:800::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 4 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
4 | 13.224.196.41 13.224.196.41 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 2a00:1288:f03... 2a00:1288:f03d:1fa::2000 | 10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.) | |
1 | 52.95.163.26 52.95.163.26 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c00::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 52.1.244.191 52.1.244.191 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
25 | 13 |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 194.71.70.34.bc.googleusercontent.com
194.71.70.34.bc.googleusercontent.com |
ASN16276 (OVH, FR)
PTR: ip62.ip-151-80-204.eu
sacola.magazineluiza.com.br |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-41.fra2.r.cloudfront.net
gateway.foresee.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-244-191.compute-1.amazonaws.com
analytics.foresee.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
foresee.com
gateway.foresee.com analytics.foresee.com |
74 KB |
4 |
google-analytics.com
1 redirects
www.google-analytics.com |
37 KB |
4 |
magazineluiza.com.br
sacola.magazineluiza.com.br |
691 KB |
2 |
yimg.com
s.yimg.com |
6 KB |
2 |
bing.com
bat.bing.com |
7 KB |
2 |
facebook.net
connect.facebook.net |
143 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
118 KB |
2 |
google.com
1 redirects
www.google.com |
189 B |
1 |
google.de
www.google.de |
109 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
165 B |
1 |
amazonaws.com
s3-sa-east-1.amazonaws.com |
516 B |
1 |
googleusercontent.com
194.71.70.34.bc.googleusercontent.com |
26 KB |
25 | 12 |
Domain | Requested by | |
---|---|---|
4 | gateway.foresee.com |
194.71.70.34.bc.googleusercontent.com
gateway.foresee.com |
4 | www.google-analytics.com |
1 redirects
194.71.70.34.bc.googleusercontent.com
www.google-analytics.com |
4 | sacola.magazineluiza.com.br |
194.71.70.34.bc.googleusercontent.com
|
2 | analytics.foresee.com |
sacola.magazineluiza.com.br
|
2 | s.yimg.com |
194.71.70.34.bc.googleusercontent.com
sacola.magazineluiza.com.br |
2 | bat.bing.com | |
2 | connect.facebook.net |
connect.facebook.net
|
2 | www.googletagmanager.com |
194.71.70.34.bc.googleusercontent.com
www.googletagmanager.com |
2 | www.google.com |
1 redirects
194.71.70.34.bc.googleusercontent.com
|
1 | www.google.de | |
1 | stats.g.doubleclick.net | 1 redirects |
1 | s3-sa-east-1.amazonaws.com | |
1 | 194.71.70.34.bc.googleusercontent.com | |
25 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.magazineluiza.com.br |
www.internetsegura.org |
www.ebit.com.br |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.magazineluiza.com.br COMODO RSA Domain Validation Secure Server CA |
2018-07-16 - 2020-09-13 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-12-10 - 2020-01-24 |
a month | crt.sh |
*.s3-sa-east-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-12-10 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Frame ID: 12E8D4D1083E9E9C91C2521F6DD99C3B
Requests: 25 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduICwUAAAAAKAKuy-fjzvHxJFX9hs6MQHkuJGR&co=aHR0cHM6Ly9zYWNvbGEubWFnYXppbmVsdWl6YS5jb20uYnI6NDQz&hl=pt-BR&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=ehowqcgotlda
Frame ID: F92CA75881623ECF5ED12F99C4959797
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
- headers server /php\/?([\d.]+)?/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /Win32|Win64/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: fale conosco
Search URL Search Domain Scan URL
Title: Certificados e segurança
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- http://connect.facebook.net/en_US/fbevents.js HTTP 307
- https://connect.facebook.net/en_US/fbevents.js
- http://bat.bing.com/bat.js HTTP 307
- https://bat.bing.com/bat.js
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1016806275&t=pageview&_s=1&dl=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php&dp=%2Fcarrinho&ul=en-us&de=UTF-8&dt=Sacola%20de%20compras%20-%20Magazine%20Luiza&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEAL~&jid=2110342659&gjid=1452781787&cid=2034126330.1576341811&tid=UA-42817937-15&_gid=81462119.1576341811&_r=1>m=2wgc61MLGXC37&cd54=%7B%7B&z=1556123599 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_gid=81462119.1576341811&gjid=1452781787&_v=j79&z=1556123599 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599&slf_rd=1&random=2886814865
- http://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php%23%2F&r=<=1963&evt=pageLoad&msclkid=N&rn=922969 HTTP 307
- https://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php%23%2F&r=<=1963&evt=pageLoad&msclkid=N&rn=922969
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
identificacao.php
