www.finansowaniefaktur.pl
Open in
urlscan Pro
77.79.216.203
Malicious Activity!
Public Scan
Effective URL: https://www.finansowaniefaktur.pl/
Submission: On October 30 via manual from PL
Summary
TLS certificate: Issued by Certum Extended Validation CA SHA2 on January 30th 2019. Valid for: a year.
This is the only time www.finansowaniefaktur.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 77.79.216.203 77.79.216.203 | 15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.) | |
1 | 149.126.77.108 149.126.77.108 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.229.24.120 54.229.24.120 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
29 | 8 |
ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: rev-77.79.216.203.atman.pl
finansowaniefaktur.pl | |
www.finansowaniefaktur.pl |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.108.ip.incapdns.net
www.ing.pl |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-24-120.eu-west-1.compute.amazonaws.com
app.finansowaniefaktur.pl |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
finansowaniefaktur.pl
1 redirects
finansowaniefaktur.pl www.finansowaniefaktur.pl app.finansowaniefaktur.pl |
691 KB |
2 |
facebook.com
www.facebook.com |
516 B |
2 |
facebook.net
connect.facebook.net |
87 KB |
1 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
21 KB |
1 |
ing.pl
www.ing.pl |
8 KB |
0 |
google.de
Failed
www.google.de Failed |
|
0 |
google.com
Failed
www.google.com Failed |
|
0 |
youtube.com
Failed
www.youtube.com Failed |
|
29 | 9 |
Domain | Requested by | |
---|---|---|
18 | www.finansowaniefaktur.pl |
www.finansowaniefaktur.pl
|
2 | www.facebook.com | |
2 | connect.facebook.net |
www.finansowaniefaktur.pl
connect.facebook.net |
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | app.finansowaniefaktur.pl |
www.finansowaniefaktur.pl
|
1 | www.googletagmanager.com |
www.finansowaniefaktur.pl
|
1 | www.ing.pl |
www.finansowaniefaktur.pl
|
1 | finansowaniefaktur.pl | 1 redirects |
0 | www.google.de Failed | |
0 | www.google.com Failed | |
0 | www.youtube.com Failed |
www.finansowaniefaktur.pl
|
29 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
app.finansowaniefaktur.pl |
finansowaniefaktur.pl |
www.ingcomfin.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
finansowaniefaktur.pl Certum Extended Validation CA SHA2 |
2019-01-30 - 2020-01-30 |
a year | crt.sh |
www.ingbank.pl Entrust Certification Authority - L1M |
2018-03-08 - 2020-03-31 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
*.finansowaniefaktur.pl Certum Domain Validation CA SHA2 |
2019-03-14 - 2020-03-13 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-09-22 - 2019-12-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.finansowaniefaktur.pl/
Frame ID: A44E0CCAE34D3DA5A498AD125F598CFC
Requests: 30 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://finansowaniefaktur.pl/
HTTP 301
https://www.finansowaniefaktur.pl/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Zarejestruj siÄ™
Search URL Search Domain Scan URL
Title: Zaloguj siÄ™
Search URL Search Domain Scan URL
Title: Polityką plików cookies
Search URL Search Domain Scan URL
Title: wyjaśnieniami użytych tu terminów i informacją ING Commercial Finance Polska S.A.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://finansowaniefaktur.pl/
HTTP 301
https://www.finansowaniefaktur.pl/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=388279478&t=pageview&_s=1&dl=https%3A%2F%2Fwww.finansowaniefaktur.pl%2F&ul=en-us&de=UTF-8&dt=ING%20Finansowanie%20Faktur%20%E2%80%93%20Zamie%C5%84%20faktur%C4%99%20na%20pieni%C4%85dze%20%7C%20Faktoring%20online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1084637342&gjid=1868204913&cid=1559457561.1572446203&tid=UA-112282948-2&_gid=282023266.1572446203&_r=1>m=2wgaa0K8PQP4H&z=1522314825 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-112282948-2&cid=1559457561.1572446203&jid=1084637342&_gid=282023266.1572446203&gjid=1868204913&_v=j79&z=1522314825 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-112282948-2&cid=1559457561.1572446203&jid=1084637342&_v=j79&z=1522314825
