![](/screenshots/4b841f39-68ae-4fca-94c0-7feb02fc2b59.png)
forms.turnedaway.ca
Open in
urlscan Pro
2606:4700:3036::ac43:d760
Public Scan
Submission: On March 01 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on February 27th 2024. Valid for: 3 months.
This is the only time forms.turnedaway.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 198.132.149.34.bc.googleusercontent.com
eu.clients.heyflow.app |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
europe-west3-heyflow-clients.cloudfunctions.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.125.111.34.bc.googleusercontent.com
flows.heyflow.cloud |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 295996 flows.heyflow.cloud tracking.heyflow.cloud — Cisco Umbrella Rank: 376170 |
97 KB |
6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 756 q.clarity.ms — Cisco Umbrella Rank: 7463 c.clarity.ms — Cisco Umbrella Rank: 1360 |
28 KB |
6 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 303 maps.googleapis.com — Cisco Umbrella Rank: 374 |
171 KB |
3 |
google.com
analytics.google.com — Cisco Umbrella Rank: 148 www.google.com — Cisco Umbrella Rank: 2 |
701 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
216 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
397 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 |
21 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
71 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
193 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 244 |
761 B |
1 |
cloudfunctions.net
europe-west3-heyflow-clients.cloudfunctions.net |
257 B |
1 |
heyflow.app
eu.clients.heyflow.app |
11 KB |
1 |
turnedaway.ca
forms.turnedaway.ca |
358 KB |
38 | 13 |
Domain | Requested by | |
---|---|---|
6 | fonts.heyflow.cloud |
forms.turnedaway.ca
fonts.heyflow.cloud |
4 | tracking.heyflow.cloud |
forms.turnedaway.ca
|
4 | storage.googleapis.com |
forms.turnedaway.ca
|
2 | maps.googleapis.com |
eu.clients.heyflow.app
maps.googleapis.com |
2 | c.clarity.ms | 1 redirects |
2 | www.facebook.com |
forms.turnedaway.ca
|
2 | q.clarity.ms |
www.clarity.ms
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | analytics.google.com |
www.googletagmanager.com
|
2 | www.clarity.ms |
forms.turnedaway.ca
www.clarity.ms |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | connect.facebook.net |
forms.turnedaway.ca
connect.facebook.net |
2 | www.googletagmanager.com |
forms.turnedaway.ca
www.googletagmanager.com |
1 | c.bing.com | 1 redirects |
1 | www.google.com |
forms.turnedaway.ca
|
1 | flows.heyflow.cloud |
forms.turnedaway.ca
|
1 | europe-west3-heyflow-clients.cloudfunctions.net |
eu.clients.heyflow.app
|
1 | eu.clients.heyflow.app |
forms.turnedaway.ca
|
1 | forms.turnedaway.ca | |
38 | 19 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.turnedaway.ca GTS CA 1P5 |
2024-02-27 - 2024-05-27 |
3 months | crt.sh |
heyflow.cloud GTS CA 1P5 |
2024-02-14 - 2024-05-14 |
3 months | crt.sh |
eu.clients.heyflow.app GTS CA 1D4 |
2024-01-06 - 2024-04-05 |
3 months | crt.sh |
storage.googleapis.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-09 - 2024-03-08 |
3 months | crt.sh |
misc.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
flows.heyflow.cloud GTS CA 1D4 |
2024-01-05 - 2024-04-04 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.turnedaway.ca/
Frame ID: B3DAF46209700260483722C65FE07F3D
Requests: 36 HTTP requests in this frame
Screenshot
![](/screenshots/4b841f39-68ae-4fca-94c0-7feb02fc2b59.png)
Page Title
TurnedAway - Apply for HELOChouse-chimney-2house-apartmentbuilding-2building-1envelopephonehuman-resources-employeebusiness-deal-handshakecash-bulbteam-share-ideareal-estate-deal-shakereal-estate-action-building-checkDetected technologies
![](/vendor/wappa/icons/Google Maps.png)
Detected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D046D344BAB49298C2D432ABA7C4331&RedC=c.clarity.ms&MXFR=3E3FDA166E7E642E3B2BCE236A7E6A71 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D046D344BAB49298C2D432ABA7C4331&MUID=3C1B1781F42A6EA2309E03B4F58D6F02
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
forms.turnedaway.ca/ |
1 MB 358 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.heyflow.cloud/ |
472 B 857 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.heyflow.cloud/ |
41 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heyflow-maps-embed.js
eu.clients.heyflow.app/cmr-mortgageBrokersNetwork/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13cf2cc1-71d3-4d3c-add4-5a8b2b7e303a.jpeg
storage.googleapis.com/builder.zenflow.de/ta-fb-short-app/www/assets/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ecfdd4a3-da1c-4117-aa02-8530259cbf6f.webp
storage.googleapis.com/builder.zenflow.de/ta-fb-short-app/www/assets/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5dc3cb40-57cc-4834-b611-1e705dcd7e64.jpeg
storage.googleapis.com/builder.zenflow.de/ta-fb-short-app/www/assets/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e578e0b-8473-4271-9a04-ddc1154013d9.png
storage.googleapis.com/builder.zenflow.de/ta-fb-short-app/www/assets/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
