fb-ali.laifa.xin
Open in
urlscan Pro
163.181.92.225
Malicious Activity!
Public Scan
Submission: On June 01 via api from IE — Scanned from DE
Summary
This is the only time fb-ali.laifa.xin was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 163.181.92.225 163.181.92.225 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
32 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
35 | 4 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
fb-ali.laifa.xin |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 611 |
366 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 32 |
3 KB |
1 |
laifa.xin
fb-ali.laifa.xin |
36 KB |
35 | 3 |
Domain | Requested by | |
---|---|---|
32 | static.xx.fbcdn.net |
fb-ali.laifa.xin
static.xx.fbcdn.net |
1 | facebook.com |
fb-ali.laifa.xin
|
1 | fb-ali.laifa.xin |
static.xx.fbcdn.net
|
35 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-10 - 2022-06-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://fb-ali.laifa.xin/
Frame ID: F9EA9AF2433B01672DE915FC6B39D29C
Requests: 36 HTTP requests in this frame
39 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Polski
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Română
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: Info
Search URL Search Domain Scan URL
Title: Entwickler
Search URL Search Domain Scan URL
Title: Datenschutzinfo
Search URL Search Domain Scan URL
Title: Cookie-Richtlinie
Search URL Search Domain Scan URL
Title: anderer Unternehmen
Search URL Search Domain Scan URL
Title: Einstellungen für Werbeanzeigen
Search URL Search Domain Scan URL
Title: Produkte der Facebook-Unternehmen
Search URL Search Domain Scan URL
Title: Business-Tools
Search URL Search Domain Scan URL
Title: Aktivitäten außerhalb von Facebook
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance of Canada
Search URL Search Domain Scan URL
Title: European Interactive Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance of Canada
Search URL Search Domain Scan URL
Title: European Interactive Digital Advertising Alliance
Search URL Search Domain Scan URL
Title: Google Chrome
Search URL Search Domain Scan URL
Title: Internet Explorer
Search URL Search Domain Scan URL
Title: Firefox
Search URL Search Domain Scan URL
Title: Safari
Search URL Search Domain Scan URL
Title: Safari (Mobilgeräte)
Search URL Search Domain Scan URL
Title: Opera
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
fb-ali.laifa.xin/ |
109 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WHpGi8G9pNZ.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rz_F0Slqhme.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afmzdaAkHsD.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KIqPo6_vmPY.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gt_Hdc3lf8P.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/ |
2 KB 654 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6E_Tw7QqULd.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qAurL74bdLP.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
C0teK_h3UC4.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ |
309 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcPAKjn6Jh_.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
24 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PH7esu33pPv.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/yM/l/de_DE/ |
66 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
q8NTDF-khd8.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ |
29 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrGURmjnB7R.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
59 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
52vld7hrDEO.png
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ILHx_tD9z9W.js
static.xx.fbcdn.net/rsrc.php/v3iVab4/y8/l/de_DE/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6Na2oJU5xni.js
static.xx.fbcdn.net/rsrc.php/v3i5ED4/y-/l/de_DE/ |
80 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S0VBek2DhJI.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
50 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
REA8ng4nVmW.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6VbhyZgVCHQ.js
static.xx.fbcdn.net/rsrc.php/v3iMoJ4/yI/l/de_DE/ |
28 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3FPJ9YC_wUr.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
1 KB 637 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oBPCqlFS3zW.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ |
