urlscan.io logo urlscan.io
SecurityTrails logo

www.facebook.freefiremena.com Open in urlscan Pro
68.65.122.204  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.facebook.freefiremena.com/
Submission: On January 01 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 68.65.122.204, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is www.facebook.freefiremena.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on February 6th 2018. Valid for: 2 years.
This is the only time www.facebook.freefiremena.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 68.65.122.204 22612 (NAMECHEAP...)
17 2a03:2880:f01... 32934 (FACEBOOK)
1 212.217.4.145 6713 (IAM-AS)
2 3 2a03:2880:f11... 32934 (FACEBOOK)
20 4
1    68.65.122.204 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: premium24-4.web-hosting.com
www.facebook.freefiremena.com
17    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net
1    212.217.4.145 (Morocco)

ASN6713 (IAM-AS, MA)
PTR: static-145-4-217-212.dialup.iam.net.ma
scontent.frba2-1.fna.fbcdn.net
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com
fbcdn.net
fbsbx.com
Domain Requested by
17 static.xx.fbcdn.net www.facebook.freefiremena.com
static.xx.fbcdn.net
1 fbsbx.com www.facebook.freefiremena.com
1 fbcdn.net 1 redirects
1 facebook.com 1 redirects
1 scontent.frba2-1.fna.fbcdn.net www.facebook.freefiremena.com
1 www.facebook.freefiremena.com
20 6

This site contains links to these domains. Also see Links.

Domain
lm.facebook.com
Subject Issuer Validity Valid
*.web-hosting.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-06 -
2020-04-04		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.frba2-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2019-12-05 -
2020-03-04		 3 months crt.sh
fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2019-12-11 -
2020-03-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.facebook.freefiremena.com/
Frame ID: EE6EBE50AFB8BA91EB62A83D97536240
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

378 kB
Transfer

1173 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
  • https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
  • https://fbsbx.com/security/hsts-pixel.gif

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.facebook.freefiremena.com/ 		91 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.65.122.204 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
premium24-4.web-hosting.com
Software
Apache /
Resource Hash
3262bc959992cc88e22a4e5fa4c0a838c09cb1f4ed948f2d265560c1fa07b998

