www.facebook-log.cf Open in urlscan Pro
2606:4700:3031::681c:171a  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.facebook-log.cf/	98 KB 25 KB	768ms 711ms	Document text/html	2606:4700:3031::681c:171a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:171a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1b980e0eb02fdf0c27ff21816c32cd0893d6e32f56ea656ce83479d6811b12a Request headers :method GET :authority www.facebook-log.cf :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Mon, 11 May 2020 03:17:46 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d680ed20bdbe1f8a10dcbb3c272e6e0731589167065; expires=Wed, 10-Jun-20 03:17:45 GMT; path=/; domain=.facebook-log.cf; HttpOnly; SameSite=Lax; Secure vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5918bfb04b531f39-FRA content-encoding br cf-request-id 02a356222f00001f3932935200000001
GET H2	200	T7M20-JlPGr.js Show response static.xx.fbcdn.net/rsrc.php/v3/yL/r/	41 KB 12 KB	62ms 47ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/T7M20-JlPGr.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0c69e07422329e13fa61ea6362bfcd8d5a52edc91a4c0424968efd4f5438ed08 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug B8Lb01ZP8s0EDAUgUymHqxLpsafEs3uqDAqNtourTkysmaIBXlF2EZdvAZi8XQdaOyx3uOfhe+SDOjedLep3VA== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 lywMAYK4utrxNLLA8X4+QQ== status 200 date Mon, 11 May 2020 03:17:46 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 12210 expires Tue, 11 May 2021 03:17:46 GMT
GET H2	200	HRoJzE7V3lD.js Show response static.xx.fbcdn.net/rsrc.php/v3iL6L4/yM/l/pt_BR/	49 KB 16 KB	920ms 905ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iL6L4/yM/l/pt_BR/HRoJzE7V3lD.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a85b011f9368c3e49927b7cdd03ee434d355ecae208c329869f6598da4c692d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug hVC7nPQlFZXGm6fg3IZDGhjQrVVvNY9ncsJxxABneTLULP3A9mrV4mYZenlrtjQ+YumUGzDzbH3k7FrjrRYwdg== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 N/E/iUSmGBGyD6UoK3I/7g== status 200 date Mon, 11 May 2020 03:17:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 15887 expires Tue, 11 May 2021 03:17:47 GMT
GET H2	200	Xp5t231rmR0.js Show response static.xx.fbcdn.net/rsrc.php/v3/y5/r/	67 KB 18 KB	74ms 59ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/Xp5t231rmR0.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8f3a949215ad40fbc2ef67c1740145445aafd882215b520c6a54e33035fcf66c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug 9RLZhGujo0d52MHUz+es+vxb23NTBZ+FHLBXBFWHxhmWGX2rCABivVUYEHpdeYChgFAGUfvFzS2cYriyIqFDaQ== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 SnoxRNhQOszkPmv5XXqR6g== status 200 date Mon, 11 May 2020 03:17:46 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 18406 expires Tue, 11 May 2021 03:17:46 GMT
GET H2	200	xxJeaWEjE2P.js Show response static.xx.fbcdn.net/rsrc.php/v3iNPx4/yT/l/pt_BR/	25 KB 9 KB	325ms 310ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iNPx4/yT/l/pt_BR/xxJeaWEjE2P.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3f9fc4177e481461a80da5b25fb503ae8553efb1e4f41a41fb6ff240c0f0c600 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug sLaBmsenoMnKw3uSSuwkJYpKmSpsslpe+teacaDNIatX0xm7a2UDV/kI/WXKRZCh8E4cnH6n5XZn5ZoxdvqEUQ== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 Q7p2n+0e4dzPrcywNxTdng== status 200 date Mon, 11 May 2020 03:17:46 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 8819 expires Tue, 11 May 2021 03:17:46 GMT