194.71.70.34.bc.googleusercontent.com/ |
26 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.bd5dbbb91315dac916b8.css
sacola.magazineluiza.com.br/static/ |
126 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.js
sacola.magazineluiza.com.br/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.bd5dbbb91315dac916b8.js
sacola.magazineluiza.com.br/static/ |
2 MB 626 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TokenEx-Lite.js
sacola.magazineluiza.com.br/static/ |
128 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame F92C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
www.googletagmanager.com/ |
387 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ Redirect Chain
|
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gateway.min.js
gateway.foresee.com/sites/magazineluiza/production/ |
47 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ Redirect Chain
|
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
www.googletagmanager.com/ |
71 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ |
0 516 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1670642596499607
connect.facebook.net/signals/config/ |
447 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ Redirect Chain
|
0 94 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10047579.json
s.yimg.com/wi/config/ |
2 B 482 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.record.js
gateway.foresee.com/code/19.6.6/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.utils.js
gateway.foresee.com/code/19.6.6/ |
82 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs.trigger.js
gateway.foresee.com/code/19.6.6/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
events
analytics.foresee.com/ingest/ |
0 426 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
analytics.foresee.com/ingest/ |
44 B 532 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Magazine Luiza (Consumer)69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| MAGALU_CHANNEL object| SENTRY_RELEASE object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| _ object| dataLayer string| GoogleAnalyticsObject function| ga object| JSEncryptExports function| JSEncrypt function| TxEncrypt object| KJUR object| Hex object| Base64 function| ASN1 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| completeFunnel string| stringFunnel object| arrayFunnel number| stepIndex function| completeArrayFunnel function| toStringFunnel function| saveCurrentFunnel function| gaEventPush function| strSanitize function| getCookie function| getParameterByName function| setCookie function| getDirtyJSON object| ML_GTM object| CryptoJS string| fb_protocol function| fbq function| _fbq function| fsReady object| uetq function| GoopCookie undefined| goopBrand object| dotq function| UET object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl function| acsReady object| __fsJSONPCBr function| __fsJSONPCB function| __acsReady__ function| __fsReady__3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.googleusercontent.com/ | Name: _gcl_au Value: 1.1.2008178576.1576341811 |
|
.googleusercontent.com/ | Name: _gid Value: GA1.2.81462119.1576341811 |
|
.googleusercontent.com/ | Name: _ga Value: GA1.2.2034126330.1576341811 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
194.71.70.34.bc.googleusercontent.com
analytics.foresee.com
bat.bing.com
connect.facebook.net
gateway.foresee.com
s.yimg.com
s3-sa-east-1.amazonaws.com
sacola.magazineluiza.com.br
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.196.41
151.80.204.62
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
34.70.71.194
52.1.244.191
52.95.163.26
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1f2fc2c1175d0e4fb096fbe5791aa619eea034bc52b6f13d6032fc087753ee46
21cffb2be61e194e6622dbb444309980cdbe8b5aada9cb0b9bb24f859b9bd93c
2d011ef47ab1a688388b1f225bcbae5e2a1a55a83854299984bf26d90b800d23
35f27aefe0ce354dbe29cc71f1e8475b022c54d2c01b1d5d4a617cdb7801f3d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c5c6aa428cf83ff1073d4cff543c65e5d3acffd51b189cde7bf24e35472a6c5
58835d6f7913ba153b5e7179c3d3f99057e465bf89b59b98fdcd3bee493fee61
5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360
5dcba352761ff6f587b0a04958c66c864fdec539f8215612e92b42c6c6c5c46f
674f2e142c0c2672949779553e250874c544a583c64a5e42481cef0ae82c8ecc
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
a04fc5dfd31c726717a79da8c1545ca2ae3705ce7cb2bd7e4d9bc9f08dc9e5f8
a143c20a0df6ae06245a89e0dafe6270df1e28863bb4edd564d6e4ec2936964d
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b578b681e28e66b74d7086a4b4c186a944e5647ff254eec929442184a45bbe5d
d72fb107c95c2170e78e58796e350ec53681a2f768c49a3ed4e4840ea9999c5e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fce0d7c618e3e5cd62b1081a11733dc34f9383fc961160fb8fbea9ec8e6433e8