Request headers

:method
GET
:authority
www.facebook.freefiremena.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 01 Jan 2020 18:37:00 GMT
server
Apache
last-modified
Wed, 01 Jan 2020 18:36:11 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
26402
content-type
text/html
_fGMedxCUqx.js
static.xx.fbcdn.net/rsrc.php/v3iooI4/yz/l/en_GB/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iooI4/yz/l/en_GB/_fGMedxCUqx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
563184c2995902344ec496d3379c43dec1d7c8b9a0ed93763073068736a26cd2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
r5CQk+PJvbc8+bqloLv+0w==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
22068
x-fb-debug
KwfKGds18vf0rTAZYAPxxDntgu3m/+Ho+cX2Wyr/vntla6mFyJVXnCwAjB7fnO/TWX3s7mLD2L9sXBmTW/guNg==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
9lD4sqA6jmX.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ 		110 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/9lD4sqA6jmX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3ed7bb4619eb445c32506731245edbf8d84bcf4a67b25bf540016d9f718893a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qpfccIBiG8ooTq/dJ+GUmA==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
29175
x-fb-debug
DEBUFcueU4PVd5IkyOxPmTIy7acpWu2U2Y3rLJlMrLJ8RaNnz0RwYH0NTWDQpLhu9kWZWQ1YjYOeNtDTajaraQ==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
gS8opAKUrWn.js
static.xx.fbcdn.net/rsrc.php/v3iN6O4/y0/l/en_GB/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iN6O4/y0/l/en_GB/gS8opAKUrWn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a4f008f9bd2f995fb247ae2038762bb3cbbc3ff23112790aa44ef9dc96f9735d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RyZ/MYvgNJyNMjp84+Kb1g==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
14690
x-fb-debug
RRyZsrLed0bLIXv5g2pW3+5vV52J3/O911Rafk/OB8IriamFvuxu9ANZWANjZPHtPsxanp1tQJd7BEfvL1iwpQ==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
IW7LGCEmjta.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/IW7LGCEmjta.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6672b44ab330aa965a25507274749f29c2ec2b3ae21edbdc463c23e5b3cb3867
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iPKp21RdAvWfJKHp9ge0ag==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
13351
x-fb-debug
XB9KgEmq+t2FiFzi0TNjSegnlywApKPwne8resdcQe6Ro3MNR7Ppkt7DB5dMDcciEDitFoQKXTlO+VhGUXdmRg==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
cJVUtb6J08D.js
static.xx.fbcdn.net/rsrc.php/v3i3kA4/y-/l/en_GB/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i3kA4/y-/l/en_GB/cJVUtb6J08D.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c659a8410ea3060f0fc575c61ede62d6a350fc8c4c17256cc555c4017d50a142
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kOfSTaTWSvx+MuzFa+KnOA==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
23991
x-fb-debug
sZTSvcfbQLZBYIb5Kz1UU9O9JFOkYNR0Cm27vBZAFYiG9bB/3ds0WN74dANK1+tjz8aR8VnjKMTAlA3w9tC2GA==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
L0ycFLmtv_R.js
static.xx.fbcdn.net/rsrc.php/v3inQB4/yr/l/en_GB/ 		90 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3inQB4/yr/l/en_GB/L0ycFLmtv_R.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0795187c201f1246c78d1f5c1c163157b85312c9c519a1c38d716181b9a14aee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RRDeiZ1zlJPXJQYQv4kafg==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
19868
x-fb-debug
+HQb5yDvMugt5+r+f3Xh5gNNDQZE4PZCBk+KRRRKozDn5kCJ6tEoa2y8UEAoHBO21ojMw1E35V783zFnjj4Qcw==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
svFKQXueTby.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/svFKQXueTby.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9wg0fdDGYUGTXAcRqk4U2A==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
2406
x-fb-debug
cTsVU89S9Vzstn5ZeztmUNML+N28t60AbmfiRXCcIrPiGvEPuBZaK+YOOGi7hx3zZ9xdi73HoL+lA5rjuWJ0TQ==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 19 Dec 2020 20:27:32 GMT
iNdJfMD9XGd.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ 		69 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/iNdJfMD9XGd.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
407ca25b66227bf588fe530c3b04932421051221e8445b879d40a41d764b6ffb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XY7ZWqZ3KRJ9UqkV55OZ0w==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
16485
x-fb-debug
12E2I/g/T+L1iFVyg7+ykk2U2O97x+TkMBAjpU9Z/eJFbNbNSODN1H4i7HMTH80gVOBd34yzj4RDWSjvt8KZng==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
Ax6H5Mh0gSF.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Ax6H5Mh0gSF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0cdbbdc860a84576c43a1a88728ade865e5271e88032774fef5eeae895475333
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
A13aYQHUhOCS90lK/vofyA==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
3034
x-fb-debug
I7465obkkiQ2jmfdcwEAvoKBBG+EcWEVdtm/K0uD6luXjWZh1kbi+rzbxZZncBYRb6WlMbGCs6muMrBaigoxMQ==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
eDptvoKfHxf.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/eDptvoKfHxf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
06f81c18631a3eb7d32c9c9f37f548609fcb0fd28855bcf2cbb194b0237825b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Q3KW1HPBur+QhH+7t+VI2A==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
57712
x-fb-debug
WIOIcbAjFw7/Uh/Pjw3rHYN8iNHGR0e8IL1BGmSREe7F3TcVGIXUiYqsxjxSxxgITyfVnftEsOx83uAMjO0Z1g==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 28 Dec 2020 18:12:45 GMT
23065717_2058763144353975_2145607202558181376_n.png
scontent.frba2-1.fna.fbcdn.net/v/t39.2081-6/c0.0.76.76a/p75x75/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.frba2-1.fna.fbcdn.net/v/t39.2081-6/c0.0.76.76a/p75x75/23065717_2058763144353975_2145607202558181376_n.png?_nc_cat=1&_nc_ohc=PhRT4N-1g4gAQlj6lyJ61BETUNTIZFCPnIK52dvRJzsDdqpj5w6im4HlA&_nc_ht=scontent.frba2-1.fna&oh=5ea233ea6abd288b19b44e8ca9ec5dc7&oe=5E46AC4E
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.217.4.145 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
static-145-4-217-212.dialup.iam.net.ma
Software
/
Resource Hash
5b4a7e7749b5b54edc154462c26b106e82d2830a9c6e62e3feb6882d7822f933