GET H2	200	6bmd7YRe3RA.css static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/	14 KB 3 KB	343ms 329ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/6bmd7YRe3RA.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f79aa0a7e7032737134ce3c0feeb4db428d9c9af5319bc0ce73416d964b580fd Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug IKWLMpH8qbgIGc0XfdIdP0C67VqmBoc3+PV4HW/bmexfkrXZ6oLhCWMwsREk0ZVyXIG3953FBMZ30nFoTA6ZEg== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 SfLp3Sw5P1Z3k5GJTSwsyQ== status 200 date Mon, 11 May 2020 03:17:46 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 3110 expires Tue, 11 May 2021 03:17:46 GMT
GET H2	200	5cQOPdia9dI.css static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/	98 KB 22 KB	73ms 60ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/5cQOPdia9dI.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1aae2f8de3a5985a617023b71ddaec42d19b7e02d3c5e91fef7a1fcd4299963b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug omJJ7UymBDl4MjHvV+mJCuNX+m15odkNklEkpJKWhgkKdzO9B3FOW1xiegt3vsWAHwOv1kU75P5nRfOh3RWZuA== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 OQ0V73hFhxjMMgahix+Y+w== status 200 date Mon, 11 May 2020 03:17:46 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 22021 expires Tue, 11 May 2021 03:17:46 GMT
GET H2	200	DLjWBFy_-43.js Show response static.xx.fbcdn.net/rsrc.php/v3/yt/r/	222 KB 57 KB	903ms 890ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/DLjWBFy_-43.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d34d3c2a7f22faafc54eda0bd574ea2ea491b4ed1b0c235683c8efaa9902f3b1 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug JKVq8sdej9W/56oZvrdssWMrlUk/IO/cVKH2CPlHptZECNyLoWShAVOEhhyNCvG6h9E3WvaVycmd39VZlO0H/g== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 S5BcaO+iT07GRG41RijMZw== status 200 date Mon, 11 May 2020 03:17:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 58412 expires Tue, 11 May 2021 03:17:47 GMT
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 959 B	55ms 43ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.facebook-log.cf/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff status 200 x-xss-protection 0 pragma no-cache x-fb-debug pO9ngw/pEvPLNqkMKF5+gzqeBPyL5fvKO9EJmC8R33tl5xRUMLLK2w7I3DvsrCuj5XNOZ7qxzFrSR5tOivYWgw== x-frame-options DENY date Mon, 11 May 2020 03:17:47 GMT vary Origin, Accept-Encoding access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	2UL5bF8PioM.js Show response static.xx.fbcdn.net/rsrc.php/v3/yA/r/	59 KB 17 KB	50ms 50ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/2UL5bF8PioM.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 086a7c7aeec7f638132ef91089aad948d97ab33cfa560ae885b68db5e6b862dc Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug wNnqTdhxnchN+81N4CdyPCa/9xMh+pm98PjLAEXxWx5Uh4WtYECKOl4NP1DsPf53t4TPJnpn5ZUnicxm3y3Vfw== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 uFs0IgzoCuKsZwrx2Dw58A== status 200 date Mon, 11 May 2020 03:17:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 16914 expires Tue, 11 May 2021 03:17:47 GMT
GET H2	200	kfLpHJUtM70.js Show response static.xx.fbcdn.net/rsrc.php/v3iKbs4/y7/l/pt_BR/	112 KB 31 KB	60ms 59ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iKbs4/y7/l/pt_BR/kfLpHJUtM70.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 895c0228ec5d7b72009840da44e799e3b8a7f1b6838b9049b4806bb0854d8372 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug d5U/z0Zm4KZe4ay5gu0hXmrPhV8Yl5PXKSkpXyivCDjVnr9X6aB2a+iosD0ERi0n4iXmkY7jSyMn2048H+4ZrA== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 qHtn/0cXmtSus0YgF6uTuA== status 200 date Mon, 11 May 2020 03:17:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 31802 expires Tue, 11 May 2021 03:17:47 GMT
