portal.moneybuddybc.com
Open in
urlscan Pro
18.215.202.77
Public Scan
Submission: On April 14 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 14th 2024. Valid for: 3 months.
This is the only time portal.moneybuddybc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 18.215.202.77 18.215.202.77 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
9 | 2606:4700:20:... 2606:4700:20::ac43:4468 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700:20:... 2606:4700:20::681a:3ac | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:20:... 2606:4700:20::681a:2ac | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:20:... 2606:4700:20::ac43:4739 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
42 | 12 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-202-77.compute-1.amazonaws.com
portal.moneybuddybc.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
firebasestorage.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
leadconnectorhq.com
widgets.leadconnectorhq.com — Cisco Umbrella Rank: 58975 services.leadconnectorhq.com — Cisco Umbrella Rank: 31642 stcdn.leadconnectorhq.com — Cisco Umbrella Rank: 35495 |
62 KB |
13 |
moneybuddybc.com
portal.moneybuddybc.com |
1 MB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
357 KB |
3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
233 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 firebasestorage.googleapis.com — Cisco Umbrella Rank: 6223 |
248 KB |
2 |
msgsndr.com
services.msgsndr.com — Cisco Umbrella Rank: 67494 |
433 B |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548 |
314 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
857 B |
42 | 8 |
Domain | Requested by | |
---|---|---|
13 | portal.moneybuddybc.com |
portal.moneybuddybc.com
|
9 | widgets.leadconnectorhq.com |
portal.moneybuddybc.com
widgets.leadconnectorhq.com |
4 | www.googletagmanager.com |
portal.moneybuddybc.com
www.googletagmanager.com widgets.leadconnectorhq.com |
3 | services.leadconnectorhq.com |
widgets.leadconnectorhq.com
|
2 | services.msgsndr.com |
services.leadconnectorhq.com
|
2 | stcdn.leadconnectorhq.com |
widgets.leadconnectorhq.com
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
portal.moneybuddybc.com
|
1 | firebasestorage.googleapis.com | |
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
widgets.leadconnectorhq.com
|
42 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
moneybuddy.taxdome.com |
www.facebook.com |
instagram.com |
taxdome.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
portal.moneybuddybc.com R3 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
widgets.leadconnectorhq.com GTS CA 1P5 |
2024-03-07 - 2024-06-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
leadconnectorhq.com GTS CA 1P5 |
2024-04-02 - 2024-07-01 |
3 months | crt.sh |
stcdn.leadconnectorhq.com GTS CA 1P5 |
2024-03-07 - 2024-06-05 |
3 months | crt.sh |
msgsndr.com GTS CA 1P5 |
2024-04-13 - 2024-07-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://portal.moneybuddybc.com/
Frame ID: 9DB61B943CB9EB932F983A143F683AEB
Requests: 40 HTTP requests in this frame
Screenshot
Page Title
Money BuddyDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Client Portal
Search URL Search Domain Scan URL
Title: 
Search URL Search Domain Scan URL
Title: ï…
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
portal.moneybuddybc.com/ |
35 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-bundle.js
portal.moneybuddybc.com/js/ |
160 KB 160 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a189aea8b0450108c02fb066bdaa86a8-bundle.js
portal.moneybuddybc.com/js/ |
0 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-bundle.css
portal.moneybuddybc.com/css/ |
233 KB 234 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
55 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a189aea8b0450108c02fb066bdaa86a8-bundle.css
portal.moneybuddybc.com/css/ |
92 KB 92 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
295 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
widgets.leadconnectorhq.com/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MB%20Profile%20Picture-ts1688453309.png
portal.moneybuddybc.com/gallery/ |
62 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fad5186311e3b5a7c1acf1bee38e4fc4_2642x554_fit.jpg
portal.moneybuddybc.com/gallery_gen/ |
166 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6f7362276a144e9f318b3af99e4fe9e4_330x340_fit.jpg
portal.moneybuddybc.com/gallery_gen/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3c2f57716d820b1519cef2c09a6b376a_1114x742_fit.jpg
portal.moneybuddybc.com/gallery_gen/ |
254 KB 255 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b6acae0b3c302b63e29dcb1eda4d3cf1_180x180_fit.png
portal.moneybuddybc.com/gallery_gen/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2cf1105b1cedf5e0512e25d80ad05b69.lock.png
portal.moneybuddybc.com/gallery/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
184 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
portal.moneybuddybc.com/css/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat-widget.esm.js
widgets.leadconnectorhq.com/chat-widget/ |
26 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 857 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
295 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ |
501 KB 201 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-b3907b50.js
widgets.leadconnectorhq.com/chat-widget/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-8888d87c.js
widgets.leadconnectorhq.com/chat-widget/ |
