www.facebook.valkan.cl
Open in
urlscan Pro
170.75.248.201
Malicious Activity!
Public Scan
Submission: On April 15 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 15th 2020. Valid for: 3 months.
This is the only time www.facebook.valkan.cl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 170.75.248.201 170.75.248.201 | 393398 (ASN-DIS) (ASN-DIS) | |
31 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
3 4 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c | 32934 (FACEBOOK) (FACEBOOK) | |
39 | 5 |
ASN393398 (ASN-DIS, US)
PTR: server.clickhost.cl
www.facebook.valkan.cl |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net | |
connect.facebook.net |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
fbcdn.net
1 redirects
static.xx.fbcdn.net fbcdn.net |
920 KB |
4 |
valkan.cl
www.facebook.valkan.cl |
36 KB |
2 |
fbsbx.com
1 redirects
fbsbx.com |
142 B |
1 |
atdmt.com
cx.atdmt.com |
433 B |
1 |
facebook.net
connect.facebook.net |
232 B |
1 |
facebook.com
1 redirects
facebook.com www.facebook.com Failed |
320 B |
39 | 6 |
Domain | Requested by | |
---|---|---|
30 | static.xx.fbcdn.net |
www.facebook.valkan.cl
static.xx.fbcdn.net |
4 | www.facebook.valkan.cl |
static.xx.fbcdn.net
|
2 | fbsbx.com |
1 redirects
www.facebook.valkan.cl
|
1 | cx.atdmt.com |
www.facebook.valkan.cl
|
1 | connect.facebook.net |
www.facebook.valkan.cl
|
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
0 | www.facebook.com Failed |
static.xx.fbcdn.net
|
39 | 8 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
facebook.valkan.cl cPanel, Inc. Certification Authority |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
fbcdn.net DigiCert SHA2 High Assurance Server CA |
2020-01-25 - 2020-04-24 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2020-06-03 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.facebook.valkan.cl/
Frame ID: C5C1A25A9C5F95FFBC8F85895CEFC7FA
Requests: 36 HTTP requests in this frame
Frame:
https://fbsbx.com/captcha/recaptcha/iframe/?referer=https%3A%2F%2Fwww.facebook.com&compact=0
Frame ID: 0641ED2CC187EC5F95588DDA05A6CE17
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.valkan.cl/intern/common/referer_frame.php
Frame ID: A36F2A4E466B0E46264D0A4A8EB86931
Requests: 2 HTTP requests in this frame
16 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: ¿Olvidaste tu cuenta?
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: Svenska
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Desarrolladores
Search URL Search Domain Scan URL
Title: Opciones de anuncios
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://facebook.com/security/hsts-pixel.gif?c=3.2.5 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2.5 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif?c=5 HTTP 302
- https://connect.facebook.net/security/hsts-pixel.gif
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.facebook.valkan.cl/ |
127 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
U2Hs6Wjdcrb.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
375 KB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Q1yc7ZkGNEO.css
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2eHx9MWN5FF.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6p1uuxI96R0.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9rbDbtH4T88.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Si7vCumhXhM.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ |
125 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L5zNPb4jozN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
338 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OBaVg52wtTZ.png
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GsNJNwuI-UM.gif
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ |
522 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
connect.facebook.net/security/ Redirect Chain
|
43 B 232 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zUMespc760E.js
static.xx.fbcdn.net/rsrc.php/v3ioU64/yq/l/es_LA/ |
2 MB 348 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F5fJ75JdD_h.png
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kwovnGkGPEE.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DQDvQ2X3Nby.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DmtZWLqoTvz.png
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
80pwV3mH3G2.js
static.xx.fbcdn.net/rsrc.php/v3iq774/yW/l/es_LA/ |
51 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tgEF4FjgbnM.js
static.xx.fbcdn.net/rsrc.php/v3iP4Y4/yX/l/es_LA/ |
105 KB 45 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TvJ2TQv0JE5.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
E0NdecWuTKo.js
static.xx.fbcdn.net/rsrc.php/v3iH6v4/y3/l/es_LA/ |
27 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HdcGwZPvlHH.js
static.xx.fbcdn.net/rsrc.php/v3iwgz4/yN/l/es_LA/ |
158 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dU-Wft2otHI.js
static.xx.fbcdn.net/rsrc.php/v3iT184/y0/l/es_LA/ |
45 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BKb35NHzeGy.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
61 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5j1Gaz0MqA9.js
static.xx.fbcdn.net/rsrc.php/v3iMYi4/yb/l/es_LA/ |