GET H2	200	Eg6Nd3LHd0E.js Show response static.xx.fbcdn.net/rsrc.php/v3/yT/r/	73 KB 22 KB	458ms 457ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/Eg6Nd3LHd0E.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2500e2ec9d0d61ac1ac1716b8daffcf426e6e6eb5a3d602ec0bde48aeee43663 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug ZjXAbG7iFcsyGfY9QkODrM+FcywB31fmgBfn4zZu5GfLPFkLElJLfJgGOzJWUnCNFI9sxosTWGSOgpqiFiD1Gg== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 BgYC/jKLbb6EIf9tVQleuQ== status 200 date Mon, 11 May 2020 03:17:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 21830 expires Tue, 11 May 2021 03:17:47 GMT
GET H2	200	_G5A61ydPog.png static.xx.fbcdn.net/rsrc.php/v3/yP/r/	33 KB 33 KB	181ms 169ms	Image image/png	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/_G5A61ydPog.png Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 84f2812eae6702b0d6f283876e5ef1901c913d9244fea4cabf4f3d8ebef9d893 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/5cQOPdia9dI.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-fb-debug yPX0vr0zy3Vx5u+9Fm5ImO1DqFEuAjIuQ4cySs+4i5puPhze6/SmhKchyUsvkAUt/u8QMGJYuwOTR/U/5bg7kQ== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 GcNXaG0J/kOwUY7RtSwBPQ== date Mon, 11 May 2020 03:17:47 GMT status 200 content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 33620 expires Tue, 11 May 2021 03:17:47 GMT
GET H2	200	cvj8rfO8RgU.png static.xx.fbcdn.net/rsrc.php/v3/y3/r/	3 KB 4 KB	17ms 5ms	Image image/png	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/cvj8rfO8RgU.png Requested by Host: www.facebook-log.cf URL: https://www.facebook-log.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a58b811b01139f699ada37a6a9bcdb5d3767790d6acc66a709750891a20fc6ba Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/6bmd7YRe3RA.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-fb-debug HQYHSM94+9/Iw7oaQsRu62lcjrOPxVYIr4nC+MJN51cHR900RmE449xxcNjTvlcTkez0LqxyNs/CoH3JJYJ1RA== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 Pb0/E/1+Z4AC+9LUZbnB1A== date Mon, 11 May 2020 03:17:47 GMT status 200 content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 3404 expires Wed, 28 Apr 2021 01:34:04 GMT
GET H2	200	O9IWT67JwBe.js Show response static.xx.fbcdn.net/rsrc.php/v3/yF/r/	50 KB 15 KB	776ms 775ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/O9IWT67JwBe.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/DLjWBFy_-43.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 22156fbed57fd83a77010b99c38cfed3c985cc8561cc19cf414981281c2ef405 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug bClinRqaGDVzVxEd5ca5NNSN+QsaJhH1TUZ1fePhfuB/kfg3udogsZ2MNFw6NKADFkdPY+pw0gsFI6PA9M6zFQ== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 EQJ2CK7rNoUANd/YYryr2w== status 200 date Mon, 11 May 2020 03:17:48 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 14829 expires Tue, 11 May 2021 03:17:48 GMT
GET H2	200	eUyF_nHinsP.js Show response static.xx.fbcdn.net/rsrc.php/v3is4v4/yP/l/pt_BR/	47 KB 11 KB	421ms 420ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3is4v4/yP/l/pt_BR/eUyF_nHinsP.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/DLjWBFy_-43.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5c550ca569beab09e518474a1f2f910b80068a7dfcc2369d0cc5d5671e7d0192 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug GzsaLzI4k5gDk0ZXzE8WDdCkVKgBWppCbZaM8f4e9R3bho3JL8FJrJLrGWuG7kYlGeZCNlCOyoSIywNSl/DH0Q== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 3Bh2Bcwgoj+qEcFT1No5iw== status 200 date Mon, 11 May 2020 03:17:48 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 11405 expires Tue, 11 May 2021 03:17:48 GMT
