login.faceboolk.net
Open in
urlscan Pro
54.84.120.71
Malicious Activity!
Public Scan
Effective URL: https://login.faceboolk.net/login/device-based/regular/login/login.php?lwv=120&lwc=3252004
Submission: On January 21 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 20th 2022. Valid for: 3 months.
This is the only time login.faceboolk.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 54.84.120.71 54.84.120.71 | 14618 (AMAZON-AES) (AMAZON-AES) | |
35 | 2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
3 3 | 2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
39 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-120-71.compute-1.amazonaws.com
login.faceboolk.net |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net | |
connect.facebook.net |
ASN32934 (FACEBOOK, US)
cs.atdmt.com |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
fbcdn.net
1 redirects
static.xx.fbcdn.net — Cisco Umbrella Rank: 639 fbcdn.net — Cisco Umbrella Rank: 122 |
347 KB |
4 |
faceboolk.net
1 redirects
login.faceboolk.net |
87 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 |
667 B |
1 |
fbsbx.com
1 redirects
fbsbx.com — Cisco Umbrella Rank: 1104 |
142 B |
1 |
facebook.com
1 redirects
facebook.com — Cisco Umbrella Rank: 32 |
365 B |
1 |
atdmt.com
cs.atdmt.com — Cisco Umbrella Rank: 177979 |
|
39 | 6 |
Domain | Requested by | |
---|---|---|
34 | static.xx.fbcdn.net |
login.faceboolk.net
static.xx.fbcdn.net |
4 | login.faceboolk.net |
1 redirects
static.xx.fbcdn.net
|
1 | connect.facebook.net |
login.faceboolk.net
|
1 | fbsbx.com | 1 redirects |
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
1 | cs.atdmt.com |
login.faceboolk.net
|
39 | 7 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.faceboolk.net R3 |
2022-01-20 - 2022-04-20 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-10-30 - 2022-01-28 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2021-10-30 - 2022-01-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.faceboolk.net/login/device-based/regular/login/login.php?lwv=120&lwc=3252004
Frame ID: 1BFD348D6CE51B007003105F01D5C073
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
Log into FacebookPage URL History Show full URLs
-
https://login.faceboolk.net/aHWCwkrQ?rid=gjvahre
HTTP 302
https://login.faceboolk.net/login/device-based/regular/login/login.php?lwv=120&lwc=3252004 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Title: Forgot account?
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad choices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.faceboolk.net/aHWCwkrQ?rid=gjvahre
HTTP 302
https://login.faceboolk.net/login/device-based/regular/login/login.php?lwv=120&lwc=3252004 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://facebook.com/security/hsts-pixel.gif?c=3.2.5 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2.5 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif?c=5 HTTP 302
- https://connect.facebook.net/security/hsts-pixel.gif
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
login.faceboolk.net/login/device-based/regular/login/ Redirect Chain
|
83 KB 84 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufIvqgV8xPk.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EUALYxyues9.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v6QrhLS3ni7.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QEPg97EjXSk.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PR5f5cH44oq.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ |
495 B 833 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbWj5dcnmIq.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
37VMI-ku4zI.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
22 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0dbVk-B3shR.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
327 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
cs.atdmt.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
connect.facebook.net/security/ Redirect Chain
|
43 B 667 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4cS9b1GxpPE.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ |
30 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ACBkrPbpony.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WSK61DqQ_p9.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/y6/l/en_US/ |
64 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
59CVAki7viL.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
XpFprvKSai6.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ |
29 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
0 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wVEWrRqK9kv.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JoosKbjcmxA.js
static.xx.fbcdn.net/rsrc.php/v3icRb4/y1/l/en_US/ |
131 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PntF_y0-_ja.js
static.xx.fbcdn.net/rsrc.php/v3iYXl4/yz/l/en_US/ |
89 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
