facebook-reset.herokuapp.com
Open in
urlscan Pro
3.213.124.232
Malicious Activity!
Public Scan
Effective URL: http://facebook-reset.herokuapp.com//login.html
Submission: On July 12 via manual from IE
Summary
This is the only time facebook-reset.herokuapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 3.213.124.232 3.213.124.232 | 14618 (AMAZON-AES) (AMAZON-AES) | |
27 | 2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:10d:face:b00c:0:8c | 32934 (FACEBOOK) (FACEBOOK) | |
37 | 5 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-124-232.compute-1.amazonaws.com
facebook-reset.herokuapp.com |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
ASN32934 (FACEBOOK, US)
cx.atdmt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
fbcdn.net
static.xx.fbcdn.net |
336 KB |
7 |
herokuapp.com
facebook-reset.herokuapp.com |
204 KB |
1 |
atdmt.com
cx.atdmt.com |
295 B |
1 |
facebook.com
facebook.com www.facebook.com Failed |
191 B |
37 | 4 |
Domain | Requested by | |
---|---|---|
27 | static.xx.fbcdn.net |
facebook-reset.herokuapp.com
static.xx.fbcdn.net |
7 | facebook-reset.herokuapp.com |
facebook-reset.herokuapp.com
static.xx.fbcdn.net |
1 | cx.atdmt.com |
facebook-reset.herokuapp.com
|
1 | facebook.com |
facebook-reset.herokuapp.com
|
0 | www.facebook.com Failed |
static.xx.fbcdn.net
|
37 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2021-05-15 - 2021-08-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://facebook-reset.herokuapp.com//login.html
Frame ID: 7F5B3F1AB5DD10A1AAE5119FF10FC7AB
Requests: 36 HTTP requests in this frame
Frame:
http://facebook-reset.herokuapp.com/intern/common/referer_frame.php
Frame ID: F9E903FDF82B3A1281415FA578F6560A
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://facebook-reset.herokuapp.com//?_fb_noscript=1 Page URL
- http://facebook-reset.herokuapp.com//login.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: বাংলা
Search URL Search Domain Scan URL
Title: অসমীয়া
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: नेपाली
Search URL Search Domain Scan URL
Title: Bahasa Indonesia
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: Bahasa Melayu
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://facebook-reset.herokuapp.com//?_fb_noscript=1 Page URL
- http://facebook-reset.herokuapp.com//login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
facebook-reset.herokuapp.com// |
149 B 340 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.html
facebook-reset.herokuapp.com// |
201 KB 202 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XzMVk90uhh2.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bDIU9V7M9mz.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ |
55 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uSMMw3qS6yJ.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Wtq2wlEo3Nz.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kqbeLPs2EMa.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ |
2 KB 529 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JqPt5CpHYqq.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XJj8Zr6dWgv.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/ |
242 B 282 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P9HQ5PCWcHJ.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ |
298 KB 81 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gZHxMmOARWK.png
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 976 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 191 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
3kHilnfpVCI.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ |
38 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jRoe4RfDgCl.js
static.xx.fbcdn.net/rsrc.php/v3ij9m4/yC/l/en_GB/ |
148 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
5zeYSLLaMs7.png
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
504 B 555 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
BBz6H5wqJYZ.js
static.xx.fbcdn.net/rsrc.php/v3iYXl4/ys/l/en_GB/ |
83 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
67mPxs9SbzD.js
static.xx.fbcdn.net/rsrc.php/v3iCwx4/yk/l/en_GB/ |
92 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2BB0axX3UOy.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
37 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
CUrUHu1cZcN.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ |
28 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
x--YYy2Z1L2.js
static.xx.fbcdn.net/rsrc.php/v3igbH4/yC/l/en_GB/ |
