pay.affordablewindowsdoorsandmore.com
Open in
urlscan Pro
3.230.208.121
Public Scan
Submission Tags: @phishunt_io
Submission: On February 08 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 8th 2023. Valid for: a year.
This is the only time pay.affordablewindowsdoorsandmore.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 3.230.208.121 3.230.208.121 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 13.225.78.5 13.225.78.5 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 13.224.194.230 13.224.194.230 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 65.9.58.98 65.9.58.98 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 13.225.78.70 13.225.78.70 | 16509 (AMAZON-02) (AMAZON-02) | |
2 4 | 23.36.163.225 23.36.163.225 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a02:26f0:350... 2a02:26f0:3500:18::1724:a292 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
25 | 8 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-208-121.compute-1.amazonaws.com
pay.affordablewindowsdoorsandmore.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-5.fra2.r.cloudfront.net
poynt.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-230.fra2.r.cloudfront.net
d85ecz8votkqa.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-98.fra56.r.cloudfront.net
d2olcuyf08j3e6.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-70.fra2.r.cloudfront.net
cdn.poynt.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com
img1.wsimg.com | |
img6.wsimg.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
d85ecz8votkqa.cloudfront.net d2olcuyf08j3e6.cloudfront.net |
211 KB |
6 |
poynt.net
poynt.net — Cisco Umbrella Rank: 98008 cdn.poynt.net — Cisco Umbrella Rank: 121740 |
363 KB |
5 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13006 |
1 KB |
4 |
wsimg.com
2 redirects
img1.wsimg.com — Cisco Umbrella Rank: 7813 img6.wsimg.com — Cisco Umbrella Rank: 11160 |
23 KB |
4 |
affordablewindowsdoorsandmore.com
pay.affordablewindowsdoorsandmore.com |
66 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 23 |
20 KB |
25 | 6 |
Domain | Requested by | |
---|---|---|
6 | d85ecz8votkqa.cloudfront.net |
pay.affordablewindowsdoorsandmore.com
cdn.poynt.net |
5 | events.api.secureserver.net |
img1.wsimg.com
|
5 | cdn.poynt.net |
pay.affordablewindowsdoorsandmore.com
cdn.poynt.net |
4 | pay.affordablewindowsdoorsandmore.com |
pay.affordablewindowsdoorsandmore.com
|
2 | img6.wsimg.com |
pay.affordablewindowsdoorsandmore.com
|
2 | img1.wsimg.com | 2 redirects |
1 | www.google-analytics.com |
cdn.poynt.net
|
1 | d2olcuyf08j3e6.cloudfront.net |
pay.affordablewindowsdoorsandmore.com
|
1 | poynt.net |
pay.affordablewindowsdoorsandmore.com
|
25 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pay.affordablewindowsdoorsandmore.com Go Daddy Secure Certificate Authority - G2 |
2023-02-08 - 2024-02-08 |
a year | crt.sh |
*.poynt.net Go Daddy Secure Certificate Authority - G2 |
2022-12-07 - 2024-01-08 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2022-08-05 - 2023-09-06 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://pay.affordablewindowsdoorsandmore.com/
Frame ID: 745C8565B0C069C2B0CFF0821C399CE0
Requests: 13 HTTP requests in this frame
Frame:
https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=430px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&displayComponents%5BsubmitButton%5D=false&displayComponents%5Baddress%5D=false&displayComponents%5Bstate%5D=false&displayComponents%5Bcountry%5D=false&displayComponents%5Bphone%5D=false&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bmargin-bottom%5D=3px&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&emailReceipt=true&businessId=91d4cfe3-89e7-4e43-888c-4665f27300c5&applicationId=urn%3Aaid%3Apoynt.net&parentUrl=pay.affordablewindowsdoorsandmore.com&isV2=true&useMessagePort=true&enableReCaptcha=false&enableCardOnFile=false&breakcache=2023-02-08T23:00:59.331Z
Frame ID: 088D2C29F7460E2993232A8D648F13DC
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Online Payment @ Affordable Windows, Doors & MoreDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
- https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
- https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
pay.affordablewindowsdoorsandmore.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