GET H2	200	bBPSxnyF7QO.js Show response static.xx.fbcdn.net/rsrc.php/v3icm24/yG/l/pt_BR/	38 KB 10 KB	420ms 419ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3icm24/yG/l/pt_BR/bBPSxnyF7QO.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/DLjWBFy_-43.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4dc57ad44928d2cc17e1fff5bdb990b63ca82f397dc6e70e78baec7bb6b26775 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug kiIKw8jBWn9ehQzCXUmVGrs52u/L/uYd/9k3EYhLdDivwLw0UGNLkV7VY75XWaIf4ORPr60F1HQhQ/FhEo1BaA== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 lGLxOhZ9xPi4MwK5hbNoPg== status 200 date Mon, 11 May 2020 03:17:48 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 10212 expires Tue, 11 May 2021 03:17:48 GMT
GET H2	200	svFKQXueTby.js Show response static.xx.fbcdn.net/rsrc.php/v3/y7/r/	8 KB 3 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/svFKQXueTby.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/DLjWBFy_-43.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.facebook-log.cf/ Origin https://www.facebook-log.cf Response headers timing-allow-origin * x-fb-debug J6XY6j6quTM+Za21rV/BDxUX3Y14PHmuirRdX9+1KmnOnXy/D9jglT4i42YI6Kdql+3K9zIBt9WIfoM3M4Z+HA== x-fb-trip-id 664085054 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 XtHlXRrGmWLIvBoUKspHqw== status 200 date Mon, 11 May 2020 03:17:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-encoding br content-length 2404 expires Fri, 07 May 2021 03:05:43 GMT
POST H2	404	bz Show response www.facebook-log.cf/a/	2 KB 887 B	536ms 535ms	XHR text/html	2606:4700:3031::681c:171a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.facebook-log.cf/a/bz?m_sess=&fb_dtsg=AQHxYHfYqyM4%3AAQGc5Cc_869c&jazoest=22007&lsd=AVq9oA91&__dyn=0wzpaBwk8aU4ifDgy79pk2m3q12wAxu13w9y1DxW0Oohx60kO4o3Bw4Ewk9E4W0Io3jxO0So0zSUS1kw5Kwwyo1yojwdK0g6&__csr=&__req=1&__ajax__=AYl2Qk3H6EOsu3KV54SJyaxV6MUiDq2LqV8vNt-Q4nxZsWLYMPGKT2Amev19K5KMX2Nxsl9lgfASTBMagy3GRboRZbFe_bFqojAntUh-TnhyBA&__a=AYl2Qk3H6EOsu3KV54SJyaxV6MUiDq2LqV8vNt-Q4nxZsWLYMPGKT2Amev19K5KMX2Nxsl9lgfASTBMagy3GRboRZbFe_bFqojAntUh-TnhyBA&__user=0 Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/2UL5bF8PioM.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:171a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c555fb38bbd051ee943b94c18dc4d9af8af17df9ffab895616b9253c9e6ea59e Request headers Referer https://www.facebook-log.cf/ X-Requested-With XMLHttpRequest X_FB_BACKGROUND_STATE 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 X-Response-Format JSONStream Content-Type multipart/form-data; boundary=----WebKitFormBoundaryRPKQ0C8RAxMfmh16 Response headers date Mon, 11 May 2020 03:17:48 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 404 x-turbo-charged-by LiteSpeed cf-ray 5918bfc0ba7c1f39-FRA cf-request-id 02a3562c6e00001f39329b9200000001
POST H2	404	bz Show response www.facebook-log.cf/a/	2 KB 879 B	533ms 533ms	XHR text/html	2606:4700:3031::681c:171a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.facebook-log.cf/a/bz?m_sess=&fb_dtsg=AQHxYHfYqyM4%3AAQGc5Cc_869c&jazoest=22007&lsd=AVq9oA91&__dyn=0wzpaBwk8aU4ifDgy79pk2m3q12wAxu13w9y1DxW0Oohx60kO4o3Bw4Ewk9E4W0Io3jxO0So0zSUS1kw5Kwwyo1yojwdK0g6&__csr=&__req=2&__ajax__=AYl2Qk3H6EOsu3KV54SJyaxV6MUiDq2LqV8vNt-Q4nxZsWLYMPGKT2Amev19K5KMX2Nxsl9lgfASTBMagy3GRboRZbFe_bFqojAntUh-TnhyBA&__a=AYl2Qk3H6EOsu3KV54SJyaxV6MUiDq2LqV8vNt-Q4nxZsWLYMPGKT2Amev19K5KMX2Nxsl9lgfASTBMagy3GRboRZbFe_bFqojAntUh-TnhyBA&__user=0 Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/2UL5bF8PioM.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:171a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c555fb38bbd051ee943b94c18dc4d9af8af17df9ffab895616b9253c9e6ea59e Request headers Referer https://www.facebook-log.cf/ X-Requested-With XMLHttpRequest X_FB_BACKGROUND_STATE 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 X-Response-Format JSONStream Content-Type multipart/form-data; boundary=----WebKitFormBoundaryJ0nnbRKdzjNiWCys Response headers date Mon, 11 May 2020 03:17:49 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 404 x-turbo-charged-by LiteSpeed cf-ray 5918bfc2ed961f39-FRA cf-request-id 02a3562dcc00001f39329ce200000001
