origin8now.com
Open in
urlscan Pro
40.64.128.228
Public Scan
Submission Tags: @phishunt_io
Submission: On February 13 via api from ES
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 1st 2020. Valid for: 2 years.
This is the only time origin8now.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
origin8now.com | |
origin8-svc-prd.azurewebsites.net |
ASN- ()
PTR: ac581fb06a21ff400.awsglobalaccelerator.com
www.sagepayments.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
origin8now.com
origin8now.com |
5 MB |
5 |
googleapis.com
fonts.googleapis.com maps.googleapis.com |
126 KB |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
63 KB |
2 |
visualstudio.com
dc.services.visualstudio.com |
581 B |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
azurewebsites.net
origin8-svc-prd.azurewebsites.net |
5 KB |
2 |
google.com
www.google.com |
1 KB |
1 |
windows.net
origin8prd.blob.core.windows.net |
702 KB |
1 |
google.de
www.google.de |
505 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
445 B |
1 |
gstatic.com
www.gstatic.com |
130 KB |
1 |
msecnd.net
az416426.vo.msecnd.net |
22 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
39 KB |
1 |
sagepayments.net
www.sagepayments.net |
7 KB |
40 | 14 |
Domain | Requested by | |
---|---|---|
17 | origin8now.com |
origin8now.com
|
4 | maps.googleapis.com |
origin8now.com
maps.googleapis.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | www.google-analytics.com |
www.googletagmanager.com
az416426.vo.msecnd.net |
2 | origin8-svc-prd.azurewebsites.net |
az416426.vo.msecnd.net
|
2 | www.google.com |
origin8now.com
|
1 | origin8prd.blob.core.windows.net |
origin8now.com
|
1 | www.google.de |
origin8now.com
|
1 | stats.g.doubleclick.net |
az416426.vo.msecnd.net
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
origin8now.com
|
1 | www.gstatic.com |
www.google.com
|
1 | az416426.vo.msecnd.net |
origin8now.com
|
1 | www.googletagmanager.com |
origin8now.com
|
1 | www.sagepayments.net |
origin8now.com
|
1 | fonts.googleapis.com |
origin8now.com
|
40 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.origin8now.com Go Daddy Secure Certificate Authority - G2 |
2020-06-01 - 2022-06-01 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.sagepayments.net Network Solutions OV Server CA 2 |
2020-07-15 - 2022-08-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-04-16 - 2022-04-21 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.azurewebsites.net Microsoft RSA TLS CA 01 |
2020-09-28 - 2021-09-28 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 02 |
2020-11-20 - 2021-11-20 |
a year | crt.sh |
in.applicationinsights.azure.com Microsoft RSA TLS CA 01 |
2021-02-11 - 2022-02-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://origin8now.com/partners/plyrs
Frame ID: 51B27994D11E337DDDEF8B39D4017293
Requests: 38 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 36EB5FABBA0BF33605F48B21E2702D60
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
plyrs
origin8now.com/partners/ |
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles
origin8now.com/bundles/ |
1 MB 237 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie10-viewport-bug-workaround.css
origin8now.com/content/ |
446 B 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr
origin8now.com/bundles/ |
11 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
371 B 769 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 968 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Origin8_loader.gif
origin8now.com/images/ |
89 KB 89 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
origin8now.com/bundles/ |
88 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
131 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap
origin8now.com/bundles/ |
36 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angularjs
origin8now.com/bundles/ |
4 MB 2 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pay.min.js
www.sagepayments.net/pay/1.0.2/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie10-viewport-bug-workaround.js
origin8now.com/scripts/ |
664 B 912 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app
origin8now.com/bundles/ |
3 MB 586 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
templates
origin8now.com/bundles/ |
3 MB 539 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kendoui.woff
origin8now.com/Content/kendo/images/ |
63 KB 63 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proxima-nova-alt-regular-webfont.woff
origin8now.com/fonts/ |
24 KB 24 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ |
332 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1441112.js