poynt.net/snippet/poynt-collect/ |
193 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.b40b3.css
pay.affordablewindowsdoorsandmore.com/build/checkout/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.6bde8.js
pay.affordablewindowsdoorsandmore.com/build/checkout/ |
195 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default
pay.affordablewindowsdoorsandmore.com/api/paylinks/ |
828 B 821 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
godaddy-paleblue.png
d85ecz8votkqa.cloudfront.net/payments-hub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00-45-41-192f8aff-9623-48fd-b130-0e62f3a2d432.png
d2olcuyf08j3e6.cloudfront.net/production/2023/02/08/ |
58 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
collect.js
cdn.poynt.net/ |
460 KB 100 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/ Redirect Chain
|
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
cdn.poynt.net/collect/ Frame 088D |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.c3f8ce30.chunk.css
cdn.poynt.net/collect/static/css/ Frame 088D |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.dfe4270b.chunk.js
cdn.poynt.net/collect/static/js/ Frame 088D |
594 KB 193 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.bc7fbc94.chunk.js
cdn.poynt.net/collect/static/js/ Frame 088D |
88 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 088D |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/ Frame 088D Redirect Chain
|
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame 088D |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame 088D |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-regular.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame 088D |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame 088D |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame 088D |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame 088D |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 306 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 306 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| _trfd function| sendMessage function| checkHeight object| observer function| PoyntCollect function| TokenizeJs boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
poynt.net/ | Name: AWSALBCORS Value: PbIZOdo3k6JiWDJyvA17I1YOZNmQoduWiES+w2FpcZk9EHsTEdAMZ5S1qwIbNdNcs0HfdlYMrrxFtksMQ9/iekvcEnvXxXU6sgpmDGpUdYxeKTAmXIZF6l9R2NVw |
|
.affordablewindowsdoorsandmore.com/ | Name: _tccl_visitor Value: 303213aa-2196-55f3-ba57-d21a53b46a43 |
|
.affordablewindowsdoorsandmore.com/ | Name: _tccl_visit Value: 303213aa-2196-55f3-ba57-d21a53b46a43 |
|
.affordablewindowsdoorsandmore.com/ | Name: mp_b3053c0785212011971a15669b094404_mixpanel Value: %7B%22distinct_id%22%3A%20%221863342c49ba7f-06cc1e6aab5fcc-1932327c-1d4c00-1863342c49ca8e%22%2C%22%24device_id%22%3A%20%221863342c49ba7f-06cc1e6aab5fcc-1932327c-1d4c00-1863342c49ca8e%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.poynt.net
d2olcuyf08j3e6.cloudfront.net
d85ecz8votkqa.cloudfront.net
events.api.secureserver.net
img1.wsimg.com
img6.wsimg.com
pay.affordablewindowsdoorsandmore.com
poynt.net
www.google-analytics.com
13.224.194.230
13.225.78.5
13.225.78.70
23.36.163.225
2a00:1450:4001:808::200e
2a02:26f0:3500:18::1724:a292
3.230.208.121
65.9.58.98
0ae704ed3181c2bcb959f3859672fbd0e71db95264615b092d255e597f33e506
14cec74614ba47073d9e12a5f544835170033268c269e51ee71c60bf404b53e1
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7
4345617752488f1a018bb63a3874eafb079d1335e2c09452227eb4a5f6edd7a1
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f
48284db2de5f0da205ed5bbc4eddfa484fc49a410438fa12d2ac42923c74f848
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
725efb02cefbdfe7823b87e568d462cab8a699979d004a148d6ede32f0ac2c5c
858f3f1f064a3b2854d52e97074b60d2f23fbaa077fc5eca4ffc78b43dacd6ba
8692eb47ff77cffced9c9a3401f4c26a4a4b8fdece32f59e5737ac69c4967af5
97295cea001f1806f7ab973ff388da4f7f224b6fd27e807837659d6adf971cc3
9e2f30e2dc9f1f438cac367b37bc410b64cb06c449c99df92728466caad011e3
a63a03d8fdcc241988e39e2cb1ea0463d303f685a801160665f11c9779b818c4
ad42ea78e472d3a480a336bfe80aca933eb70d062495ea60f173407949823848
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cd21b6083510f9298d36868756df587a9cf034ac19bdc5fcbe16d835c3b34aed
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b