origin8now.com
Open in
urlscan Pro
40.64.128.228
Public Scan
Effective URL: https://origin8now.com/partners/plyrs/login/
Submission: On February 12 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 1st 2020. Valid for: 2 years.
This is the only time origin8now.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
login.playerslending.com |
ASN16509 (AMAZON-02, US)
PTR: ac581fb06a21ff400.awsglobalaccelerator.com
www.sagepayments.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-31.fra2.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
origin8now.com
origin8now.com |
5 MB |
5 |
googleapis.com
fonts.googleapis.com maps.googleapis.com |
125 KB |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
63 KB |
2 |
visualstudio.com
dc.services.visualstudio.com |
464 B |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
google.com
www.google.com |
1 KB |
1 |
google.de
www.google.de |
107 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
87 B |
1 |
gstatic.com
www.gstatic.com |
332 KB |
1 |
msecnd.net
az416426.vo.msecnd.net |
22 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
1 |
sagepayments.net
www.sagepayments.net |
7 KB |
1 |
playerslending.com
1 redirects
login.playerslending.com |
143 B |
40 | 13 |
Domain | Requested by | |
---|---|---|
20 | origin8now.com |
origin8now.com
|
4 | maps.googleapis.com |
origin8now.com
maps.googleapis.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | www.google-analytics.com |
www.googletagmanager.com
az416426.vo.msecnd.net |
2 | www.google.com |
origin8now.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | www.google.de |
origin8now.com
|
1 | stats.g.doubleclick.net |
az416426.vo.msecnd.net
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
origin8now.com
|
1 | www.gstatic.com |
www.google.com
|
1 | az416426.vo.msecnd.net |
origin8now.com
|
1 | www.googletagmanager.com |
origin8now.com
|
1 | www.sagepayments.net |
origin8now.com
|
1 | fonts.googleapis.com |
origin8now.com
|
1 | login.playerslending.com | 1 redirects |
40 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.origin8now.com Go Daddy Secure Certificate Authority - G2 |
2020-06-01 - 2022-06-01 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.sagepayments.net Network Solutions OV Server CA 2 |
2020-07-15 - 2022-08-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-04-16 - 2022-04-21 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
in.applicationinsights.azure.com Microsoft RSA TLS CA 01 |
2021-02-11 - 2022-02-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://origin8now.com/partners/plyrs/login/
Frame ID: 6AA5819382E94F8C02EBA43D8182D396
Requests: 38 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: ACCAEFB2C092FF969517AED49065B4A8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://login.playerslending.com/
HTTP 302
https://origin8now.com/partners/plyrs/login/ Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.playerslending.com/
HTTP 302
https://origin8now.com/partners/plyrs/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
origin8now.com/partners/plyrs/login/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles
origin8now.com/bundles/ |
1 MB 237 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie10-viewport-bug-workaround.css
origin8now.com/content/ |
446 B 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr
origin8now.com/bundles/ |
11 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
371 B 396 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Origin8_loader.gif
origin8now.com/images/ |
89 KB 89 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
origin8now.com/bundles/ |
88 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
131 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap
origin8now.com/bundles/ |
36 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angularjs
origin8now.com/bundles/ |
4 MB 2 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pay.min.js
www.sagepayments.net/pay/1.0.2/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie10-viewport-bug-workaround.js
origin8now.com/scripts/ |
664 B 912 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app
origin8now.com/bundles/ |
3 MB 586 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
templates
origin8now.com/bundles/ |
3 MB 539 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kendoui.woff
origin8now.com/Content/kendo/images/ |
63 KB 63 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proxima-nova-alt-regular-webfont.woff
origin8now.com/fonts/ |
24 KB 24 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ |
332 KB 332 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1441112.js
static.hotjar.com/c/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.47c8b2ab63e7e626e930.js
script.hotjar.com/ |
