www.facebook.com.fb.myfb.ruchika.myshn.net
Open in
urlscan Pro
54.193.173.20
Malicious Activity!
Public Scan
Submission: On September 07 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 7th 2020. Valid for: a year.
This is the only time www.facebook.com.fb.myfb.ruchika.myshn.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 54.193.173.20 54.193.173.20 | 16509 (AMAZON-02) (AMAZON-02) | |
28 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
34 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-173-20.us-west-1.compute.amazonaws.com
www.facebook.com.fb.myfb.ruchika.myshn.net |
ASN32934 (FACEBOOK, US)
facebook.com | |
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
fbcdn.net
static.xx.fbcdn.net |
1 MB |
4 |
myshn.net
www.facebook.com.fb.myfb.ruchika.myshn.net |
46 KB |
2 |
facebook.com
facebook.com www.facebook.com |
1 KB |
34 | 3 |
Domain | Requested by | |
---|---|---|
28 | static.xx.fbcdn.net |
www.facebook.com.fb.myfb.ruchika.myshn.net
static.xx.fbcdn.net |
4 | www.facebook.com.fb.myfb.ruchika.myshn.net |
static.xx.fbcdn.net
|
1 | www.facebook.com | |
1 | facebook.com |
www.facebook.com.fb.myfb.ruchika.myshn.net
|
34 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fb.myfb.ruchika.myshn.net GlobalSign RSA OV SSL CA 2018 |
2020-09-07 - 2021-10-09 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.facebook.com.fb.myfb.ruchika.myshn.net/
Frame ID: DC3227D5B2D8E6B4047A1A9CAAFEC132
Requests: 34 HTTP requests in this frame
Frame:
https://www.facebook.com.fb.myfb.ruchika.myshn.net/intern/common/referer_frame.php
Frame ID: 659DB7FF5EA49E036836B1E1E0B318C8
Requests: 1 HTTP requests in this frame
16 Outgoing links
These are links going to different origins than the main page.
Title: Afrikaans
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Português (Portugal)
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: ภาษาไทย
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.facebook.com.fb.myfb.ruchika.myshn.net/ |
163 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NWKskEBv7bu.css
static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/ |
895 KB 201 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S4DwMTYcFp3.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j93mp5kTzKJ.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ |
92 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mKCLnPvxhfQ.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6L4xUQ-zmXS.css
static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MUDMdIF_Uxx.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ |
52 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NafauUVhljh.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ |
273 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rLJriTjWtKQ.png
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
51 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 936 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w0VPuLr3ftw.js
static.xx.fbcdn.net/rsrc.php/v3iCYM4/y4/l/en_US/ |
3 MB 533 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F_8DvIuRgos.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FYUD_MH8iB_.png
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VfuGskvjlCA.js
static.xx.fbcdn.net/rsrc.php/v3iYXl4/yt/l/en_US/ |
42 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9bJ3CFGgAQ9.js
static.xx.fbcdn.net/rsrc.php/v3ixXW4/yY/l/en_US/ |
111 KB 46 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ohtu3KkhtM-.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d96CiQRH6WG.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
30 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6NC0oo_V9kz.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GUBGw-ut2TX.js
static.xx.fbcdn.net/rsrc.php/v3iBfK4/yZ/l/en_US/ |
2 MB 359 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OH1tZgTxIqD.js
static.xx.fbcdn.net/rsrc.php/v3iDNC4/yO/l/en_US/ |
83 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
M9vEQ77paM3.js
static.xx.fbcdn.net/rsrc.php/v3isu34/yk/l/en_US/ |
29 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ki8xK2W6LzT.js
static.xx.fbcdn.net/rsrc.php/v3iYgh4/yk/l/en_US/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_INMeeoLkB.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ |
55 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a-XFhGAU4JN.js
