activerefund.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submission: On March 30 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on March 30th 2023. Valid for: 3 months.
This is the only time activerefund.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 8 | 44.236.64.62 44.236.64.62 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:236... 2600:9000:236e:5e00:1e:b6b6:9ac0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.104.231.58 172.104.231.58 | 63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies) | |
38 | 10 |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-64-62.us-west-2.compute.amazonaws.com
embed.ercspecialists.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
cdn.firstpromoter.com |
ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: nb-172-104-231-58.frankfurt.nodebalancer.linode.com
t.firstpromoter.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
activerefund.com
activerefund.com |
1013 KB |
8 |
ercspecialists.com
1 redirects
embed.ercspecialists.com |
112 KB |
6 |
gstatic.com
fonts.gstatic.com |
106 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 357 |
33 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374 |
9 KB |
2 |
firstpromoter.com
cdn.firstpromoter.com — Cisco Umbrella Rank: 34788 t.firstpromoter.com — Cisco Umbrella Rank: 433808 |
4 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
80 KB |
38 | 7 |
Domain | Requested by | |
---|---|---|
17 | activerefund.com |
activerefund.com
|
8 | embed.ercspecialists.com |
1 redirects
activerefund.com
embed.ercspecialists.com |
6 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn.jsdelivr.net |
embed.ercspecialists.com
|
2 | fonts.googleapis.com |
activerefund.com
embed.ercspecialists.com |
1 | t.firstpromoter.com |
cdn.firstpromoter.com
|
1 | ajax.googleapis.com |
embed.ercspecialists.com
|
1 | cdn.firstpromoter.com |
embed.ercspecialists.com
|
1 | www.googletagmanager.com |
embed.ercspecialists.com
|
38 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.activerefund.com GTS CA 1P5 |
2023-03-30 - 2023-06-28 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.ercspecialists.com Amazon RSA 2048 M01 |
2023-02-09 - 2023-06-04 |
4 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.firstpromoter.com Amazon RSA 2048 M01 |
2023-02-17 - 2024-01-19 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://activerefund.com/
Frame ID: A3502B1ECAA678E4118E3FE28D29758D
Requests: 21 HTTP requests in this frame
Frame:
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Frame ID: 9A24C13513F79BFA4707C4D01E37D468
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
HomeDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://embed.ercspecialists.com/?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk HTTP 302
- https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
activerefund.com/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
activerefund.com/assets/bootstrap/css/ |
152 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-grid.min.css
activerefund.com/assets/bootstrap/css/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-reboot.min.css
activerefund.com/assets/bootstrap/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
activerefund.com/assets/dropdown/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
activerefund.com/assets/socicon/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
activerefund.com/assets/theme/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbr-additional.css
activerefund.com/assets/mobirise/css/ |
39 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
copy-of-remote-job-recruiting-2-364x86.png
activerefund.com/assets/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbr-1256x829.jpg
activerefund.com/assets/images/ |
200 KB 201 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application_embed.js
embed.ercspecialists.com/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbr-1256x837.jpg
activerefund.com/assets/images/ |
405 KB 405 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screenshot-2023-03-30-at-8.57.24-am-1836x557.png
activerefund.com/assets/images/ |
309 KB 310 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
activerefund.com/assets/bootstrap/js/ |
77 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smooth-scroll.js
activerefund.com/assets/smoothscroll/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
activerefund.com/assets/ytplayer/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar-dropdown.js
activerefund.com/assets/dropdown/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
activerefund.com/assets/theme/js/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application
embed.ercspecialists.com/ Frame 9A24 Redirect Chain
|
30 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
92zUtBhPNqw73oHt4D4h.woff2
fonts.gstatic.com/s/jost/v14/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 9A24 |
