positivepromotions.formstack.com
Open in
urlscan Pro
18.66.15.13
Public Scan
Effective URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Submission: On April 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on March 20th 2023. Valid for: a year.
This is the only time positivepromotions.formstack.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.42.80.126 52.42.80.126 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 18.66.15.13 18.66.15.13 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.231.166.152 54.231.166.152 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.32.110.48 13.32.110.48 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2a02:26f0:480... 2a02:26f0:480:e::210:f113 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 104.244.42.8 104.244.42.8 | 13414 (TWITTER) (TWITTER) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
31 | 9 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-80-126.us-west-2.compute.amazonaws.com
posimail.positivepromotions.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-13.vie50.r.cloudfront.net
positivepromotions.formstack.com | |
static.formstack.com | |
www.formstack.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-48.vie50.r.cloudfront.net
www.positivepromotions.com |
ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net | |
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
formstack.com
positivepromotions.formstack.com static.formstack.com — Cisco Umbrella Rank: 25208 www.formstack.com — Cisco Umbrella Rank: 44829 |
217 KB |
6 |
twitter.com
platform.twitter.com — Cisco Umbrella Rank: 793 syndication.twitter.com — Cisco Umbrella Rank: 1106 |
149 KB |
2 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 760 |
133 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161 |
89 KB |
2 |
positivepromotions.com
1 redirects
posimail.positivepromotions.com — Cisco Umbrella Rank: 597880 www.positivepromotions.com — Cisco Umbrella Rank: 270886 |
48 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 109 |
15 KB |
1 |
linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3552 |
160 KB |
1 |
amazonaws.com
s3.amazonaws.com |
8 KB |
31 | 8 |
Domain | Requested by | |
---|---|---|
13 | static.formstack.com |
positivepromotions.formstack.com
|
4 | platform.twitter.com |
positivepromotions.formstack.com
platform.twitter.com |
3 | positivepromotions.formstack.com |
positivepromotions.formstack.com
static.formstack.com |
2 | static.xx.fbcdn.net |
www.facebook.com
|
2 | syndication.twitter.com |
platform.twitter.com
|
2 | connect.facebook.net |
positivepromotions.formstack.com
connect.facebook.net |
1 | www.facebook.com |
connect.facebook.net
|
1 | platform.linkedin.com |
positivepromotions.formstack.com
|
1 | www.formstack.com |
positivepromotions.formstack.com
|
1 | www.positivepromotions.com |
positivepromotions.formstack.com
|
1 | s3.amazonaws.com |
positivepromotions.formstack.com
|
1 | posimail.positivepromotions.com | 1 redirects |
31 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.formstack.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.formstack.com Amazon RSA 2048 M02 |
2023-03-20 - 2024-04-17 |
a year | crt.sh |
s3.amazonaws.com Amazon RSA 2048 M01 |
2022-12-06 - 2023-12-05 |
a year | crt.sh |
www.positivepromotions.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-10 - 2023-11-10 |
a year | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-06 - 2023-11-06 |
a year | crt.sh |
platform.linkedin.com DigiCert SHA2 Secure Server CA |
2022-06-09 - 2023-06-09 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-01-20 - 2023-04-20 |
3 months | crt.sh |
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://positivepromotions.formstack.com/forms/healthcarequotesjq
Frame ID: 09AF2F49A4EAC237FCB211DA8E68117E
Requests: 25 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Frame ID: 016C4D72C242066A1B1324BFAE8C1AA9
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df803e626e3b5a4%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff177e0be8e3ffc4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Frame ID: F0E20A3330719A3F8628C21F72EAF6A3
Requests: 3 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 62D2A403E9AF01BB7A18EA44A33EFAAC
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Healthcare Quotes - John Quintana - FormstackPage URL History Show full URLs
-
https://posimail.positivepromotions.com/rd/9z4zcacp9o07aq0q8majc4tcsc2jevbehgr55issvmo_rp22sh2s8i66p37cpj60or24no
HTTP 302
https://positivepromotions.formstack.com/forms/healthcarequotesjq Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Linkedin (Widgets) Expand
Detected patterns
- //platform\.linkedin\.com/in\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Formstack
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://posimail.positivepromotions.com/rd/9z4zcacp9o07aq0q8majc4tcsc2jevbehgr55issvmo_rp22sh2s8i66p37cpj60or24no
HTTP 302
https://positivepromotions.formstack.com/forms/healthcarequotesjq Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
healthcarequotesjq
positivepromotions.formstack.com/forms/ Redirect Chain
|
62 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ |
2 KB 879 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui_eb08fdf84b.css
static.formstack.com/forms/css/3/ |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default_637050611e.css
static.formstack.com/forms/css/3/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uil-static.css
static.formstack.com/common/css/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ |
170 B 504 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
292622_tmpl_head_6001b52c8d710.
