catalogues-sfr.com
Open in
urlscan Pro
178.62.53.195
Malicious Activity!
Public Scan
Submitted URL: http://ps6o3qu7f42nkrado8d1.giulioaccessories.us/
Effective URL: https://catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
Submission: On April 16 via manual from FR
Effective URL: https://catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
Submission: On April 16 via manual from FR
Summary
This website contacted 7 IPs
in 3 countries
across 8 domains to perform 34 HTTP transactions.
The main IP is 178.62.53.195, located in
London, United Kingdom and
belongs to DIGITALOCEAN-ASN, US.
The main domain is catalogues-sfr.com.
TLS certificate: Issued by R3 on April 14th 2021. Valid for: 3 months.
This is the only time catalogues-sfr.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 14th 2021. Valid for: 3 months.
This is the only time catalogues-sfr.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Customer Survey Spam (Consumer)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 192.64.119.254 192.64.119.254 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
| 28 | 178.62.53.195 178.62.53.195 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 | 2606:4700:303... 2606:4700:3037::ac43:a4fa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2600:9000:20e... 2600:9000:20e8:9000:1d:d7f6:39cf:a761 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 152.199.23.20 152.199.23.20 | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2600:9000:20e... 2600:9000:20e8:7400:2:49a2:4500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 34 | 7 |
1
192.64.119.254
(United States)
ASN22612 (NAMECHEAP-NET, US)
ASN22612 (NAMECHEAP-NET, US)
| ps6o3qu7f42nkrado8d1.giulioaccessories.us |
1
2600:9000:20e8:9000:1d:d7f6:39cf:a761
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| images-na.ssl-images-amazon.com |
1
2600:9000:20e8:7400:2:49a2:4500:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| assets3.lottiefiles.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
catalogues-sfr.com
catalogues-sfr.com |
536 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
18 KB |
| 1 |
lottiefiles.com
assets3.lottiefiles.com |
2 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
731 B |
| 1 |
rakuten.com
fr.shopping.rakuten.com |
31 KB |
| 1 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com |
19 KB |
| 1 |
csmobiles.com
med.csmobiles.com |
57 KB |
| 1 |
giulioaccessories.us
1 redirects
ps6o3qu7f42nkrado8d1.giulioaccessories.us |
321 B |
| 34 | 8 |
| Domain | Requested by | |
|---|---|---|
| 28 | catalogues-sfr.com |
catalogues-sfr.com
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | assets3.lottiefiles.com |
catalogues-sfr.com
|
| 1 | fonts.googleapis.com |
catalogues-sfr.com
|
| 1 | fr.shopping.rakuten.com |
catalogues-sfr.com
|
| 1 | images-na.ssl-images-amazon.com |
catalogues-sfr.com
|
| 1 | med.csmobiles.com |
catalogues-sfr.com
|
| 1 | ps6o3qu7f42nkrado8d1.giulioaccessories.us | 1 redirects |
| 34 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| catalogues-sfr.com R3 |
2021-04-14 - 2021-07-13 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-09-29 - 2021-09-29 |
a year | crt.sh |
| Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2021-03-23 - 2022-03-22 |
a year | crt.sh |
| *.fr.shopping.rakuten.com DigiCert SHA2 Secure Server CA |
2020-04-21 - 2022-05-06 |
2 years | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
| *.lottiefiles.com Amazon |
2020-11-25 - 2021-12-24 |
a year | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
Frame ID: B2D4B260DC86EEC4159BF4B2BC8D920C
Requests: 33 HTTP requests in this frame
Frame:
https://catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/saved_resource.html
Frame ID: CD0B3D293E086406A7A4C71C2FF19D0D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ps6o3qu7f42nkrado8d1.giulioaccessories.us/
HTTP 302
https://catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%2... Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ps6o3qu7f42nkrado8d1.giulioaccessories.us/
HTTP 302
https://catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
catalogues-sfr.com/index/ Redirect Chain
|
25 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main00.css
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
179 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js-sha256-v1.min.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mgsensor.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scevent.min.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
399694290689525
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
241 KB 242 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
91 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
datefr.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
0 145 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rndm_ppl_cmt_fr.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lottie-player.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
294 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sfrlogo.jpg
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frflag.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frgift.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
samsung-galaxy-s20-plus-4g-g985-8gb-ram-128gb-dual-sim-gris.jpg
med.csmobiles.com/144450-large_default/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9227ed9e10072ce0bac69dc54109221b.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iphone_12.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
41sk5QhOFGL._AC_.jpg
images-na.ssl-images-amazon.com/images/I/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1554572106.jpg
fr.shopping.rakuten.com/photo/ |
30 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9687746dd2c717af90e79afa47b8c92b.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vicon.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
stars.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
52480de1a60ed5f717a3f73abef62e13.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c8734e402669d30dc61702ea6c74bed3.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13863e1661e2893d8bb6c5d912b2f59f.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bcf7f117acc460e9148a3031c5b6c4e4.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
x.png
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
q_sprn.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
3 KB 935 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
timer.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
619 B 492 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modal.js.download
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ |
673 B 452 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 731 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lf20_NxuRdg.json
assets3.lottiefiles.com/temp/ |
20 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
saved_resource.html
catalogues-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/ Frame CD0B |
240 B 396 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v17/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Customer Survey Spam (Consumer)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| scpixel function| $ function| jQuery object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| parcelRequire function| getdate function| replaceUrlParam function| startTimer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets3.lottiefiles.com
catalogues-sfr.com
fonts.googleapis.com
fonts.gstatic.com
fr.shopping.rakuten.com
images-na.ssl-images-amazon.com
med.csmobiles.com
ps6o3qu7f42nkrado8d1.giulioaccessories.us
152.199.23.20
178.62.53.195
192.64.119.254
2600:9000:20e8:7400:2:49a2:4500:93a1
2600:9000:20e8:9000:1d:d7f6:39cf:a761
2606:4700:3037::ac43:a4fa
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2003
01244be753151d3f79f3fcb8ee8890e0f1f0c4a7c973381055211ac08fcea5e4
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
22c8813874070d411285a3c24fd1623a23e29fae3c6a8c8e73b1cfe5f979edd3
2c910a86c552b7916fe8ee5ba662d9766ef0b3e5ce8e8ac8d750a3e3a482942a
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af
36c9982009ed2f69a752349e2f41cc9887d76ac791b5c287649626a766ca1e05
39121dc81296a4c732df7908183793efa3c00c8299686758d048b5c95cf8e73e
3af1ae6e7c956f9567d3070dc742bad82f17fb4e5ea70f543523138f6007bda0
3c406ffa34d71f29cc8e3fbd7565471b19ed9bf609815ed6deef678430c0385e
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
4b8a39811947708e571e6a30154ff4c2d5120c071ee2782a4446dc208633121d
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
63b95eb35da0fe88979ee15fc64187caefe365c8344923b5fbef067305c3a0a9
6c1fbdce30026bd6abec7cd0685765c5f6993068ee7447b3f7ca539db476b9b4
6d5ab4a00f6089c788205ae1ebee31b9a6ccb3ea50f93e67c27a9c4e03939faa
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
8299ac814b42a62a334464e333d802aa2a77898ad86115b5dd108d900c331440
86442140c9978892da5192d18987cf92715f6501bb3ba71595f255c086f9700d
9b2dfc9d8aa6975f818eca3dfee8bee63829f13fcb4dac3011a6f6df392abcfe
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
acdbb507399cf91d06d28c73e8500279d2b6eb8023cdd86b938ecac324c2fd28
b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c289251d1efbf63e92766cd9c6e31a513f748278d3212aeacabd48d70bd89956
c33e2e41f28f0862e4f1c0ca42970646d0cd299e37e820eb79b21b387f2d0ed0
d491a73976aff16e43b71ebbbabd057d9601db6df13ca69c898b4453f8bc8c4c
df727347abf6f86b89dc4b234da529d729f221cbabf51f5868d23d3d06e01fb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d