fb-ali.laifa.xin
Open in
urlscan Pro
8.45.52.221
Malicious Activity!
Public Scan
Submission: On June 08 via manual from US — Scanned from DE
Summary
This is the only time fb-ali.laifa.xin was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 8.45.52.221 8.45.52.221 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
35 | 2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
38 | 4 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
fb-ali.laifa.xin |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 580 |
376 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 29 |
3 KB |
1 |
laifa.xin
fb-ali.laifa.xin |
36 KB |
38 | 3 |
Domain | Requested by | |
---|---|---|
35 | static.xx.fbcdn.net |
fb-ali.laifa.xin
static.xx.fbcdn.net |
1 | facebook.com |
fb-ali.laifa.xin
|
1 | fb-ali.laifa.xin |
static.xx.fbcdn.net
|
38 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-18 - 2022-06-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://fb-ali.laifa.xin/
Frame ID: FB97C04B78676C994E54C18EB2B9D95D
Requests: 39 HTTP requests in this frame
39 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Polski
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Română
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: Info
Search URL Search Domain Scan URL
Title: Entwickler
Search URL Search Domain Scan URL
Title: Datenschutzinfo
Search URL Search Domain Scan URL
Title: Cookie-Richtlinie
Search URL Search Domain Scan URL
Title: anderer Unternehmen
Search URL Search Domain Scan URL
Title: Einstellungen für Werbeanzeigen
Search URL Search Domain Scan URL
Title: Produkte der Facebook-Unternehmen
Search URL Search Domain Scan URL
Title: Business-Tools
Search URL Search Domain Scan URL
Title: Aktivitäten außerhalb von Facebook
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance of Canada
Search URL Search Domain Scan URL
Title: European Interactive Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance of Canada
Search URL Search Domain Scan URL
Title: European Interactive Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Google Chrome
Search URL Search Domain Scan URL
Title: Internet Explorer
Search URL Search Domain Scan URL
Title: Firefox
Search URL Search Domain Scan URL
Title: Safari
Search URL Search Domain Scan URL
Title: Safari (Mobilgeräte)
Search URL Search Domain Scan URL
Title: Opera
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
fb-ali.laifa.xin/ |
109 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WHpGi8G9pNZ.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rz_F0Slqhme.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HDpAcn1dkih.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KIqPo6_vmPY.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gt_Hdc3lf8P.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/ |
2 KB 655 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vnvuTLjISML.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qAurL74bdLP.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uH8oBmXu81h.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
C0teK_h3UC4.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ |
309 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
52vld7hrDEO.png
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SKajO67gpuC.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BwlkRv7B4IH.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
2 KB 928 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
u1yJXfv807i.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
29 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
YVPMKVKdbNX.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/yT/l/de_DE/ |
64 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
T01nODyt7i7.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ |
59 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b60v9wUr6My.js
static.xx.fbcdn.net/rsrc.php/v3i5ED4/yZ/l/de_DE/ |
76 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ILHx_tD9z9W.js
static.xx.fbcdn.net/rsrc.php/v3iVab4/y8/l/de_DE/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
N0CtVrDN_wU.js
static.xx.fbcdn.net/rsrc.php/v3iMoJ4/y0/l/de_DE/ |
28 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qC1B0A_CS1P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ZrqEygEYxMm.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ |
49 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3FPJ9YC_wUr.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
1 KB 637 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oBPCqlFS3zW.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ |
33 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HraGr73wKZb.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
31 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