53 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
3acuXfd_vAb.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FYIV9LyqXbP.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ |
1006 B 612 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
XABSUe6d1vn.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
SSB9SY-osim.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ |
138 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
kcHqTtwfUEG.js
static.xx.fbcdn.net/rsrc.php/v3iX3c4/ye/l/en_GB/ |
46 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gfmq8ch7AMt.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ |
67 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
JopZtdti8dq.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
referer_frame.php
facebook-reset.herokuapp.com/intern/common/ Frame F9E9 |
196 B 381 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
facebook-reset.herokuapp.com/ajax/ |
196 B 381 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.facebook.com/ajax/bootloader-endpoint/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Frame F9E9 |
43 B 295 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
facebook-reset.herokuapp.com/ajax/ |
196 B 381 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
facebook-reset.herokuapp.com/ajax/ |
196 B 381 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
facebook-reset.herokuapp.com/ajax/webstorage/process_keys/ |
196 B 381 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/ajax/bootloader-endpoint/?modules=AsyncSignal&__user=0&__a=1&__dyn=7xe6Fo4OQ1PyU9oynFwn84a2i5U4e1Fx-ewSwMxW0DUeUhw5cx60Vo1upE4W0OE2WxO0FE2awt81sbzo5iaw5zwwwi81nE3rw9O0RE2Jw8W0b1yE&__csr=&__req=2&__hs=18812.PHASED%3ADEFAULT.2.0.0.0&dpr=1&__ccg=GOOD&__rev=1004076198&__s=%3Adxckb1%3As1dzua&__hsi=6980982956258360034-0&__comet_req=0&__spin_r=1004076198&__spin_b=trunk&__spin_t=1625386755
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks object| domreadyhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks function| useragentcm object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| PageTransitions object| onafterunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onleavehooks boolean| domready boolean| loaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cx.atdmt.com
facebook-reset.herokuapp.com
facebook.com
static.xx.fbcdn.net
www.facebook.com
www.facebook.com
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:10d:face:b00c:0:8c
2a03:2880:f12d:181:face:b00c:0:25de
3.213.124.232
0101615c300eed8b8e6471783784138ccc13868938664bbf1b360a21818a9a2b
0193b6848c9e0b8439a80d5d3665c2451f39574666745c3787d8fb0a0457d362
06c3ba0ebe10901a6081ff768315911c765864cb198de0ea31cfe467b826f2cb
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1b00bc6e68388c9c7d798471dfca65c80ca8363fa766d475666e5f2a89911081
263d8758d99c499567a64d917c23664fab5cdfc4ed36e2fede5c1a49b5cc5633
2a76fc5a0707261f910b738c74bf1792c8c330e26f082cd0f697df6e60d08fbc
3aa4ae2edf6897c64de49220e00fc35940a9f1025e49457b6d9e8c041a4471a4
4e723f79b46063256acb86ac41d54154e9bea8a9fba1e6dafce1060d5b4fe2b8
51207f74aecb4b1c5fe3915ed3fbd68db1b44c04b8cf66c9e9ee3ced80349a3a
538c83da69e6fa6b6f0a0b4a4c53e54d7ab42ecb1f8e25706dd27b3a7bd9b8d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58ab85269ccfa2a0e26987ebdb3560c38ea7b7fe9e463b30e43bc17f05492b3b
58ffef670f74318a8517ac12b0d5bd84aa3523dde01b760545f4ab6ee89ad49f
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
5ad91cafe4669757642d17445a53adbe8b3f0d43f5f9ef99b3690055fd462e37
6566bba932abddc6ba82676daae457b56545a3e0fd7980e4401c46f7aa1ed48c
6788bd15ea4feb9c3eb950a95ec7ed9ba029a082be2bac5ed9716b867a9683f9
7803241aa3d751efa861a572c807b242ffae96ef51cb78bdcab1ea535dd20b8d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8925d81c569fddca4a7346e40e0a31b2bf7eb52d774bcab56938bd272cb9fc4e
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
a3912e7d5bee04c5437f78f2daeae76f5d7128357fe188cd1ae26776bb233194
a5936c2fba62f37df5373aba3800425e4d5f540556f8bd7f909228df4030841d
b265bd2a6bb9097274612cba2aa063a257ae73dd509e320dc37384836631329b
b2749eeb58a312d751408623184d11923fc885b8a951aaee363f04f73b861aab
b7f32a3e5f72079ee5e9ef866c8f4377af24a64f30b4408e7d5cb0274914af26
e1c1b257957cb84b716097ed2facffa16a9fcd5239e9ceecc720723382f08958
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
ea27ce9a1ff4a08e1b24cf4f03c917ac5d5472e8d826271ed45edff22769eacd
f0fef37bdf55719e752f8860105d041f175a304e86a5f131a515e015274c4571