s3.amazonaws.com/files.formstack.com/public/502701/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tlvlhlc.jpg
www.positivepromotions.com/images/art/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stacklock.png
www.formstack.com/admin/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-fill-button.png
positivepromotions.formstack.com/admin/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
91 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.js
platform.linkedin.com/ |
509 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min_1d14cd3798.js
static.formstack.com/forms/js/3/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min_42a497cb9f.js
static.formstack.com/forms/js/3/ |
82 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts_0edcde2e8b.js
static.formstack.com/forms/js/3/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics_7d49daa365.js
static.formstack.com/forms/js/3/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libphonenumber-min_6f64debfdd.js
static.formstack.com/forms/js/3/ |
165 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocapture_b393b647ca.js
static.formstack.com/forms/js/3/plugins/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharebuttons_16ee24b0ad.js
static.formstack.com/forms/js/3/plugins/ |
488 B 844 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr_60a2d5aeb5.js
static.formstack.com/forms/js/3/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 016C |
320 KB 104 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 016C |
663 B 605 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.php
positivepromotions.formstack.com/forms/ |
0 321 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share_button.php
www.facebook.com/v2.0/plugins/ Frame F0E2 |
43 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame F0E2 |
272 B 513 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 62D2 |
37 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeds
syndication.twitter.com/i/jot/ |
43 B 104 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j16_pH8M3c6.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yZ/l/en_US/ Frame F0E2 |
509 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 62D2 |
822 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| __twttrll object| twttr object| __twttr object| __core-js_shared__ object| Sslac object| IN object| FS_FIELD_DATA_5173901 undefined| $ function| jQuery function| DP_jQuery_1681334247076 object| Formstack object| libphonenumber function| fsFacAuthCallback object| html5 object| Modernizr function| yepnope function| loadFormstack object| FB object| __buffer object| plugin string| baseUrl object| form51739013 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
positivepromotions.formstack.com/forms/ | Name: PHPSESSID Value: 45cf929262bcffedc801d37da7ddb848 |
|
static.formstack.com/ | Name: AWSALB Value: DhGUo9HqGeKsiQWcC+J4TzEDC7se74JIHeDZhJ+zkFca/0QGcq/mU8bvfNxVE+ffMTTrdpAAqbk7s56pm5uLYGwBfrHlIPqb62t3DDAylFfis0tL3Y3UvqRaU8+i |
|
static.formstack.com/ | Name: AWSALBCORS Value: DhGUo9HqGeKsiQWcC+J4TzEDC7se74JIHeDZhJ+zkFca/0QGcq/mU8bvfNxVE+ffMTTrdpAAqbk7s56pm5uLYGwBfrHlIPqb62t3DDAylFfis0tL3Y3UvqRaU8+i |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
platform.linkedin.com
platform.twitter.com
posimail.positivepromotions.com
positivepromotions.formstack.com
s3.amazonaws.com
static.formstack.com
static.xx.fbcdn.net
syndication.twitter.com
www.facebook.com
www.formstack.com
www.positivepromotions.com
104.244.42.8
13.32.110.48
18.66.15.13
2606:2800:234:46c:e8b:1e2f:2bd:694
2a02:26f0:480:e::210:f113
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.42.80.126
54.231.166.152
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
0617bb68ba8456128d1427785f52fc241322d5f417fb0c669e24f6322feda7d5
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42494d1af6415d45d90e3e31437ae04d6c888695d156afdbba79bbdccf2e9241
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46
4a70df78373540fa9f1a25b0e818d512966363475d10fef7216512f8d4f483f5
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9cb313db26b68d16ce719370a73748f24d7e1e10910ef299ba5761a87ea8d74c
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
f0c8f93ddef4d38f4e38bd62c7d1b17302a940e9a961de43e2db383a475ec785
f3e9ab0ad4c8de7ffe3d9ba47ad32367ccf1193b6b922a1a50bff903ad7477c8