79rB0tPt-O1.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ |
636 B 395 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
804 B 481 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oDrXcUABHf1.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
76botj0iEHB.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ |
66 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nfwhnpULyne.js
static.xx.fbcdn.net/rsrc.php/v3iaZB4/y2/l/de_DE/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
x0Ge8Cpe42B.js
static.xx.fbcdn.net/rsrc.php/v3ik3l4/yL/l/de_DE/ |
67 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DuNEvRX7YP7.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ |
32 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
w_ZJiao_r-l.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
148 KB 44 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
waujFC3AG07.js
static.xx.fbcdn.net/rsrc.php/v3i2UN4/y1/l/de_DE/ |
48 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7voVGqwJ_1x.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KWY7Edb5_DT.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MiLZafuPzAW.png
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
bz
fb-ali.laifa.xin/ajax/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fb-ali.laifa.xin
- URL
- https://fb-ali.laifa.xin/ajax/bz?__a=1&__ccg=MODERATE&__comet_req=0&__csr=&__dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ewnE3fw5rwSyE1582ZwrU&__hs=19151.BP%3ADEFAULT.2.0.0.0.&__hsi=7106919635666080729-0&__req=1&__rev=1005650017&__s=%3A%3Afpf55x&__spin_b=trunk&__spin_r=1005650017&__spin_t=1654708673&__user=0&dpr=1&jazoest=2981&lsd=AVr1JzQJQtw
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks object| domreadyhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks object| onbeforeunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| __FB_STORE object| PageTransitions object| onleavehooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale boolean| domready object| onafterunloadhooks boolean| loaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; |
Strict-Transport-Security | max-age=15552000; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fb-ali.laifa.xin
static.xx.fbcdn.net
fb-ali.laifa.xin
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
8.45.52.221
050602ae119fcb3bd6baf05e4259060868c97bbbe110ca5ffbaf64975817dc98
0d71f7428b3d206d2d75c72f5d9b9c2bfd797eb8be76788658279db1ed24cc5a
0df83c5b0d0def2f91afd5bc89116dce839fde50f640f488041777fecf002388
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1956d28a0dc21b38323707ee1660094d3335964733b65b4485b6e8d704c085b6
1c4f63df6703d148edec04a2b07db46f9d0950b0f6d1d0b9b9045dd0aaaf12c7
1e2368c3b3b65d85f9b28987ff98c3f87fe639a453d153bb97fe9b315aa13fd0
1fe1ee7aefdb30422ab8e5d36ede23a120fa570405b7f7507d095514d26f458f
24bd1809a16e6a6fa6314f2efec4b7394fa49c6996dc78769581517917d72edd
2ac0c5c34a5c940856e45d8eb1b1d9e2c9485f2ef686e94f241a092249f7ad33
2d8770bee04c000784761a388965ff653901deaf4583483a4f229ba3bab51901
2efaaa419c5f180503ed1bbda239f8861700caaf2baae9d25c62e48074446fe2
336f7c551e80fde490de3b26509821c689c07eca7e4c11ef2fee19fa02f7b3d5
3cd0e0588ea3bf618679650298607ae5d6ed3ccb696be02c065b6268d6ba8d23
41f59309afb0edde2d1e7fbb42d107832e1d032fb7d47ad6828f9282c7652125
423d7eabbeac6c286811092c0321a238a0bed1028873c8dbc2aadab3c796d939
4546f03a00d3ba80964ba53237f7af63f8ab974e2bb67967168327133ba5e9bf
47f1298140de830de23a40f8d8d2cf72519c1cead1bda0017033ba71b1a8828c
4c8c07cfd2a20690871dc7a059ed71e3e907f1cace0b65e1c579784d9454b53c
515230bea54a1a911b26d2a905758b708ab0dbcb36c3f0e93db27b74fd0814b9
5440032df3ecfc8fd374fcd499dd78ec8c0d13970f01da419f5004acc48e8d51
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
67d237949695ffcf3de592cbeb41cce02d1d3c05cae6ea95a8b33d3074dfca77
691607242d4a5ed5f360b677415c08d658018ceaca9203334a52825b30cdf69d
6e7fde87fe7c208612063bbee120196975b0774c5eb7615f93e840684469d1fd
70cf7f2d8e9aeb2031e3290e2d37147ae674512e94efa3ce7505e49ff156a9cf
7310d57447dd9da6fd7360614cdb36b03b1fa546adf14a1395f5c9bc1ad3388e
8759d50e887ce8077c8d873d16ae0bed8075a27941767806dd7f958d4aa3702d
9cded529ad3b5fde98e36802ffb6eeaf2919c1abbcd15007e65e6adb804ac468
b43c62bccbb4b5b7f71de02eebcb4591a6ae12e3c1ae4e0dee1f90fd25f0fb21
bc50fd02b2ae536947badd67fd3cd8cdcd410332e6316c6d4c4c3383f20aec37
d017405784c27c586c3aa4d495502041d782e3ef2f0a0e596975c40af8e56e85
da059f2a9cf10598fb43386cc6a6ea23208404dbb76e1f59bd684ddc5b5be46e
db8ca38d3ba39eb398436dd7aacb10668c742c919612668178003a783d1c8729
ec2f4c2445ae87578b722a73f6730724a43552cbbd8bacbbe2ea9bb966824722
edb5379e249cf88c2f9d413d197e87ea8b220aabf07a88807eba32512d235bcc
ee84c9443747f298cd45431603a8e495de674fa99c92492d3bca937b7f762ecd
f76a2242c20f92cba1a1213f5560321ce5efbfd514ae38650e6010811f863b89