static.xx.fbcdn.net/rsrc.php/v3idBq4/yX/l/en_US/ |
73 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phdcGQgna9Y.js
static.xx.fbcdn.net/rsrc.php/v3iqES4/yA/l/en_US/ |
41 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6KqFq7q8hV0.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0OKeBUn491S.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ |
194 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
referer_frame.php
www.facebook.com.fb.myfb.ruchika.myshn.net/intern/common/ Frame 659D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.facebook.com.fb.myfb.ruchika.myshn.net/ajax/bootloader-endpoint/ |
3 KB 3 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua_callback.php
www.facebook.com/ajax/ |
43 B 211 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
www.facebook.com.fb.myfb.ruchika.myshn.net/ajax/ |
0 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)70 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI function| ProfilingCounters object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E string| _script_path object| onloadhooks object| domreadyhooks function| now_inl object| bigPipe function| AsyncRequest object| onafterunloadhooks object| onunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onbeforeunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded function| useragentcm object| PageTransitions object| onleavehooks boolean| domready boolean| loaded6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fb.myfb.ruchika.myshn.net/ | Name: SHN-VH-session Value: 00d83e13-85f5-4c68-8fb0-4a398a7c693a|1599498509732 |
|
.facebook.com.fb.myfb.ruchika.myshn.net/ | Name: fr Value: 1r6fNf0ZqbaHy7OGB..BfVmIE.cP.AAA.0.0.BfVmIF.AWWNbSRF |
|
.facebook.com.fb.myfb.ruchika.myshn.net/ | Name: datr Value: BGJWX-je-J2_DLbmNgbRf-2G |
|
www.facebook.com.fb.myfb.ruchika.myshn.net/intern/common | Name: SameSite Value: None |
|
.facebook.com.fb.myfb.ruchika.myshn.net/ | Name: wd Value: 1600x1200 |
|
.facebook.com.fb.myfb.ruchika.myshn.net/ | Name: sb Value: BGJWXwLtvqoC742LykTLci6V |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; |
Strict-Transport-Security | max-age=15552000; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
static.xx.fbcdn.net
www.facebook.com
www.facebook.com.fb.myfb.ruchika.myshn.net
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.193.173.20
032d76f7e42dc41c3b6f35370729762ac27e11a9a608125d0f5c14645e6eb40f
143bda4665c83782c0ec94915b16d13556427e1f039d3460d38d0fffbd4bffe5
1790720bc23a7177b80af2dfbcfff92fd4da172ac097b60cc3b08737adada710
3462af6c03a2a0af90a466b4df7fd0ec149c83f16d26a4541b2b7defd765e80a
3ac867724b1efad2caead5917302ae894f7ddee6864236d77b8db2b64b3d83e2
3adfba2a36397375682da16ce4506246e6b415c0a8f6c779e1f061f5f7a986a1
42bfc7e7328d7a79f6684b810a9b6ada4590771affc2a76d348f4348eb645654
4a9030f39e2ffcc6ca7b8398b00f1ccbb4568bb218df10d7f7cfcf7a7cb3b6cf
4ba610e960f7d49fdd8d3f14ef633fbbc70908938e5d4a9e96dc5000eba7bf3f
52276d333053a6151c328043475af5eefbae896d69d1bef7b017d96204955e4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
7421d45e6160a5a07b248bc5468f2af8a7230050e9a174c95da861930f0fd61f
7c869ae3672917d4927eb1ef39a7971c1f22caf7dc65c9a327d98c81a01735c4
80a90c48ad63c3fc34f7cc8d0f2252d1481df508ae6cfc3351b40e9899722d1e
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
86dee5c8119521e00f0d44203bfb4b1d13ca93571d9c9205d70b29b937d1b8fe
8bc51905f7d7a2717dc5779f05191d68d8ae3bae8e39124739f8544ca66e5231
8d052a1395c3f93a4dffb9f5198a5c38fc8654366bc339c924990a2b1b0862f3
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
a0fcb9933e2286966509dbcc3c9d59d212581882b757b2780654335fc507a05b
a70289f09ad3278dadf72140d613a8684be53d750688a429d7af2e569b397812
c27b5e3359644e4f6bd4870f7a688aab31129bcb6ee8d3de0d0773a19b643a31
d4ba700c01448e0979b31519ca94b06cf1a0877aa90d0e3e5847914f1b052ffa
deb6d5f9bc29c34d6c63404ee4d969e3572dd81741949af4210f3788dfa152b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e608919e942a3004e88149dda6b1fc1b0dd37da80326b94cd1158694c39ccbc9
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
e69be06a88dbc950ca8f76e0d676ec2fa8f381c9d116eef7d231317fcee93548
e999af6eaa16f129539d3bc6edcc8abc76e8f5c37e97a0fa09255ea32d980928
efebf3b2893f2132f8f435054333d708e19725b8e8e01dc60e6196fc9e41f052
f4d59dd7a0370a952c662481c01142081e154a4e83d2ceb9adae1d201ba6f317
fcc446f87b017315e189b633bebe09ca0f9348a4aa4452a8efa6452559cda081