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.finansowaniefaktur.pl/ Redirect Chain
|
45 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
www.finansowaniefaktur.pl/css/time20191008155322/ |
831 KB 92 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
finansowanie-faktur.css
www.finansowaniefaktur.pl/css/time20191008155322/ |
854 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-all.js
www.finansowaniefaktur.pl/js/time20191008155322/ |
806 KB 241 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1500002
www.finansowaniefaktur.pl/_js_component/time20190927152237/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rules_for_parameters.js
www.finansowaniefaktur.pl/_js_rules/ |
0 365 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cpm.js
www.ing.pl/_cookie_policy/150013/ |
34 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100081
www.finansowaniefaktur.pl/_fileserver/time20180830155647/item/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100082
www.finansowaniefaktur.pl/_fileserver/time20180830155647/item/ |
831 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100083
www.finansowaniefaktur.pl/_fileserver/time20180830155647/item/ |
866 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100078
www.finansowaniefaktur.pl/_fileserver/time20180830143951/item/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100077
www.finansowaniefaktur.pl/_fileserver/time20180830143951/item/ |
6 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100079
www.finansowaniefaktur.pl/_fileserver/time20180830143951/item/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100076
www.finansowaniefaktur.pl/_fileserver/time20180830124843/item/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
58 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1100080
www.finansowaniefaktur.pl/_fileserver/time20180830144748/item/ |
97 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMe-Regular.woff
www.finansowaniefaktur.pl/css/time20191008155322/fonts/ |
36 KB 37 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMe-Bold.woff
www.finansowaniefaktur.pl/css/time20191008155322/fonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontello_epoint.woff2
www.finansowaniefaktur.pl/css/time20191008155322/fonts/ |
6 KB 6 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iframe_api
www.youtube.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commission-thresholds
app.finansowaniefaktur.pl/api/ |
576 B 977 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slider-handle-2.png
www.finansowaniefaktur.pl/img/time20191008155322/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.com/ads/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1397451430393088
connect.facebook.net/signals/config/ |
281 KB 65 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.youtube.com
- URL
- https://www.youtube.com/iframe_api
- Domain
- www.google.com
- URL
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-112282948-2&cid=1559457561.1572446203&jid=1084637342&_v=j79&z=1522314825
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-112282948-2&cid=1559457561.1572446203&jid=1084637342&_v=j79&z=1522314825&slf_rd=1&random=210250377
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| oneweb function| jsPackage object| $package function| i18n function| i18nBundle object| OwOrder function| setCompressionFieldVisibility object| swfobject object| TabsControl object| HashControl object| IframeHashStore object| LinkTargetLocator function| unescapeJavascriptCharacters function| setTemplateWidthSize object| URLParameterManager object| CookiesManager object| FunctionUtils object| fn object| env object| bundle object| ComponentsManager function| extendz function| linkedContent object| HighstockUtil object| AcnHighcharts function| utcDateFromMs function| getTimezoneOffsetInMs object| RulesForParameters string| DEFAULT_PATH number| DEFAULT_DAYS string| APPLICATION_JSON function| setAdobeCookies function| generateVortalId function| generateSessionId function| getRelativeTimeInMillis function| sendRequestToAdobe object| AdobeVortalTag