I89YSs7dzAT.js
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yC/l/en_US/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
n0PIJLWA_NR.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
59 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m_1aw-EKRXj.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qC1B0A_CS1P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5C0Uj9jiR3H.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ |
602 B 378 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
30MwAtuDo-F.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ |
698 B 424 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
770 B 469 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vYLi5uNkG0X.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dtHL02-aVls.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iexbg1BZabf.js
static.xx.fbcdn.net/rsrc.php/v3iWtR4/yA/l/en_US/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LlBt34FiaHg.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bpek9EFzHNi.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ |
140 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CyNJRkmXvyt.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ |
67 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
o5XjgaLVgY-.js
static.xx.fbcdn.net/rsrc.php/v3iqES4/yZ/l/en_US/ |
45 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cN-N4Eu_deZ.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JB0CVIbgIKw.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
login.faceboolk.net/ajax/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
login.faceboolk.net/ajax/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)71 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| __FB_STORE object| onbeforeunloadhooks object| onafterunloadhooks object| onunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| PageTransitions object| onleavehooks boolean| domready boolean| loaded4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.faceboolk.net/ | Name: DpWm Value: 047da26e4cc17238055dad517e6717eb99087b9db735268bb3f20fb8dc04dbf0 |
|
login.faceboolk.net/ | Name: PHPSESSID Value: f79a5790c297a1b38bedd8f1ddc19d00 |
|
.faceboolk.net/ | Name: _js_datr Value: javRYdTtdMtfqVinkPEdFwyw |
|
.faceboolk.net/ | Name: wd Value: 1600x1200 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
cs.atdmt.com
facebook.com
fbcdn.net
fbsbx.com
login.faceboolk.net
static.xx.fbcdn.net
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
54.84.120.71
04ade50955bb89e71e56c93291f96923562f10a3b2c66e6a70dd597aa6e55108
0677146ead5feccde11491b029deb17f3f5cccd3fb18c7b875e3065ac0aa71c3
069aa3600adccbfb67c70ae09a3d6b94e2f15d7f5f541c576ed5e2d1e14b1c33
07ed2f0c2eceb77a73c18067cc8c148e93a0c0e13ef6ec49cf4eb6945fbfadf2
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1b654c7c06418d9f9dd0ca05bc27e6acac8711a491f94d11a15963ba595c838e
1be1bd1c1db5273c0754d471ed9bb478adc967f7a0e186214a9e96e9eaaa02fe
206d6596b779513b2747968173a3972268869b0c9c3072aeabe0150a5ebdece2
25d26848c6fdf400329b93d9f01d910edca77da8c31d161414985299cf503872
26d2a51942650abb71ea738e8a886f854f1d9add688407b91a8934123ab1ec1a
292550f8c2044dd0194cd7880a2af002ca18779d079f367debbb9e5cdca9db19
2e6a0dce1aaace8f99fee167f6999b6b408d7b2e09c107ab88d11c5c28636871
385d39b0e822e35759e80b4536918e9ab20d6cae50b998c6b4ac84e20c20fa1c
38d5fffac7ff5b22577f2fffcbf0de390727a3c7e9b6d35d2817646f1d2fed75
3991d2b2433f34574e22837e7ce8f1f66e8b4f75cd8353495d91357133e1bf7f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c2aae75ed05d9d2e8164e6a89d05b2f4ddf585752fdbcdd2c01f749006404f2
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
67d0b1def76e90be6837c0c29571d0e8c41625d2ffb6aff335b17f9d6038b51a
7bf479cea34964c9f77966d0cad9b46f1d22643bf1579216d6cbfe14ae0bbd52
87a0b2e8b2c635699d3b538784e3d17b74ee6909dac4588720c299ab68838239
8a59bced6d6e3738e9aa926eae4df553c0eb2be3a5da7f0a06c0151530678a9d
90879d10d508c7be1f8d6d91421bd1d86d5a3169e9fd39d133913d49e57b4f99
92badff3096f04379998fefbccc514ee2e6cc99503aab8d90ea0fefc4383994f
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9f9fe9095af0ca5b86de3f2a68608af62e82d96d2fdf8a92e86e5f07c21bf262
aa3dff209182910983722bf0f91ae4a98fc03fafca010c215f29d51ec3ac954b
bc991d817f24760468c12ee95e41b5e667f0253b169c5b15573ff9fc76f57ac1
c1109fbc494a73acb049b38755d79250d336c3eba26bc6a8d0c0e396ba6e75dd
c5b3960a993c2a553e7915cacafdd70a0b167e48dd366445182bb38a411d1659
cac9ad7aa4a7c2898380ba7f78c1b3295ab8221910f12ecff55520b941d7ca3b
cb6a46b9f8a785a3b723557a788d5dd09ae9802e4e104a7c24733989af01cbb3
d3ad61adfb1ce757383a9c21aa68c0d9be4d8524c555b4788a7beea8973ab6c9
d6d04b3663da43d7ad5c47b67951188459c5dde32362a3862c0e56b5965db4ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
f704d51d7aeffb43b44772ce313c2d5b8e0ae646cca4905480af66908ff45464
ff934d517f1f01a3cb77b90de115efa5d877c774412cdfa3e5b2011d88bd1f18