static.hotjar.com/c/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.47c8b2ab63e7e626e930.js
script.hotjar.com/ |
224 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getpartnerbywebdomainname
origin8-svc-prd.azurewebsites.net/api/partners/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getpartnerbywebdomainname
origin8-svc-prd.azurewebsites.net/api/partners/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
log-in-icon.png
origin8now.com/images/ |
497 B 784 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-lg.png
origin8now.com/images/ |
145 KB 146 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-landing.jpg
origin8now.com/images/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
montserrat-v10-latin-regular.woff2
origin8now.com/fonts/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 36EB |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 206 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 445 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 296 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 505 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PartnerLogo_4690dcab-d3f4-4ef4-b904-0dc3719c5c19_1983.jpg
origin8prd.blob.core.windows.net/partnerlogos/ |
701 KB 702 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/43/8/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/43/8/ |
145 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 407 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
462 B 581 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| appInsights object| html5 object| Modernizr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| hj object| _hjSettings object| AI object| Microsoft function| __extends function| _endsWith object| recaptcha function| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| wizardButtonDirective object| angular object| ngMaterial object| @uirouter/angularjs function| _ function| moment function| JSZip object| kendo function| PayJS function| requirejs function| require function| define function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _xdc_0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
39 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
maps.googleapis.com
origin8-svc-prd.azurewebsites.net
origin8now.com
origin8prd.blob.core.windows.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sagepayments.net
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:800::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:400c:c04::9c
40.64.128.228
40.79.138.41
52.239.236.228
65.9.94.17
65.9.94.35
65.9.94.4
99.83.152.193
03edef7dd1964cc24d216aba1071358189d76b2ad32ae379a477c9e89c6245b0
36eaacec57a504802c8b8697481b4ae42ed264184608c8a85080c73029cf07d6
3a776234892e76fe2105236a8fa5f1ba40b18bb735fff77159f096f7a21aa350
3db577869cbe9e2e300e6575965aa1c63ae1054fbbd66aa166c8efb04d5c706f
4343706f83b4a5fff3c5b0e2c55c0e757728f3f551fcc91d3e94e86d4e624bc6
4a44b36877611829e53896be05f3155a61b3123de7117086b3351610cf6067e8
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
67ce2e3c97c4165e68d56c69b5ff92c18e9e547d2939e3bbcb8293e548c8bbed
69df3c238a235b54b0e3a88565935e0322cf9e48ab06bb4b32b6ea6836edf8d6
70cdf677a2505b1fe965a20a1f3f51253fb4e750a9e4561b572d93eb2e1564d3
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003
77fbc60edd998cd701b033e567fdb0db81c8cb1170ad32e3b8cfb26ed7da0aa6
7c2a3c7b4de6a6ef709ce7b013148bb56839367b56605d8e0c028790b7be153b
8329d2b4c1c7c96260d03217cae87833a6d0ff4196fa889ddb239641198db846
84b0f48253f9db9755374848913a382791d45080720cbddb350d0433d39aa27e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89e4218e1cecdd8bd82a4f77123819952c4a51e9a305142c2ed197ad31451e8f
922efc835d83e77575feee4259d6c9f760244414acf2bc02e23b1182d3621543
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
9b8eec93028c89005ef7c1d2225b10dacdc091b5cd20d3f771d323869d2d4f95
9d891ef737df4c41b6ba3e0d839310ed66090db5770bcd463a0a173b9e8444fc
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
ae5237b82b0b640822d5aa6c3ac444e3713971530f89664e4ff876275b3af569
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
c50d073c29d773de8204e015c4fed886ab57ae6e8a8f4e58ef9ca99dfacebee0
d936d9e4ac6ef685995239b92b4cf75e2cb1b343093e5431c0e5730b9d2b3960
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19fb3c0e18b8e5a8a57150440dda1c6b03c17fdb9f014003a52732f8da63436
e37c5391c6766895508e0c5e48baeff94effd87d0292d02366b65c3d4e24b82a
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb851b9d94968eb33ae7a62bd2fe297b11e0b1d3964c799b03d7c68d66cd274
fa77b6e37a688c8971746d0dc4380541d7e973516ef5fa53d90abb8fe0726b4f
ffcd26592e55e36db49e1a3ef03af488b640abf0e49e934a6fe82d61899ce031