142 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Jup0oH_oecF.js
static.xx.fbcdn.net/rsrc.php/v3iwml4/yF/l/es_LA/ |
59 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hlSpMU4c-NL.js
static.xx.fbcdn.net/rsrc.php/v3itKn4/yi/l/es_LA/ |
269 KB 63 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n7CwkwRRVC2.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
57 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6KqFq7q8hV0.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bvAF_B_U_oy.js
static.xx.fbcdn.net/rsrc.php/v3iEfs4/yE/l/es_LA/ |
40 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vQr7YfPc6Ap.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F18m7NFKMHz.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
referer_frame.php
www.facebook.valkan.cl/intern/common/ Frame 0641 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
referer_frame.php
www.facebook.valkan.cl/intern/common/ Frame A36F |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 233 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.facebook.com/ajax/bootloader-endpoint/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fbsbx.com/captcha/recaptcha/iframe/ Frame 0641 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Frame A36F |
42 B 433 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.facebook.com/ajax/bootloader-endpoint/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
www.facebook.valkan.cl/ajax/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/ajax/bootloader-endpoint/?modules=AsyncSignal&__user=0&__a=1&__dyn=7xe6FomK36Q5E5ObGexe8BWo5O12wAxu13wqovzEdEc8uw9-3K4o1j8hwem0nCq1ewcG0KEswdC1nwlU-cw5MKdwnU1oU881FU2YxW0ne0Ho&__csr=&__req=1&__beoa=0&__pc=PHASED%3ADEFAULT&dpr=1&__rev=1001991858&__s=%3Adech46%3A7falum&__hsi=6815787056782260816-0&__comet_req=0&__spin_r=1001991858&__spin_b=trunk&__spin_t=1586924087
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/ajax/bootloader-endpoint/?modules=CSSFade&__user=0&__a=1&__dyn=7xe6FomK36Q5E5ObGexe8BWo5O12wAxu13wqovzEdEc8uw9-3K4o1j8hwem0nCq1ewcG0KEswdC1nwlU-cw5MKdwnU1oU881FU2YxW0ne0Ho&__csr=&__req=2&__beoa=0&__pc=PHASED%3ADEFAULT&dpr=1&__rev=1001991858&__s=%3Adech46%3A7falum&__hsi=6815787056782260816-0&__comet_req=0&__spin_r=1001991858&__spin_b=trunk&__spin_t=1586924087
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI function| ProfilingCounters object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E string| _script_path object| onloadhooks object| domreadyhooks object| bigPipe function| AsyncRequest object| onafterunloadhooks object| onunloadhooks function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| __FB_STORE function| useragentcm object| PageTransitions object| onleavehooks boolean| domready boolean| loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.valkan.cl/ | Name: wd Value: 1600x1200 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
cx.atdmt.com
facebook.com
fbcdn.net
fbsbx.com
static.xx.fbcdn.net
www.facebook.com
www.facebook.valkan.cl
www.facebook.com
170.75.248.201
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
0006b6573691857d0856aa3fe6dfda7ca4f9e5c9b334f11aa48c93e3ff7d52f1
062f5287b2a7325c61202bb2a96706605c5e80ac870df0321b92541a3eef0353
07cb46f33e7703ed3f434026e423e259cc625c8a4efc9d6256480d3ece60729a
123b34494712675d74f90c488b4ee68a3e675d41091eafecf7063232f6163b7c
12d85aa47b02c34604bd589ec5d53ac95fdae78f590799564d3e85117529f939
1a5567a1291fa691a59940211c1ff0dac617b9ece8602781e9469b07db409ed3
205c699313e38c53a772b18887feb4bd1f4aed5d100a3900ee6d07074ff07ca4
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
23d12e27f0b50858c121fece2c2e62ea7389dee07479583de05fbe4d744c81ee
2de801698a4b25d98b2073c304567d80f84d8f76b4c072be020f453f5f1cba80
3282f6a5269175e95068d60df6d84223278c6017d226486d305836d34733794b
3462af6c03a2a0af90a466b4df7fd0ec149c83f16d26a4541b2b7defd765e80a
447931bdd58101efb2444d000df1cfb6a48e04afb5c4f042964ebce9aeb95457
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
5e2112646d4a00ef4fd7060cda3b277e44468534933c9f80ee22bb16664d047b
6061820251d6d7f01acfe6d19c2be395a06721ed319c799f15854827477c8645
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7016aa4e4c44068433c3f505cee18dbb5007b4baab680b62436970a0f4ec2f80
71cc102942feda01777c8b6642b4d3082b1d6060c27d5cdc9f4c07802bb8bd76
7478fec203c38c43a6385f1679fe41febb7fd812c3e48f5d17f565972e60b124
7bdc013159afb27c98c278505975db04f99cc8682382601fb170e0b419102b37
7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
8c6c85ef1393c9e888eb441a23e7547ba1d8032b46b71add8216a1268f183097
8cd4fbace2cfb229efbe56186db8413abd1aacebf448ed89a004738814f2a8a3
91aa339f3c48d1978885e8958cc313ae33e551a6598473451b4eba7c247fbdae
9aa22ab3eb7f691c4a9fbcc03b37f61973d18aae90b2dccb0eab06649809dece
adc9b206a96bf2d8b80aa01dd4369f57648c75dfdbc664a11678bfa4dc15eeaf
cdba425f89c83d73920c661c663efdea6bfcb6a82a46dffb1f2197102e37ac82
cf9cac0fa688e2c311617d6d62a9a54adffb006f5d90f9dc22b89b2f373cd9bd
e134f0361763ce611e412e8d2d035785078897136e78b974d4361e5923bf88e7
e78ac99d07c527bf7654e6dd35a07ad4c66077a2d347181e06333eaf0e18c5d4
f4287d1528382e5a28f80ea974fe73f74c6516bcf60cdabfc3f6202f1f6da03f
f90d8002919e3f2ff034b0d82c6e2758e05b41619b7eb4cc45ca9fd6376309e7