33 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c-rEGdO4C2C.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
32 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
804 B 481 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Fr8rr5gxbOC.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WZNL1F5H5Ht.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ |
61 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hcdBy_YMmhn.js
static.xx.fbcdn.net/rsrc.php/v3iaZB4/yh/l/de_DE/ |
38 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
H9adpmbpJgJ.js
static.xx.fbcdn.net/rsrc.php/v3ipSB4/yl/l/de_DE/ |
15 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Ro0Z29CD5gL.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ |
32 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
udb_8bUa4rJ.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ |
148 KB 44 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7voVGqwJ_1x.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KWY7Edb5_DT.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
waujFC3AG07.js
static.xx.fbcdn.net/rsrc.php/v3i2UN4/y1/l/de_DE/ |
48 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dUCAWaCL9gX.png
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
bz
fb-ali.laifa.xin/ajax/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fb-ali.laifa.xin
- URL
- https://fb-ali.laifa.xin/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=0&__csr=&__dyn=7xe6Fo4OQ1PyUbFuC1swgE98nwgU6C7UW3q327E2vwXx60kO4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ewnE3fw5rwSyE1582ZwrU&__hs=19144.BP%3ADEFAULT.2.0.0.0.&__hsi=7104202914811475541-0&__req=1&__rev=1005611153&__s=%3A%3Ada2bsv&__spin_b=trunk&__spin_r=1005611153&__spin_t=1654076137&__user=0&dpr=1&jazoest=2844&lsd=AVoy9D6A8XI
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks object| domreadyhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onafterunloadhooks object| __FB_STORE object| PageTransitions object| onleavehooks boolean| domready boolean| loaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; |
Strict-Transport-Security | max-age=15552000; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fb-ali.laifa.xin
static.xx.fbcdn.net
fb-ali.laifa.xin
163.181.92.225
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
03eda79e9263e06ca4dd216e580df7918a6c7b66e09c0efbdbdd874edefa8323
050602ae119fcb3bd6baf05e4259060868c97bbbe110ca5ffbaf64975817dc98
0d71f7428b3d206d2d75c72f5d9b9c2bfd797eb8be76788658279db1ed24cc5a
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1c4f63df6703d148edec04a2b07db46f9d0950b0f6d1d0b9b9045dd0aaaf12c7
24bd1809a16e6a6fa6314f2efec4b7394fa49c6996dc78769581517917d72edd
25ac9839a333104fd8a42d1aa4cb7dd72d76675fea062c2a56c05e4f0d62ec42
2ac0c5c34a5c940856e45d8eb1b1d9e2c9485f2ef686e94f241a092249f7ad33
2c5df7f21262659ec240d8e966fd0586548da964484e7a96139e85785b44547a
2d8770bee04c000784761a388965ff653901deaf4583483a4f229ba3bab51901
3297b4bb00bda40b3382aab8b66a10e9818c12af458f3d967609a54e7b6af452
39d6e2d72120b345cea281ce7b197d69ff672fa15c24240578bf519302f00016
3ad06a1f1a6fba821ca8de2d247947ee1c7da8863774172ae1de4841abfc3465
4546f03a00d3ba80964ba53237f7af63f8ab974e2bb67967168327133ba5e9bf
47f1298140de830de23a40f8d8d2cf72519c1cead1bda0017033ba71b1a8828c
515230bea54a1a911b26d2a905758b708ab0dbcb36c3f0e93db27b74fd0814b9
5440032df3ecfc8fd374fcd499dd78ec8c0d13970f01da419f5004acc48e8d51
547b229f1c1384fa5b9bd8553131ca66f0025f32e66ee8063e3489f72b49041f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d6343f009d925dbb35578d45f88ec6f0826aebcaa39a9cd277414ef3e5108b7
7327f79325618e25f762e493cb52befbba07fc2b4e56dda7c657436d4d804409
7fcbf31cab0f869c77be26e13609decdb319bef8c86343bac50627432773f9a3
903aef94878514f340ad74bceda979fb7b9d3fd1f617f1fbdf2cc079b206e193
a5e8c89cf179f9125e0c7819ae0ae5fc19011e63682443c3554cd7ceec29e106
aa7c94aee08e72340d94078da45332471ecb887260f9b1b7fef95a447f2d244e
ac35c4819cca120f41d508fa1e2a0e2622f5c48a04a698280aaecb6878eddc1b
b1a8fc9df06f9e1ad3a49230a335f141ad2673d61604e43d1b8907276d602714
c214cd45eb711a8c49a43c34231ff192077939e91b63cd4b896ffc4751f7264b
c58956da5e79bdd031ac390d52aba140730d53afe39bbc666b9a5b56cf1b1340
c90bf79f1a843f5a733a6c0cde030245458aeda270d5dacc6adcc9bfaf1ab707
d017405784c27c586c3aa4d495502041d782e3ef2f0a0e596975c40af8e56e85
edb5379e249cf88c2f9d413d197e87ea8b220aabf07a88807eba32512d235bcc
ee84c9443747f298cd45431603a8e495de674fa99c92492d3bca937b7f762ecd
f561b0c3993104abe5fc4e2813c4b0534918634c5e33f98a0cb1165664c66969
f76a2242c20f92cba1a1213f5560321ce5efbfd514ae38650e6010811f863b89