234 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.fdd7be6b26e9.css
embed.ercspecialists.com/static/app/build/css/ Frame 9A24 |
171 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame 9A24 |
12 KB 899 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.80c6d2636661.css
embed.ercspecialists.com/static/app/vendor/fontawesome-pro-6.1.1-web/css/ Frame 9A24 |
157 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.min.c608c7b36ece.css
embed.ercspecialists.com/static/app/vendor/fontawesome-pro-6.1.1-web/css/ Frame 9A24 |
542 B 746 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpr.highlevel.js
cdn.firstpromoter.com/ Frame 9A24 |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ElementQueries.js
cdn.jsdelivr.net/npm/css-element-queries@1.2.3/src/ Frame 9A24 |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ResizeSensor.js
cdn.jsdelivr.net/npm/css-element-queries@1.2.3/src/ Frame 9A24 |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
play.c1974eb0913a.svg
embed.ercspecialists.com/static/app/img/ Frame 9A24 |
606 B 815 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ Frame 9A24 |
88 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9cda0e1462a6.js
embed.ercspecialists.com/static/app/build/ Frame 9A24 |
146 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tr
t.firstpromoter.com/ Frame 9A24 |
96 B 844 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 9A24 |
111 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless number| uidEvent object| bootstrap function| SmoothScroll object| $jscomp function| EventEmitter function| loadScript string| YOUTUBE_IFRAME_API_SRC object| YOUTUBE_STATES object| YOUTUBE_ERROR object| loadIframeAPICallbacks function| $Users$vagrant$workspace$Mobirise5_emac_Release$Release$release$mac$Mobirise_app$Contents$Resources$_app_asar$web$app$themes$mobirise5$plugins$ytplayer$index$classdecl$var0 function| YouTubePlayer function| smartresize boolean| initSwitchArrowPlugin boolean| initTestimonialsPlugin2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
embed.ercspecialists.com/ | Name: sessionid Value: 940y3cm4h6ecnhy4t5wcsolp49f9cjgk |
|
embed.ercspecialists.com/ | Name: csrftoken Value: 60NYTzmTh5EYV8jwvxqv81mpzTphyjYZ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
activerefund.com
ajax.googleapis.com
cdn.firstpromoter.com
cdn.jsdelivr.net
embed.ercspecialists.com
fonts.googleapis.com
fonts.gstatic.com
t.firstpromoter.com
www.googletagmanager.com
172.104.231.58
2600:9000:236e:5e00:1e:b6b6:9ac0:93a1
2606:4700::6810:5614
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::3
44.236.64.62
0267952bd25299bacec6a6503353957a3cf815535ddbd22033b7b9df4a3c80bb
03db3dbf48a33e04b6750139d6a45e7597cbd95d3d505e51ea016798bed73977
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
0881bb685a1512cc95be38b2df6a8f55d061322716638afa272040010d0d2455
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
180d8ca6812f97d5ef73a4fbc28c018bc1c3d9af25a174af4452b997b513a7f5
19953a9a92c249fb0b1815506667ba3ba19f70e967d588e39d221e58662b00d5
200677bd63ea5e6b08b0cc23a9f615ae71ae2957037ede57f128b8ecfe45d7cf
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501
2d64f8025f777fca0bc3b88232bac150e7e0556b50c1176ea80160c4180aafa0
30b557aa77cb180fe3ca6b0f2a4bb6e64ca9145502ba708b1167332b7c1ebd5a
3671d8addd1b85e916c2b9e3ffac3879a9d0676dba648bac50e5274c0a1cd1eb
479a9de5f8037c10237163dcab21f8ef191b74feeca8fcf7f41a5de93df8ca07
66edeaa3d141e8ca82505f960605999710acb9f33626db3a4731f130b40f55d3
7327980b435c3e2bff209f2b603107cd89ba828f2acc6959a8125928ac271460
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73fb0c67b240a8b7c73ead15d37dab8bbc917d783daf240aa833d4ffde0dcb77
79f60a475c5feb3676c248b7259533df15cf81e9c5e36ff1683d0672db5ba746
7b62dea6cc1e3ebc553f40b517f3a277c266ae495a22edea7c7610c082fde3b8
89e6288c304047d4d203d72f78576ca90ccafdf51e470d3676a2319c31de1be8
8eee421f2f9bdf38445ffe938ab5c0be29ef1855570c2cb871b55de50ac3521b
94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd
97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a
9cee90492a1babc618a5f4934ff2563fa06d9fe56b22bcd296922c9d0c88f3dc
9eddb1bc8c19bc96565db30b9cb2f669b58006a54f6f0bf735d443fcd4b46eb2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b04ab7d3144151414daab91cbb080019b1dc94210dda9e45d18a80b554314ad7
b1c3382375aae1b991259f482d859dcc5e028941f4e52a73530701d2b9b16862
b441d6f6589e41f8d7e3c2b5cea6a33898ba86e1440a1e1c75341b0e341c92df
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4
d2fb3910ab152273fc4e74125feccb7a7ec235714e06f1598664094b27c6d4c1
d749293fa689ca257bc6159afcc24bea0a0c236e07cf4d90c5a90d57e52c19b9
e962c7aad93ce4ca69c529f8edc3d2f6a714d318487bc482a4d39ea1833c05ec
ed87d4dcc8364407804ffe0cfd3656782060cbe49aea04a83f3e5eb709ee4e5f
f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3
fef11a7feb71c937fa296e039eea89a6879d19a6f6b3c387c1d728d0683091ed