224 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 65 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.com/ads/ |
42 B 483 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Origin8_loader.gif
origin8now.com/images/ |
89 KB 89 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
log-in-icon.png
origin8now.com/images/ |
497 B 784 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
back.png
origin8now.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-lg.png
origin8now.com/images/ |
145 KB 146 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-landing.jpg
origin8now.com/images/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
origin8now.com/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
montserrat-v10-latin-regular.woff2
origin8now.com/fonts/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
324 B 464 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame ACCA |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
common.js
maps.googleapis.com/maps-api-v3/api/js/43/8/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
util.js
maps.googleapis.com/maps-api-v3/api/js/43/8/ |
145 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 248 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| appInsights object| html5 object| Modernizr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| hj object| _hjSettings function| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| wizardButtonDirective object| angular object| ngMaterial object| @uirouter/angularjs function| _ function| moment function| JSZip object| kendo function| PayJS function| requirejs function| require function| define function| gtag object| dataLayer object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData object| _xdc_7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.origin8now.com/ | Name: _hjFirstSeen Value: 1 |
|
.origin8now.com/ | Name: _hjid Value: 9f237067-abc7-452f-94bf-7c753931df48 |
|
.origin8now.com/ | Name: _ga Value: GA1.2.1441733443.1613169164 |
|
origin8now.com/ | Name: ai_session Value: uYp9J|1613169163900.895|1613169163900.895 |
|
.origin8now.com/ | Name: _gat_gtag_UA_61934038_10 Value: 1 |
|
.origin8now.com/ | Name: _gid Value: GA1.2.1544904719.1613169164 |
|
origin8now.com/ | Name: ai_user Value: RPLyx|2021-02-12T22:32:43.828Z |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
login.playerslending.com
maps.googleapis.com
origin8now.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sagepayments.net
13.224.196.31
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:800::200e
2a00:1450:4001:809::2008
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::2013
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9c
40.64.128.228
40.79.138.41
65.9.94.89
65.9.94.95
75.2.0.120
047530e854ced4fbfb0be76d31c4ef4bea6cc6887a37a5ddb633f8776949b145
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34908134efe377fa4b75589815fadddec2d552673c6536cbcc49c1bc6d91de48
36eaacec57a504802c8b8697481b4ae42ed264184608c8a85080c73029cf07d6
3a776234892e76fe2105236a8fa5f1ba40b18bb735fff77159f096f7a21aa350
3db577869cbe9e2e300e6575965aa1c63ae1054fbbd66aa166c8efb04d5c706f
3e8e0743d4adf7a99ee866fbcc4b81e83ef576868f5a5bbc784d6236209257ed
4343706f83b4a5fff3c5b0e2c55c0e757728f3f551fcc91d3e94e86d4e624bc6
4a44b36877611829e53896be05f3155a61b3123de7117086b3351610cf6067e8
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
5cf0f29fa535b9ec7afcf219f189ee8fe09d93ee253f62c3d60ab9c9b474d377
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
69df3c238a235b54b0e3a88565935e0322cf9e48ab06bb4b32b6ea6836edf8d6
70cdf677a2505b1fe965a20a1f3f51253fb4e750a9e4561b572d93eb2e1564d3
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003
77fbc60edd998cd701b033e567fdb0db81c8cb1170ad32e3b8cfb26ed7da0aa6
7c2a3c7b4de6a6ef709ce7b013148bb56839367b56605d8e0c028790b7be153b
816273f80d71753096a2363a6d5e6c605572406f935d5af5e933102eafbb1a06
8329d2b4c1c7c96260d03217cae87833a6d0ff4196fa889ddb239641198db846
84b0f48253f9db9755374848913a382791d45080720cbddb350d0433d39aa27e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89e4218e1cecdd8bd82a4f77123819952c4a51e9a305142c2ed197ad31451e8f
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
9b8eec93028c89005ef7c1d2225b10dacdc091b5cd20d3f771d323869d2d4f95
9d891ef737df4c41b6ba3e0d839310ed66090db5770bcd463a0a173b9e8444fc
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
ae5237b82b0b640822d5aa6c3ac444e3713971530f89664e4ff876275b3af569
b141d5e9654c55aa09e31f0bcd3e75c1ebcc6b4cfb237a2898918025f298ed5a
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
c50d073c29d773de8204e015c4fed886ab57ae6e8a8f4e58ef9ca99dfacebee0
d936d9e4ac6ef685995239b92b4cf75e2cb1b343093e5431c0e5730b9d2b3960
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e37c5391c6766895508e0c5e48baeff94effd87d0292d02366b65c3d4e24b82a
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629