POST H2	404	bz Show response www.facebook-log.cf/a/	2 KB 847 B	534ms 534ms	XHR text/html	2606:4700:3031::681c:171a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.facebook-log.cf/a/bz?m_sess=&fb_dtsg=AQHxYHfYqyM4%3AAQGc5Cc_869c&jazoest=22007&lsd=AVq9oA91&__dyn=0wzpaBwk8aU4ifDgy79pk2m3q12wAxu13w9y1DxW0Oohx60kO4o3Bw4Ewk9E4W0Io3jxO0So0zSUS1kw5Kwwyo1yojwdK0g6&__csr=&__req=3&__ajax__=AYl2Qk3H6EOsu3KV54SJyaxV6MUiDq2LqV8vNt-Q4nxZsWLYMPGKT2Amev19K5KMX2Nxsl9lgfASTBMagy3GRboRZbFe_bFqojAntUh-TnhyBA&__a=AYl2Qk3H6EOsu3KV54SJyaxV6MUiDq2LqV8vNt-Q4nxZsWLYMPGKT2Amev19K5KMX2Nxsl9lgfASTBMagy3GRboRZbFe_bFqojAntUh-TnhyBA&__user=0 Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/2UL5bF8PioM.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:171a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c555fb38bbd051ee943b94c18dc4d9af8af17df9ffab895616b9253c9e6ea59e Request headers Referer https://www.facebook-log.cf/ X-Requested-With XMLHttpRequest X_FB_BACKGROUND_STATE 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 X-Response-Format JSONStream Content-Type multipart/form-data; boundary=----WebKitFormBoundaryQBmqmvvmvMeMOJgH Response headers date Mon, 11 May 2020 03:17:49 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 404 x-turbo-charged-by LiteSpeed cf-ray 5918bfc2ed9c1f39-FRA cf-request-id 02a3562dcf00001f39329cf200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice function| ProfilingCounters object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.facebook-log.cf/	1970-01-19 09:36:11	Name: wd Value: 1585x1200
			.facebook-log.cf/	1970-01-19 10:09:19	Name: __cfduid Value: d680ed20bdbe1f8a10dcbb3c272e6e0731589167065

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/DLjWBFy_-43.js?_nc_x=Ij3Wp8lg5Kz(Line 47) Message: ErrorUtils caught an error: Cannot set property 'isHandled' of null Subsequent errors won't be logged; see https://fburl.com/debugjs.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
static.xx.fbcdn.net
www.facebook-log.cf
2606:4700:3031::681c:171a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
086a7c7aeec7f638132ef91089aad948d97ab33cfa560ae885b68db5e6b862dc
0c69e07422329e13fa61ea6362bfcd8d5a52edc91a4c0424968efd4f5438ed08
1aae2f8de3a5985a617023b71ddaec42d19b7e02d3c5e91fef7a1fcd4299963b
22156fbed57fd83a77010b99c38cfed3c985cc8561cc19cf414981281c2ef405
2500e2ec9d0d61ac1ac1716b8daffcf426e6e6eb5a3d602ec0bde48aeee43663
3f9fc4177e481461a80da5b25fb503ae8553efb1e4f41a41fb6ff240c0f0c600
4dc57ad44928d2cc17e1fff5bdb990b63ca82f397dc6e70e78baec7bb6b26775
522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c550ca569beab09e518474a1f2f910b80068a7dfcc2369d0cc5d5671e7d0192
84f2812eae6702b0d6f283876e5ef1901c913d9244fea4cabf4f3d8ebef9d893
895c0228ec5d7b72009840da44e799e3b8a7f1b6838b9049b4806bb0854d8372
8f3a949215ad40fbc2ef67c1740145445aafd882215b520c6a54e33035fcf66c
a58b811b01139f699ada37a6a9bcdb5d3767790d6acc66a709750891a20fc6ba
a85b011f9368c3e49927b7cdd03ee434d355ecae208c329869f6598da4c692d9
c1b980e0eb02fdf0c27ff21816c32cd0893d6e32f56ea656ce83479d6811b12a
c555fb38bbd051ee943b94c18dc4d9af8af17df9ffab895616b9253c9e6ea59e
d34d3c2a7f22faafc54eda0bd574ea2ea491b4ed1b0c235683c8efaa9902f3b1
f79aa0a7e7032737134ce3c0feeb4db428d9c9af5319bc0ce73416d964b580fd