![](/screenshots/a76cacb7-e9d0-4e41-b990-a7b5126dace3.png)
www.faccbook-login-page.ga
Open in
urlscan Pro
45.14.224.146
Malicious Activity!
Public Scan
Submission: On September 08 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by R3 on June 26th 2022. Valid for: 3 months.
This is the only time www.faccbook-login-page.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: hosted-by.spectraip.net
www.faccbook-login-page.ga |
ASN13335 (CLOUDFLARENET, US)
fastcdn.jdi5.com | |
counter.jdi5.com | |
imgcdn1.jdi5.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
cdn1.wb4.xyz | |
desifoodcorner.wb4.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119 |
79 KB |
8 |
wb4.xyz
2 redirects
cdn1.wb4.xyz desifoodcorner.wb4.xyz |
7 KB |
8 |
jdi5.com
fastcdn.jdi5.com — Cisco Umbrella Rank: 939174 counter.jdi5.com — Cisco Umbrella Rank: 864629 imgcdn1.jdi5.com |
9 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141 |
228 KB |
2 |
kiynew.com
kiynew.com — Cisco Umbrella Rank: 45989 |
|
2 |
prhzxq.com
prhzxq.com — Cisco Umbrella Rank: 41468 |
255 B |
2 |
github.io
afarkas.github.io — Cisco Umbrella Rank: 224831 |
7 KB |
2 |
yqmxfz.com
yqmxfz.com — Cisco Umbrella Rank: 39446 |
127 KB |
2 |
faccbook-login-page.ga
www.faccbook-login-page.ga |
8 KB |
1 |
screenshotfactory.com
screenshotfactory.com — Cisco Umbrella Rank: 498168 |
23 KB |
1 |
google.nl
www.google.nl — Cisco Umbrella Rank: 6102 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 19 |
501 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188 |
450 B |
44 | 13 |
Domain | Requested by | |
---|---|---|
6 | desifoodcorner.wb4.xyz |
www.faccbook-login-page.ga
|
6 | www.google-analytics.com |
counter.jdi5.com
www.google-analytics.com www.googletagmanager.com |
4 | www.googletagmanager.com |
www.faccbook-login-page.ga
desifoodcorner.wb4.xyz |
4 | counter.jdi5.com |
www.faccbook-login-page.ga
counter.jdi5.com |
3 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | kiynew.com |
yqmxfz.com
|
2 | prhzxq.com |
yqmxfz.com
|
2 | afarkas.github.io |
desifoodcorner.wb4.xyz
|
2 | yqmxfz.com |
desifoodcorner.wb4.xyz
|
2 | imgcdn1.jdi5.com |
www.faccbook-login-page.ga
counter.jdi5.com |
2 | cdn1.wb4.xyz | 2 redirects |
2 | fastcdn.jdi5.com |
www.faccbook-login-page.ga
|
2 | www.faccbook-login-page.ga |
www.faccbook-login-page.ga
|
1 | screenshotfactory.com |
desifoodcorner.wb4.xyz
|
1 | www.google.nl |
www.faccbook-login-page.ga
|
1 | www.google.com |
www.faccbook-login-page.ga
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
44 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
facebook.com |
m.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wapkiz.com R3 |
2022-06-26 - 2022-09-24 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-16 - 2023-01-16 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.google.nl GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.github.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-07 - 2023-04-07 |
a year | crt.sh |
prhzxq.com R3 |
2022-06-29 - 2022-09-27 |
3 months | crt.sh |
kiynew.com R3 |
2022-07-05 - 2022-10-03 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.faccbook-login-page.ga/
Frame ID: FF5E705D4E88AE16CFAF936F840886AB
Requests: 13 HTTP requests in this frame
Frame:
https://desifoodcorner.wb4.xyz/2019/05/my-garden-beauty-there-are-many.html
Frame ID: 2AD707E81DA1F44EA0FAF5EF1CCE4D75
Requests: 10 HTTP requests in this frame
Frame:
https://www.faccbook-login-page.ga/
Frame ID: 13B756EF97E8057E87C3B190873F60CE
Requests: 9 HTTP requests in this frame
Frame:
https://desifoodcorner.wb4.xyz/2019/05/allu-k-samosay.html
Frame ID: B6BF19170DD586FAC4E625825C2F060B
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/a76cacb7-e9d0-4e41-b990-a7b5126dace3.png)
Page Title
Facbook .Detected technologies
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Create Account
Search URL Search Domain Scan URL
Title: GP's Terms
Search URL Search Domain Scan URL
Title: Change settings
Search URL Search Domain Scan URL
Title: Forgotten password?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://cdn1.wb4.xyz/red2.php?rand=gQ4325a9f7854341cd2479575a5f610e39&id=27 HTTP 302
- https://desifoodcorner.wb4.xyz/submit.php
- https://cdn1.wb4.xyz/red2.php?rand=gQ4325a9f7854341cd2479575a5f610e39&id=27 HTTP 302
- https://desifoodcorner.wb4.xyz/submit.php
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.faccbook-login-page.ga/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
fastcdn.jdi5.com/css/javamobile.minewap.com/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online.js
counter.jdi5.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
206 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fc.php
counter.jdi5.com/ |
49 B 436 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
submit.php
desifoodcorner.wb4.xyz/ Frame 2AD7 Redirect Chain
|
338 B 451 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.faccbook-login-page.ga/ Frame 13B7 |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 346 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
fastcdn.jdi5.com/css/javamobile.minewap.com/ Frame 13B7 |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
online.js
counter.jdi5.com/ Frame 13B7 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ Frame 13B7 |
206 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FF0000.png
imgcdn1.jdi5.com/img/ |
