darrenhousing.xyz
Open in
urlscan Pro
2606:4700:3037::ac43:b6a9
Malicious Activity!
Public Scan
Submission: On September 30 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by E1 on August 18th 2022. Valid for: 3 months.
This is the only time darrenhousing.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2606:4700:303... 2606:4700:3037::ac43:b6a9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
34 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 743 |
261 KB |
4 |
darrenhousing.xyz
darrenhousing.xyz |
46 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 30 |
3 KB |
0 |
2m.ma
Failed
2m.ma Failed |
|
34 | 4 |
Domain | Requested by | |
---|---|---|
27 | static.xx.fbcdn.net |
darrenhousing.xyz
static.xx.fbcdn.net |
4 | darrenhousing.xyz |
darrenhousing.xyz
|
1 | facebook.com |
darrenhousing.xyz
|
0 | 2m.ma Failed | |
34 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.darrenhousing.xyz E1 |
2022-08-18 - 2022-11-16 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-07-09 - 2022-10-07 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://darrenhousing.xyz/
Frame ID: 4EE2AC41DA9D4B87E86F391F1F6B0C2E
Requests: 32 HTTP requests in this frame
Frame:
https://darrenhousing.xyz/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664496000
Frame ID: BF600F103511FE165CA8045DEE243425
Requests: 3 HTTP requests in this frame
21 Outgoing links
These are links going to different origins than the main page.
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Español (España)
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad choices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://darrenhousing.xyz/ajax/bz?__a=1&__ccg=GOOD&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU&__hs=19194.BP%3ADEFAULT.2.0.0.0.0&__hsi=7122772222890847793&__jssesw=1&__req=1&__rev=1005885962&__s=9txogd%3A049t64%3A8bq9du&__spin_b=trunk&__spin_r=1005885962&__spin_t=1658399641&__user=0&dpr=1&jazoest=2969&lsd=AVqPFhNhbDg HTTP 0
- http://2m.ma/
- https://darrenhousing.xyz/ajax/bz?__a=1&__ccg=GOOD&__comet_req=0&__dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5MKdwnU1oU884y0lW0SU2swdq0Ho2ew4Kw5rwSyE1582ZwrU&__hs=19194.BP%3ADEFAULT.2.0.0.0.0&__hsi=7122772222890847793&__jssesw=1&__req=2&__rev=1005885962&__s=9txogd%3A049t64%3A8bq9du&__spin_b=trunk&__spin_r=1005885962&__spin_t=1658399641&__user=0&dpr=1&jazoest=2969&lsd=AVqPFhNhbDg HTTP 0
- http://2m.ma/
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
darrenhousing.xyz/ |
72 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ahHlrk9HMHV.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fARQz3e8huT.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c6s2T6ddsvt.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7JaG8yRCUqE.css
static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JgyEeZA6YIr.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nG7XmC3cZWM.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
1 KB 915 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wNWWb71hic0.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
320 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 977 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UT__Kk2I4Uh.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
U6-FknelVAN.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
A6yRDMpawsE.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yc/l/en_US/ |
61 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c2axVxSEbYE.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ |
59 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sczXDyPA0UL.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
516 B 337 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9r8JqCgJvpo.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
darrenhousing.xyz/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame BF60 |
39 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4Sl2Pg6mrU9.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BT8w9HZghpi.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
101 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
i3OoKLnM9WD.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ |
43 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JVRu-BrVDXT.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
49 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pslzeMSEB_a.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
18 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8cfEJlHevsz.js
static.xx.fbcdn.net/rsrc.php/v3iqES4/yX/l/en_US/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8gjIqkUnBC6.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UQc13wnoWNb.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ |
11 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FDRfgBZR4fg.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OlHYpAFxGPO.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
2 KB 886 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
B1QkyGvU3pd.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
XRBIW2_mxwG.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
2m.ma/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pica.js
darrenhousing.xyz/cdn-cgi/challenge-platform/h/b/scripts/ Frame BF60 |
23 KB 8 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7528fc645d3faf2e
darrenhousing.xyz/cdn-cgi/challenge-platform/h/b/cv/result/ Frame BF60 |
2 B 663 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
2m.ma/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 2m.ma
- URL
- http://2m.ma/
- Domain
- 2m.ma
- URL
- http://2m.ma/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| envFlush object| Env number| __DEV__ boolean| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| __FB_STORE function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onleavehooks boolean| domready object| onafterunloadhooks boolean| loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.darrenhousing.xyz/ | Name: __cf_bm Value: qsjuHN4BtYNGIEA8mzgOtOdCL_QnXcUKGxWIwtWnDbg-1664499253-0-AeRV+sUjR8tX+f9fkKJC34+xk5Iu901LAP0B43KT7sD5OiDlW24T2Eon6ldGNKTI1OEDjeQcqAke8T5DFtqZ4kTG2mksgOHiB+WpNX7Y+vtgj7Yf/Nr3D/mqYJWMNkTQJw== |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2m.ma
darrenhousing.xyz
facebook.com
static.xx.fbcdn.net
2m.ma
2606:4700:3037::ac43:b6a9
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
018dd55724526a50749dd0b7c1eeebae88dab50092c4bb03891a83f093c38af4
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d9c4f716ade218fe47c8ff6c6384993b14c643dd67bf6a615d6bc5c44c85576
36e1b931cfe9fbc1d5cd4473962d904de08cd9621614b30877d74d466c6d8ffb
40fb6c2feae50a4e0e40b4994ac2b91dfb87f79bb5f5df15debb9c8e1f1abd08
4457eb27e6f89f7c41b22009c8720d80632a487bfb0878b8649fb014b50ce52f
49efaa645bce451d9bdbaff57c0bf3a7040f4c09badd304ae2c3536e6efe2e9f
4c7201a5f13a41d1579610a715238abb239dc1468fc5df74a80288c354e56986
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582ffb4e9d2b265d0d72c8d55328ff460f9fd2090e7e683dcf1ec166bc030ff4
5b7936ddfe2626e73ed0b1f6af4655424a9add2350373316c6ba87af342d5b0d
61089184fa1bb9116ac481f5854bf77afeb3f680445b2fec5de24ad9158ec8f2
6184cf9e35abd703fcaeda2a32ec896f7729f6a8bc2c8627e6cb247e5cd8dc06
66b9b61bdebcbf57847dadc0f16f41b178e61732eb89ab4d9ab17aed0f05dead
693131fb11657f72a5d54258c203a3f37d0b6fdc0da212eb4ddf8ffd4d846088
6fdde1bbfd352560d7a2174c2ec46cb3567ab7f2bf28ca71a5e0f788d91544dc
78f6fa1f28687d3197574b3098b7a84fc6a46e64d78752ce99e8e1e99645842b
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
89cd38f72ca10b689fad42c4454155a30d54f74a423b5ad17859f530d3135ebc
8e893bfafcabaf77060b11795e28c711ccb1689505bb6783c92d3be302620167
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
b01ed95a55fe0c0a42264a75c784730b144351831fbda2f8f9c4925f363f3b72
bf3a049dd30911b98adcf6aab0d9ebfaca8264e6afc3cb9dfdf782ec63d93ebe
cba9a41d980dffd996dde8bc556d9ca5835c09af7598f9afa11c46e1c8ab3b5b
d41fb2d0404d75649fdf83764d7d62c8a6b2f205f9c5b16f8716695497142993
d83f4b4b5e3086b097435a11c3108fc8137a752db1fdf3813342cb3db701bdf9
d91fd46b21c5f33adb9dba8892de3580bdd245e77811437f65fd1a49e97d1d42
dcb09b2c0a8d4f1e6a8de88ffea5c27b8493fd7d8fa28fd7f0cd6b859387dc8f
e10af57c9fc6cc7c4e062d6625f4228e372e7be16f87d904d7ebdeed9350777a
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
f025927527efe822651cee830c8bc5aecb10ff570009818dd930d44a2f35c416
f0803a3e57413b1bc30a5589ee7ff5f6a4646f5a4dd8a8ddcbc7274c33f217f6