273 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
214 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.heyflow.cloud/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.heyflow.cloud/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.heyflow.cloud/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.heyflow.cloud/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
europe-west3-heyflow-clients.cloudfunctions.net/mortgageBrokersNetwork-maps/ |
70 B 257 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libphone.chunk.js
flows.heyflow.cloud/ta-fb-short-app/www/dist/ |
233 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
tracking.heyflow.cloud/ |
2 B 317 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
tracking.heyflow.cloud/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
297 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kfo3bbangw
www.clarity.ms/tag/ |
701 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
tracking.heyflow.cloud/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
tracking.heyflow.cloud/ |
2 B 340 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.22/ |
60 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 149 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
286246232906462
connect.facebook.net/signals/config/ |
61 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
q.clarity.ms/ |
0 299 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
223 KB 74 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
q.clarity.ms/ |
0 299 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 45 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| currentlyMounting object| heyflow object| dataLayer function| fbq function| _fbq object| windowConstants object| webpackChunk_heyflow_flow object| regeneratorRuntime function| filterCSS function| filterXSS function| Cleave function| onLessReady function| flatpickr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.turnedaway.ca/ | Name: _gcl_au Value: 1.1.1936519372.1709298752 |
|
.turnedaway.ca/ | Name: _ga_WYVR0CVB9D Value: GS1.1.1709298752.1.0.1709298752.60.0.0 |
|
.turnedaway.ca/ | Name: _ga Value: GA1.2.1625279101.1709298752 |
|
.turnedaway.ca/ | Name: _gid Value: GA1.2.269153100.1709298753 |
|
.turnedaway.ca/ | Name: _gat_UA-62053410-1 Value: 1 |
|
www.clarity.ms/ | Name: CLID Value: a64799c9f60e4e94b7b07c40db3066a4.20240301.20250301 |
|
.turnedaway.ca/ | Name: _clck Value: 7w17n2%7C2%7Cfjp%7C0%7C1521 |
|
.turnedaway.ca/ | Name: _clsk Value: 14ubzr3%7C1709298753023%7C1%7C1%7Cq.clarity.ms%2Fcollect |
|
.turnedaway.ca/ | Name: _fbp Value: fb.1.1709298753038.859167682 |
|
.bing.com/ | Name: MUID Value: 3C1B1781F42A6EA2309E03B4F58D6F02 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 3C1B1781F42A6EA2309E03B4F58D6F02 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 3C1B1781F42A6EA2309E03B4F58D6F02 |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
c.bing.com
c.clarity.ms
connect.facebook.net
eu.clients.heyflow.app
europe-west3-heyflow-clients.cloudfunctions.net
flows.heyflow.cloud
fonts.heyflow.cloud
forms.turnedaway.ca
maps.googleapis.com
q.clarity.ms
stats.g.doubleclick.net
storage.googleapis.com
tracking.heyflow.cloud
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
20.110.205.119
20.231.53.73
2001:4860:4802:36::181
2001:4860:4802:36::36
2606:4700:20::681a:1f0
2606:4700:20::681a:f0
2606:4700:3036::ac43:d760
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::64
2607:f8b0:4004:c17::cf
2607:f8b0:4004:c1b::69
2607:f8b0:4004:c1d::5f
2620:1ec:46::40
2620:1ec:c11::200
2a03:2880:f08e:219:face:b00c:0:3
2a03:2880:f17b:283:face:b00c:0:25de
34.111.125.42
34.149.132.198
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
14d70190fbdf864ba0258486337502992db367d45aff6dd7e879f5fe830d6837
18d33333f9cdf8039871ee1f2301c60c11806dc069a5daf03dfa81fdf8e055ca
23538d7975faa10d860dbe525dcd0e1d70050a71bc341307342922ae56c55e39
2e0e389f70b5898ee13ad5a56f7bc14bf1c6033c0d8971347ff56c068d3e1250
3a3ddcf058ae435c80818b770d65f2ebb499b961b8549e661145a8a84c8fcaea
3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd
471e84f19d1f93887c4b97bae9e670f0a9cad97638d70b0370f2b71b9f7550dc
4ea2b51cbbae7ec854f2bc8ecb543a4f6485cf46d86393d2eb46ab45955ab8d0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c979eff5ba4d6c69760cd44e7119da3821c7502325e7e8a19f8aed37ffe2151
9135749bea6d925c589f11b1d5935131b3a9d80db74fa6c342a0ebf081abe00b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fe16dae39b0285f0a86002d23ab21a8bbe67bb12279f8ba6f4e2cd4f86c21
a4de26de18927be010374606c21aa352514a988750ae1090e924ace69b4c28fe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb22b19d51e54d02cdcf81b6d14891d1173db19526b7ff2132d5d7cb78ea500b
c233effa118103118712781a687ed1fe3f39971bb6ed01f08de6ffdd185761df
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43c688214a21ba5fdd6d476880783a43aed90ff09b69aea8af2ec1c63911fb4
e5a446358214cd1696ad036a3d0f6745816a399dea9cfdbcdb2e47f36e2f2c27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149