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum
2669938893
date
Wed, 01 Jan 2020 18:37:11 GMT
x-fb-config-version-elb-prod
664
last-modified
Fri, 17 Nov 2017 13:35:23 GMT
access-control-allow-origin
*
accept-ranges
bytes
x-fb-config-version-flb-prod
307
content-type
image/png
status
200
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-needle-checksum
3513963331
x-fb-config-version-olb-prod
664
timing-allow-origin
*
content-length
11970
hsts-pixel.gif
fbsbx.com/security/
Redirect Chain
  • https://facebook.com/security/hsts-pixel.gif?c=3.2
  • https://fbcdn.net/security/hsts-pixel.gif?c=2
  • https://fbsbx.com/security/hsts-pixel.gif
43 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbsbx.com/security/hsts-pixel.gif
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
a+MPUNfg5aLeNhNhG0SRrTMVRci7aR7m3J563hiPeMizBwk/z3Gk+lYg2YkBwlSL59vG/irwKJW7/OTXbW//gg==
date
Wed, 01 Jan 2020 18:37:00 GMT
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

x-fb-debug
g5TfafKSa+4ZEFnZQZwCXh2H66XfJJTFi6rluWMfWuGozKbMpFr1Y8xDOiqX9JW0L/MtHRGDfPwd9rElizf/kQ==
access-control-allow-origin
*
date
Wed, 01 Jan 2020 18:37:00 GMT
location
https://fbsbx.com/security/hsts-pixel.gif
content-type
text/html; charset="utf-8"
status
302
strict-transport-security
max-age=31536000; preload; includeSubDomains
alt-svc
h3-24=":443"; ma=3600
content-length
0
Z6Jze-e4yks.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/Z6Jze-e4yks.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0b2e81096a2c4b46e45d9285ed8ddc7f6205ef89a0f06de58a4245cca5ff3e26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XDbsCsSPwsBfIq4T7OmrPQ==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
22626
x-fb-debug
5ygpjUmgvLxPr5nXqKaEThPmJjvP2N3vtpvyWM6MaTxZSTAlPJ5CmZu97XwqHxoQVxPFBe2vL7EBeK3zSxu0gg==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
-H9YOg7ZAQP.js
static.xx.fbcdn.net/rsrc.php/v3inLb4/yb/l/en_GB/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3inLb4/yb/l/en_GB/-H9YOg7ZAQP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
bbea89698c1b720bae5b2dfdfdbf353bd77c222a2e2f193095a03b2f6d5ad380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZEoGgo8Dm6fYopauujD0Kw==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
14656
x-fb-debug
7ms2F6ZU3c/8GYyYsn1J6PWPc/WCiyEsq0E4ly1fFqUNIjWXrUx0z/KqMsj7AlBRBgJCP9DZJWQX2xTkskYOrg==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
QQbSu8Niuwx.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yF/l/en_GB/ 		104 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yF/l/en_GB/QQbSu8Niuwx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
91fe1869777cd2b0e96f473d8a095997c1917634d45fce55db86b663dd7151ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.freefiremena.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Jan 2020 18:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q+AisWvc2YVrVZbXfHbp7Q==
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
29367
x-fb-debug
TzRhNjuwO9Rxk09qpcc/xvVgY/vxQx0c5xZDfz9PEp4720+Gkfms6240Yi2fxiMH2fkXAToDy+Te3EpMuw/LTQ==
x-fb-trip-id
2000377899
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 31 Dec 2020 18:37:00 GMT
C3cU-MYeWEh.png
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/C3cU-MYeWEh.png
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
92e35c79978e493aa68acc364dbace9b736af68d883347a831188d8c5eb65ff5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/iNdJfMD9XGd.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
CGbUtaEB4RzJyl1BZiJ0PewcknLtMspoiruQ5ZJtQOqZb6SWcJiFatUb+mOb3pAMHKytlJ1s9I+UmviWI0DUUw==
x-fb-trip-id
2000377899
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
nzJHj5lq7eEQ6GC6Ne3NAA==
access-control-allow-origin
*
date
Wed, 01 Jan 2020 18:37:00 GMT
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
69997
expires
Wed, 30 Dec 2020 15:28:35 GMT
5NR43BsYs8o.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5NR43BsYs8o.png
Requested by
Host: www.facebook.freefiremena.com
URL: https://www.facebook.freefiremena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/iNdJfMD9XGd.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
XwssHr/tKi2ovo6wL77LHAZiuHgW1NUhvTSihcKa4e9jMzBx3Yy/Yoa7pZq8tW72riXwcqi21+ynB8RUU/M4TA==
x-fb-trip-id
2000377899
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
zS7nNbuF+qoavNDFbgWDdA==
access-control-allow-origin
*
date
Wed, 01 Jan 2020 18:37:00 GMT
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
1307
expires
Thu, 24 Dec 2020 20:41:58 GMT
kMZsERY12X9.png
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/kMZsERY12X9.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iooI4/yz/l/en_GB/_fGMedxCUqx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
37bb73c6015ddb1ea5720b88980135bd3eb1603b619d3870c947ebd61f70be9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/iNdJfMD9XGd.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
ArGgG8oFmJYLs1Yx5Ioe6woj+9wtLGq8b1ZNA86Kpu6xIQRDHd6lReBCWXEkfM3gPAFU0h865RDMyZmD/PJmAg==
x-fb-trip-id
2000377899
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
OHMloBxaJkx1FTkBeKDOZQ==
access-control-allow-origin
*
date
Wed, 01 Jan 2020 18:37:00 GMT
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
1416
expires
Mon, 21 Dec 2020 09:16:53 GMT
C-DoQACmfug.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/C-DoQACmfug.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iooI4/yz/l/en_GB/_fGMedxCUqx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c2946cbb6e49f679c5c9e3cf1f433e95c4b42783a97e733612c373e268ccf7a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/iNdJfMD9XGd.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
1mJxXrv9PLOQF6T+enOokaM5Qf0+ek0AbiCmEFQWlU0K/diqG2P07LRSaG9Gz7GCq8L+fQ/p98mIoCgU6w/f3g==
x-fb-trip-id
2000377899
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
94744kTrThTW+5IkG9Dmuw==
access-control-allow-origin
*
date
Wed, 01 Jan 2020 18:37:00 GMT
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
1507
expires
Thu, 17 Dec 2020 22:08:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| message function| rtclickcheck function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| CavalryLogger function| __updateOrientation function| ProfilingCounters object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame

1 Cookies

Domain/Path Name / Value
.facebook.freefiremena.com/ Name: wd
Value: 1585x1200

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/eDptvoKfHxf.js?_nc_x=Ij3Wp8lg5Kz(Line 51)
Message:
ErrorUtils caught an error: "find(<node>, "button", "m_login_button"): matched no nodes.". Subsequent errors won't be logged; see https://fburl.com/debugjs.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
fbcdn.net
fbsbx.com
scontent.frba2-1.fna.fbcdn.net
static.xx.fbcdn.net
www.facebook.freefiremena.com
212.217.4.145
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
68.65.122.204
06f81c18631a3eb7d32c9c9f37f548609fcb0fd28855bcf2cbb194b0237825b6
0795187c201f1246c78d1f5c1c163157b85312c9c519a1c38d716181b9a14aee
0b2e81096a2c4b46e45d9285ed8ddc7f6205ef89a0f06de58a4245cca5ff3e26
0cdbbdc860a84576c43a1a88728ade865e5271e88032774fef5eeae895475333
3262bc959992cc88e22a4e5fa4c0a838c09cb1f4ed948f2d265560c1fa07b998
37bb73c6015ddb1ea5720b88980135bd3eb1603b619d3870c947ebd61f70be9e
3ed7bb4619eb445c32506731245edbf8d84bcf4a67b25bf540016d9f718893a8
407ca25b66227bf588fe530c3b04932421051221e8445b879d40a41d764b6ffb
522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563184c2995902344ec496d3379c43dec1d7c8b9a0ed93763073068736a26cd2
5b4a7e7749b5b54edc154462c26b106e82d2830a9c6e62e3feb6882d7822f933
6672b44ab330aa965a25507274749f29c2ec2b3ae21edbdc463c23e5b3cb3867
91fe1869777cd2b0e96f473d8a095997c1917634d45fce55db86b663dd7151ff
92e35c79978e493aa68acc364dbace9b736af68d883347a831188d8c5eb65ff5
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404
a4f008f9bd2f995fb247ae2038762bb3cbbc3ff23112790aa44ef9dc96f9735d
bbea89698c1b720bae5b2dfdfdbf353bd77c222a2e2f193095a03b2f6d5ad380
c2946cbb6e49f679c5c9e3cf1f433e95c4b42783a97e733612c373e268ccf7a6
c659a8410ea3060f0fc575c61ede62d6a350fc8c4c17256cc555c4017d50a142