108 B 656 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-d6886780.js
widgets.leadconnectorhq.com/chat-widget/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-90174339.entry.js
widgets.leadconnectorhq.com/chat-widget/ |
71 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-ts1688518644.png
portal.moneybuddybc.com/gallery/ |
13 KB 13 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-523968b1.js
widgets.leadconnectorhq.com/chat-widget/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-8f38a363.js
widgets.leadconnectorhq.com/chat-widget/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
services.leadconnectorhq.com/funnels/funnel/geo-location/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intlTelInput.min.js
stcdn.leadconnectorhq.com/intl-tel-input/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
services.leadconnectorhq.com/funnels/funnel/geo-location/ |
65 B 437 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intlTelInput.min.css
stcdn.leadconnectorhq.com/intl-tel-input/17.0.12/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.json
widgets.leadconnectorhq.com/chat-widget/assets/i18n/ |
408 B 793 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
272 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user-session.js
services.leadconnectorhq.com/appengine/cors/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locationPhotos%2FEdLMAZmDYDC9Tt74Pcrk%2Fchat-widget-person
firebasestorage.googleapis.com/v0/b/highlevel-backend.appspot.com/o/ |
243 KB 244 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
create_session
services.msgsndr.com/attribution_service/user_session_v3/ |
105 B 433 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
create_session
services.msgsndr.com/attribution_service/user_session_v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| wb_form_validateForm boolean| _isTouchDevice function| isTouchDevice undefined| _baseUrl function| getBaseUrl function| isIOS function| wb_show_alert function| $ function| jQuery function| wb_close_popup function| wb_show_popup function| wb_get_query_param function| gtag object| dataLayer boolean| useTrailingSlashes boolean| disableRightClick string| currLang function| initLink object| google_tag_manager object| google_tag_data object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| Ionic object| leadConnector object| intlTelInputGlobals function| intlTelInput object| userSessionAttribution4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
portal.moneybuddybc.com/ | Name: PHPSESSID Value: 562d69fadffb2dbbbe3576f77dc67ede |
|
.moneybuddybc.com/ | Name: _ga_LDW1R4XHBS Value: GS1.1.1713131052.1.0.1713131052.0.0.0 |
|
.moneybuddybc.com/ | Name: _ga Value: GA1.1.1722584911.1713131052 |
|
.moneybuddybc.com/ | Name: _ga_1X0XQRMB4F Value: GS1.1.1713131052.1.0.1713131052.0.0.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
firebasestorage.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
portal.moneybuddybc.com
region1.google-analytics.com
services.leadconnectorhq.com
services.msgsndr.com
stcdn.leadconnectorhq.com
widgets.leadconnectorhq.com
www.google.com
www.googletagmanager.com
www.gstatic.com
18.215.202.77
2001:4860:4802:34::36
2606:4700:20::681a:2ac
2606:4700:20::681a:3ac
2606:4700:20::ac43:4468
2606:4700:20::ac43:4739
2a00:1450:4001:800::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2008
02405378fcf6eb71d6e5b3fab66f773dfb2a8ded0546e2cf6ef768c70f76fbba
029eaa66863b1a838b933e5439cb5aac2b4aaef1adc6250cdf239a3e47784501
058979f735ce1a8ea355382c797938096dd1b5d4c94fc0e1105db64a8679026e
105f40ac919aed9200419f1015837bcc4bbc95e7d7ad2c1d0bb114496de8d0d0
1718e51cc3369224418c34fef30b7f701e39f2340435e7f9ecd75681bb8ebd1e
20c7eee8c72eda05eb67a56122563d3bcc334eead7c8ded81fb3691de8164c76
29ec638ed3107202782cf1d569737eb165424b6eed3a32503ded464d6960ac17
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ca6a6a7b20213044f515b554ee8dccbec1b259a21dd714d74d19f3bf1dce531
2e06c1c9846cec85b33b026f8d07fe8cf56276de4e58c1e570430b35f455a5c6
3470525c5bd70055228bc4f6039579fd589d2b754d357ec25bb70d51b4bcd1ac
3803c6ab3ca416d91d5233c6ce4452be5458b4f53833ffc20f8c43fe9124a6b8
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
459b15795870e73167636db4ee35b3f12935452b7f2f06f063240ce114482930
4d0bcc5eabe2057503276b4ece29b7fd59fd6c597443bcb9e91a46503f2d0e68
6e63abd725ad9afc03ed7ccf67dee77d63dbeeda41c2934072da5426aa4d9123
75edd58bf421b9fa137632e21431f5fb66c7960ddb178528a4a2b096aac3f9da
77af6f7f39b4509b9600a4e8f30814ff86490a884bbaa3fd80ddb001cae94a83
7b55f2fc60c765ab8dfd31c5ad610208214c54adafb06178120ca50e7477cee9
82c68e877f7c8e2dec277b2d071937142309a29dbf1a753b8f9ce046963650c2
8aef4defbc01eccd0a2989dcbd2af9d4470c3312a0941e1ddba3f7bbca2ae393
98c37453bf245424917a154a4e51a6114ebb387e5856cf891c088d042e8117df
9d8942904d2422b697b1489f7a53e36a4c93ff50b0d7bb0b4fa6294fd7510395
ad62e5470d6f65cf06d3828dc167cb44cd004e6cdb2026a142603907355075e4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
cd15ceb7710754a1469ed008fa9a977d14f33e27843f1eefb29e7e2d85b67907
d25716813b446efe02d61c076ceb0d345045f5b873f66425de7dfad9fa745f06
db2a3be1cc58dbc29ce3e5332545624cf6c3679920487f699aaeaaae5dd6ea9e
dc5c69b8b2020c71eed02a1d3414fb4fded2786648f52a5db225434252c4bdb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8112c9dd1bffff9be260163447563b9a05aef5e717c851197dc05b176119e1a
f39e79191fe71c79dd031aa98c7a8dfa50b877a46e49cbf437986e4cad41a983
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f860732d8a6ae6374d5744161344f7ed9c3ade2877335ce6c2946ca5f5793212
fc7c42e6593aecf7ed92b5631e44399481f703c47a0878d0739c7ffbbcc488dc