www.friendlyreturns.com
Open in
urlscan Pro
2606:4700:3035::681c:1d89
Public Scan
Effective URL: https://www.friendlyreturns.com/survey/18455/source=59c7d134b774554b578f930d/subid=59c7d134b774554b578f930d&firstname=%7B%7Bfirs...
Submission: On February 28 via manual from SE
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 18th 2020. Valid for: 8 months.
This is the only time www.friendlyreturns.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 217.115.153.221 217.115.153.221 | 20773 (GODADDY) (GODADDY) | |
1 1 | 2606:4700:303... 2606:4700:3037::681b:8b83 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 2606:4700:303... 2606:4700:3035::681c:1d89 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 184.154.10.254 184.154.10.254 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
3 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:e134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
33 | 6 |
ASN20773 (GODADDY, DE)
PTR: srv21.mailer-service.de
trk.ideasworthspreading-4u.eu |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
push.applytorely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
friendlyreturns.com
www.friendlyreturns.com |
378 KB |
3 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
gstatic.com
fonts.gstatic.com |
18 KB |
2 |
fontawesome.com
use.fontawesome.com |
49 KB |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
1 |
applytorely.com
push.applytorely.com |
2 KB |
1 |
milestonereel.com
1 redirects
www.milestonereel.com |
638 B |
1 |
ideasworthspreading-4u.eu
1 redirects
trk.ideasworthspreading-4u.eu |
539 B |
33 | 8 |
Domain | Requested by | |
---|---|---|
24 | www.friendlyreturns.com |
www.friendlyreturns.com
|
3 | fonts.googleapis.com |
www.friendlyreturns.com
|
2 | fonts.gstatic.com |
www.friendlyreturns.com
|
2 | use.fontawesome.com |
www.friendlyreturns.com
|
1 | cdn.onesignal.com |
www.friendlyreturns.com
|
1 | push.applytorely.com |
www.friendlyreturns.com
|
1 | www.milestonereel.com | 1 redirects |
1 | trk.ideasworthspreading-4u.eu | 1 redirects |
33 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-18 - 2020-10-09 |
8 months | crt.sh |
push.applytorely.com Let's Encrypt Authority X3 |
2020-02-11 - 2020-05-11 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-10-11 - 2020-04-18 |
6 months | crt.sh |
*.fontawesome.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-23 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.friendlyreturns.com/survey/18455/source=59c7d134b774554b578f930d/subid=59c7d134b774554b578f930d&firstname=%7B%7Bfirst_name%7D%7D&lastname=%7B%7Blast-name%7D%7D&address=&zipcode=&mobile=&city=&email=%7B%7Bemail%7D%7D/nrp=5e58ef96a226f30dde7a2cee
Frame ID: 0577D362659E1079C2746A41DE0FDB7B
Requests: 14 HTTP requests in this frame
Frame:
https://www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/index.html
Frame ID: 40EB621AC0AC2803C02CBA285AA8E59E
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://trk.ideasworthspreading-4u.eu/red.php?r=271854057629304877&lid=1407677&ln=7
HTTP 302
https://www.milestonereel.com/tracking/5cd55a6b7ce7f91a603633e4?src=59c7d134b774554b578f930d&s1=&s2=&s3=&s... HTTP 302
https://www.friendlyreturns.com/survey/18455/source=59c7d134b774554b578f930d/subid=59c7d134b774554b578f930d&... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://trk.ideasworthspreading-4u.eu/red.php?r=271854057629304877&lid=1407677&ln=7
HTTP 302
https://www.milestonereel.com/tracking/5cd55a6b7ce7f91a603633e4?src=59c7d134b774554b578f930d&s1=&s2=&s3=&s4=&s5=&k=5e26cdeee5f5094e1f8dbfdb&firstname={{first_name}}&lastname={{last-name}}&emailaddress={{email}} HTTP 302
https://www.friendlyreturns.com/survey/18455/source=59c7d134b774554b578f930d/subid=59c7d134b774554b578f930d&firstname=%7B%7Bfirst_name%7D%7D&lastname=%7B%7Blast-name%7D%7D&address=&zipcode=&mobile=&city=&email=%7B%7Bemail%7D%7D/nrp=5e58ef96a226f30dde7a2cee Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
nrp=5e58ef96a226f30dde7a2cee
www.friendlyreturns.com/survey/18455/source=59c7d134b774554b578f930d/subid=59c7d134b774554b578f930d&firstname=%7B%7Bfirst_name%7D%7D&lastname=%7B%7Blast-name%7D%7D&address=&zipcode=&mobile=&city=&e... Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backend.css
www.friendlyreturns.com/css/ |
2 KB 731 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.friendlyreturns.com/css/bootstrap-4.1.3/ |
138 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.friendlyreturns.com/assets/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
www.friendlyreturns.com/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.friendlyreturns.com/js/bootstrap-4.1.3/ |
50 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.js
www.friendlyreturns.com/js/plugins/jqueryCookie/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.plugin.js
www.friendlyreturns.com/js/plugins/jquery_countdown/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
currency_cnd2.js
www.friendlyreturns.com/custom_js/ |
1 KB 526 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue_notys3.css
www.friendlyreturns.com/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub.min.js
push.applytorely.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
763 B 485 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 797 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/ Frame 40EB |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
survey
www.friendlyreturns.com/survey/ |
19 B 469 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame 40EB |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/js/ Frame 40EB |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.0.8/css/ Frame 40EB |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.min.css
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/css/ Frame 40EB |
773 B 444 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.countdown.css
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/js/countdownjs/ Frame 40EB |
1 KB 435 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.plugin.js
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/js/countdownjs/ Frame 40EB |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.countdown.js
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/js/countdownjs/ Frame 40EB |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/css/ Frame 40EB |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/css/ Frame 40EB |
71 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preloader.gif
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/img/ Frame 40EB |
80 KB 80 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
van.png
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/img/ Frame 40EB |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 40EB |
20 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prelander.js
www.friendlyreturns.com/prelanders/ Frame 40EB |
3 KB 1008 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 40EB |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpg
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/img/ Frame 40EB |
129 KB 129 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.gif
www.friendlyreturns.com/prelanders/jld1/se/SE-PST-POSTNORD/SE-PST-GEN/img/ Frame 40EB |
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.8/webfonts/ Frame 40EB |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 40EB |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap function| JQClass function| countdown boolean| pm_enablePrompt string| pm_promptText string| pm_promptAcceptBtnText string| pm_promptDenyBtnText string| pm_pid object| productUrl string| path_prefix number| total_products object| productId number| survey_id function| exitClickHandler function| trackAnswer function| setConversion function| setProductImpression function| setServerPixel function| trackProductClick function| loadSurveyQuestions4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.friendlyreturns.com/ | Name: survey_id_21327 Value: true |
|
www.friendlyreturns.com/ | Name: b2ZmZXJXYWxs Value: %7B%22campaign%22%3A%2218455%22%2C%22survey%22%3A21327%2C%22source%22%3A%2259c7d134b774554b578f930d%22%2C%22subid%22%3A%22subid%3D59c7d134b774554b578f930d%26firstname%3D%7B%7Bfirst_name%7D%7D%26lastname%3D%7B%7Blast-name%7D%7D%26address%3D%26zipcode%3D%26mobile%3D%26city%3D%26email%3D%7B%7Bemail%7D%7D%22%2C%22firstSession%22%3A%22K9MpkGjbPS9CPLXsBiVcfZBIN8GM583DKNYOawmo_18455%22%7D |
|
www.friendlyreturns.com/ | Name: laravel_session Value: eyJpdiI6Im9DZ283dEZ4akdJZ0x5OUlCZFwvTm5BPT0iLCJ2YWx1ZSI6IlM5aUVKOFQ5XC9QRXFHQm5TUnRyRVNWbzdtM1dpaXZ2Rmg3K28yZkFXeW9vVmI5aHNOeDNuc091NWZYVGo3S3ZOU0JOYW9uK3c0bTIrWUo1dktjZ1pDZz09IiwibWFjIjoiZjgzNzJjMWNkN2E2NzBlOGYwYzZhODE0ZTY0MzkxNGQ2MTMwNjlkYjkzZjY3YmYzN2I1NTRmMjcxNjgwMTk3NSJ9 |
|
.friendlyreturns.com/ | Name: __cfduid Value: dff8cd57b6546618528a90829a466ba5b1582886806 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
push.applytorely.com
trk.ideasworthspreading-4u.eu
use.fontawesome.com
www.friendlyreturns.com
www.milestonereel.com
184.154.10.254
217.115.153.221
23.111.9.35
2606:4700:3035::681c:1d89
2606:4700:3037::681b:8b83
2606:4700::6812:e134
2a00:1450:4001:800::2003
2a00:1450:4001:821::200a
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
06335fb1b038ceb04b3826b9b9af144c9a2a5532eb07e3af8ad08a20e78aa09f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2d22a7e34eaf4a1829eacc9766b940fefce122577bdaa19201ae400912aa0b2f
2ee7caaae1cc3f6b08b6f39cf4de7d3b3d044e06c07257f48c676167efcb5bf5
34f72aa883faea0e292b8e941ae721e100ba89cdcf2c7992c4fcfb81ad265630
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
4c6c34ecd5d1f8aaf96a478cd35ce9a221ae35924c05130fabe5b6140a0746d8
546f22daa21fdc336f4ea6181ca8c4a4dd5282dde72115f0bf3aa69e3b835b41
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
75ae30bcd1fdb70111741756cb3afd61e9195a443a795286fb9e671488b57d96
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8381a7d35e63fa3670e6391361cac64bcdac5421f69f7197abc2119f00c40648
9c87e5d4579eca6df0bbd4c0e1cd5a4b468c6e8d15a09976c68fee8bc2b07ab3
a03ae00213fccd9886c4833e52f5467bdc5a6f9af22cf80667c6d9d75bd374a3
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7
b0a6acca9b827b8a216634408a4e3e4efb3dd88918ae6cff0bc7de4124a1005c
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c2d1917de752c2887ea7e84c54d054c4d7621262cd99703490d9eae7a1d41ef8
ccdc2f2a7a716655ee0e5604046dec02277fbc59252dbc59067d29582e027e58
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
d1b923bd321edf1b6d8c70e83fc400818a545d8eb54f5f671fa81b871a9b3f2b
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0
e69e632fd455bb94aa01816ae5530a7eb04e5ac5bc0a63d5f96d7d12f8a3f7b3
ea4775a16983b954313e9a71e84fc0dc4a956d267de56462d94c78d695f9a9db
f43f6bb9637c5d91057dabfaf7e296330476ee8b4574c0bf11688e2381082f53
ff4610869c48d9eefb45f127331f4203f8624db93d14cb268c69c38cfc77620e