function| mobileSystemDetectAndGetApp function| onYouTubeIframeAPIReady function| isYouTubePlayerConfigured function| getYouTubeVideoConfig function| onPlayerReady function| onPlayerStateChange object| AnalizyOnlineQuotesManager object| AnalizyOnlineFundsGroupedByType object| AnalyticsServiceListManager function| isInt object| ConsultingPortfolioManager object| ConsultingRecommendationsManager object| ExchangeRatesManager object| FaqLargeList object| UnityNewsListManager object| IngDatepicker object| AgroQuotesManager object| StockMarketQuotes function| $ function| jQuery object| CLASSES_ROOT object| epoint function| getForwardedParametersFromCookie object| globalEnv object| rwd object| jQuery19107665051973841164 function| moment function| _ function| MobileDetect function| HeightSync object| dataLayer object| $expandedWrapper object| kalkulator_finansowanie_faktur number| ratePercent number| serviceCost number| serviceCostNoVat object| CookiePolicyManager object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.finansowaniefaktur.pl/ | Name: _ga Value: GA1.2.1559457561.1572446203 |
|
.finansowaniefaktur.pl/ | Name: _gat_UA-112282948-2 Value: 1 |
|
.finansowaniefaktur.pl/ | Name: cookiePolicyGDPR Value: 0 |
|
.finansowaniefaktur.pl/ | Name: _gid Value: GA1.2.282023266.1572446203 |
|
www.finansowaniefaktur.pl/ | Name: JSESSIONID Value: F7u6Zx057tbZBkostYgCgXnBzpzdrEd8qHkSkGyX.ingrwd-prod10 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://www.google.com https://www.google.pl https://www.google-analytics.com https://www.facebook.com https://traffic.tgdaudience.com https://stats.g.doubleclick.net; frame-src 'self' www.googletagmanager.com https://traffic.tgdaudience.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://connect.facebook.net finansowaniefaktur.pl www.googletagmanager.com https://www.ing.pl https://www.google-analytics.com https://cdn.tgdaudience.com https://www.ingbank.pl; object-src 'self' ; connect-src 'self' https://www.ing.pl https://traffic.tgdaudience.com finansowaniefaktur.pl test.finansowaniefaktur.pl acc.finansowaniefaktur.pl app.finansowaniefaktur.pl; frame-ancestors 'self' ; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.finansowaniefaktur.pl
connect.facebook.net
finansowaniefaktur.pl
www.facebook.com
www.finansowaniefaktur.pl
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ing.pl
www.youtube.com
www.google.com
www.google.de
www.youtube.com
149.126.77.108
2a00:1450:4001:806::2008
2a00:1450:4001:821::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.229.24.120
77.79.216.203
0181cfa98eccf5e7fb0af52716e3c2c2fbbdd3dd3b9da18e642f30faa15f9b17
0516abf77f9726ca45710f8daf62aa3b1448ed6a34344e0b939d42de6ae9a4b6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
279d504c7e97384ad3086ec37bf056f23a86028abbca71e03e6e8d0470194685
2c9fa1d9a6c36612d7b5d1e6359a9be852bbe66ddf734893bf7eb316d350d642
33daf37f2e4570b05717cc50b5f40bd16163a0d7c64217c901963762afbdcd50
3c296f672a89118bd804bb27131cc7686acf0c46e8e069363463e3ec8402996d
40efc41f5395ff414099eb32e348cbdac997d72498653dc9b530e4114a417f2f
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
70ef7299be87b488d2b51acbefa548bc9824c2def5d5a5c5ad7bb0f20f9541d3
715cd118d120746b67e827829a1157226f5f65f82807cbfbbdf2d46532a2755a
83635217cefeb3000c536953faecdea7af387aed641357f91957cf66f6dbe0c7
96f8e07c9883aa30de2d9eca8e9b8b13fbc02a4a97d91cb9fc91f314586ae06f
98ef2c1a633bb17890c70ae4fd3546413a38e6cacacab6c296fbbab97fb40993
994c59fb6688486db4e9f682e7275e80e06cf929599c409d2d759922d474537f
9dfede8a2bab7ee8229d54804cd92b84b738e8cdf7cc5a903982b1d92f8e9293
a089da140065cb01669b640cc45a30705614bc46bed1dccf8da22eafb6e178b4
a112d3bcab5408f9123aafe90d2825ca3e5a95b995bcecc9cdd3cda5ed8feac8
a66f2c79dcc4f08a3c3eab4d57bafca00872d6b9d44cf7f654448e57a05bed18
abe275dc3b98c75a25b77aeab9fb073be7e90514a9e45bef62616d04683ca1ff
b02eb6a63bca577aa26a3d54c450cd179dab7b63e08cb8830411bca8f853c002
c4bdb6a7121078fc1313fdf7f6166e8dfc0c259e47e9872900c2a3288f89da42
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
f1ccd54e7a13a9db8a72bb4663cd762bf20eb970c2274f6ccba2ecc512de8c72