128 B 509 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ Frame 13B7 |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fc.php
counter.jdi5.com/ Frame 13B7 |
49 B 553 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
submit.php
desifoodcorner.wb4.xyz/ Frame B6BF Redirect Chain
|
338 B 614 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 450 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ Frame 13B7 |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.nl/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FF0000.png
imgcdn1.jdi5.com/img/ Frame 13B7 |
128 B 655 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
desifoodcorner.wb4.xyz/ Frame 2AD7 |
499 B 795 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
desifoodcorner.wb4.xyz/ Frame B6BF |
482 B 781 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
my-garden-beauty-there-are-many.html
desifoodcorner.wb4.xyz/2019/05/ Frame 2AD7 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ Frame 2AD7 |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjEwNTEyMDUsInNpZCI6MTE0OTQ4Nywid2lkIjozNTY3MDMsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame 2AD7 |
163 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.min.js
afarkas.github.io/lazysizes/ Frame 2AD7 |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
allu-k-samosay.html
desifoodcorner.wb4.xyz/2019/05/ Frame B6BF |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ Frame 2AD7 |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ Frame B6BF |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
55a9e51463bdac29dc503163da955861.png_2019-02-26_14-45-26.png
screenshotfactory.com/marketing2/monosnap/ Frame B6BF |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjEwNTEyMDUsInNpZCI6MTE0OTQ4Nywid2lkIjozNTY3MDMsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ Frame B6BF |
163 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.min.js
afarkas.github.io/lazysizes/ Frame B6BF |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ Frame B6BF |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wnload
prhzxq.com/ Frame 2AD7 |
0 128 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3c373fb2-be55-43e9-91df-5bac0ea245c7
https://desifoodcorner.wb4.xyz/ Frame 2AD7 |
91 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wnload
prhzxq.com/ Frame B6BF |
0 127 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
7375d8cd-4262-4cfc-afc7-d28c1913ea54
https://desifoodcorner.wb4.xyz/ Frame B6BF |
91 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admc
kiynew.com/ Frame 2AD7 |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admc
kiynew.com/ Frame B6BF |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ Frame 13B7 |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| sc_olimg_var object| pn string| w_h function| online function| sc_onlineimagei function| ct_inserti function| drawText_onlinei function| errorMsgi string| title string| GoogleAnalyticsObject function| ga function| dlcount function| gtag object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| gaplugins object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.faccbook-login-page.ga/ | Name: faccbook-login-page_ga Value: b138cc4d23a9e338eefcff7f4b4c2ce1 |
|
.faccbook-login-page.ga/ | Name: _gid Value: GA1.2.914843236.1662632927 |
|
.faccbook-login-page.ga/ | Name: _gat Value: 1 |
|
.faccbook-login-page.ga/ | Name: _ga_EFRKRPXK2Z Value: GS1.1.1662632927.1.1.1662632927.0.0.0 |
|
.faccbook-login-page.ga/ | Name: _ga Value: GA1.1.2121215733.1662632927 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afarkas.github.io
cdn1.wb4.xyz
counter.jdi5.com
desifoodcorner.wb4.xyz
fastcdn.jdi5.com
imgcdn1.jdi5.com
kiynew.com
prhzxq.com
region1.google-analytics.com
screenshotfactory.com
stats.g.doubleclick.net
www.faccbook-login-page.ga
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
yqmxfz.com
2001:4860:4802:32::36
2001:4860:4802:34::178
2606:4700:3030::6815:57f1
2606:4700:3030::6815:b3d
2606:4700:3035::ac43:8726
2606:4700:3038::6815:e989
2606:50c0:8000::153
2a00:1450:4001:800::2004
2a00:1450:4001:801::2008
2a00:1450:4001:80b::2003
2a00:1450:400c:c07::9b
2a02:b4a:1:7::9167:1
2a02:b4a:1:7::9273:1
45.14.224.146
0ddf12f33a1d94aa63d6c53d241cafe7890e62abbd194d535c92f79f2f4521fa
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
2596ed54f7299f177fb4e12dee4ebdc218397bb71d57661b4887374e93a1ab5f
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
3084a267db3a4158df137bd2e241fe0173afc16ece521813a877eb2d0c406539
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
400cc31852d824f71f54bc36be5bfc8e937dedeb4e6d257978ecb5dde6cd0851
570927b11594fe46a9e71e9b5489a6417dcdc12fcf9f7c257267f6e4ee6d78da
587237b6d2f20a06068225676052cef560074e6bd18d57a73e3a02dec7a7e26c
6660421dc3eb25ba368f1f0b83bec631e36accf07c0b96a6f233e0ec532001d1
69349c7d525b48d7cac6390313358834f1913cf17c7cdeea0766ca8bdab2feb3
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bd8d7d7d538c074a2b131b2f3670dfd9dea60c7ed458918f627a7b57738f0800
beba07dacfc20510af0428a9da70742236acfa592033a7b8bc1540286b31e5ba
d1ea55381509a1e9bb13e471f6526a1419925fd04b7df9e066a498266a219a8b
df36a75b888611afbf223115abbfa9afe16660a2cc5e5b5a7ce4fd9ac3e000ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0414a388c217806e9524ae83f671f517af64b88ed2586bf391f0834e3ba7f33
f110373262de17375dc3674bcb84be3d4449420a5af9a042702935a5f355e1e5
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf