accounts.haravan.com
Open in
urlscan Pro
210.245.125.92
Public Scan
Effective URL: https://accounts.haravan.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mode%3Dform_post%26response...
Submission: On October 06 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on September 30th 2021. Valid for: a year.
This is the only time accounts.haravan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 84.186.185.35.bc.googleusercontent.com
servicecoupon-apps.haravan.com |
ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
PTR: srv.haravan.com
accounts.haravan.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net
d952cmcgwqsjf.cloudfront.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-19-160.compute-1.amazonaws.com
hrv.freshsales.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
haravan.com
3 redirects
servicecoupon-apps.haravan.com accounts.haravan.com |
622 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
328 KB |
5 |
google.com
www.google.com |
38 KB |
3 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
doubleclick.net
stats.g.doubleclick.net googleads.g.doubleclick.net |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
131 KB |
2 |
hstatic.net
hrw.hstatic.net |
54 KB |
1 |
google.de
www.google.de |
569 B |
1 |
freshsales.io
hrv.freshsales.io |
498 B |
1 |
cloudfront.net
d952cmcgwqsjf.cloudfront.net |
37 KB |
1 |
googleadservices.com
www.googleadservices.com |
15 KB |
30 | 11 |
Domain | Requested by | |
---|---|---|
7 | accounts.haravan.com |
1 redirects
accounts.haravan.com
|
5 | www.google.com |
accounts.haravan.com
www.gstatic.com www.google.com |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.gstatic.com |
www.google.com
|
2 | www.googletagmanager.com |
accounts.haravan.com
www.googletagmanager.com |
2 | hrw.hstatic.net |
accounts.haravan.com
|
2 | servicecoupon-apps.haravan.com | 2 redirects |
1 | www.google.de |
accounts.haravan.com
|
1 | hrv.freshsales.io |
d952cmcgwqsjf.cloudfront.net
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | d952cmcgwqsjf.cloudfront.net |
accounts.haravan.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
30 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.haravan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-09-30 - 2022-09-30 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-11 - 2022-06-10 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.freshsales.io Amazon |
2021-07-16 - 2022-08-14 |
a year | crt.sh |
www.google.de GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://accounts.haravan.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mode%3Dform_post%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520org%2520userinfo%26client_id%3Da1451ac9fa4afdc78c6c13e09b4cb497%26redirect_uri%3Dhttps%253A%252F%252Fservicecoupon-apps.haravan.com%252Fservicecoupon%252Finstall%252Flogin%26nonce%3Dkcjqhdltd
Frame ID: 98E77999FEF826EFD0319543EEEC552F
Requests: 22 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9hY2NvdW50cy5oYXJhdmFuLmNvbTo0NDM.&hl=en&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=4k3gy7u2oidq
Frame ID: C901B7199C86148EE7AD1BAD630B9CD1
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Haravan - AccountsPage URL History Show full URLs
-
https://servicecoupon-apps.haravan.com/
HTTP 302
https://servicecoupon-apps.haravan.com/servicecoupon/install?orgid= HTTP 302
https://accounts.haravan.com/connect/authorize?response_mode=form_post&response_type=code%20id_token&scop... HTTP 302
https://accounts.haravan.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mode%3D... Page URL
Detected technologies
Haravan (Ecommerce) ExpandDetected patterns
- haravan.*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://servicecoupon-apps.haravan.com/
HTTP 302
https://servicecoupon-apps.haravan.com/servicecoupon/install?orgid= HTTP 302
https://accounts.haravan.com/connect/authorize?response_mode=form_post&response_type=code%20id_token&scope=openid%20profile%20email%20org%20userinfo&client_id=a1451ac9fa4afdc78c6c13e09b4cb497&redirect_uri=https%3A%2F%2Fservicecoupon-apps.haravan.com%2Fservicecoupon%2Finstall%2Flogin&nonce=kcjqhdltd HTTP 302
https://accounts.haravan.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mode%3Dform_post%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520org%2520userinfo%26client_id%3Da1451ac9fa4afdc78c6c13e09b4cb497%26redirect_uri%3Dhttps%253A%252F%252Fservicecoupon-apps.haravan.com%252Fservicecoupon%252Finstall%252Flogin%26nonce%3Dkcjqhdltd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login
accounts.haravan.com/Account/ Redirect Chain
|
37 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.css
accounts.haravan.com/css/ |
205 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
407df3d0194643999b37859281601ebc.svg
hrw.hstatic.net/1000382462/1000545158/ |
59 KB 44 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3415aa4e361249fc9bc74a820ecea96f.jpg
hrw.hstatic.net/1000382462/1000545158/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 1018 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.js
accounts.haravan.com/js/ |
157 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
379 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-regular.ttf
accounts.haravan.com/fonts/ |
168 KB 168 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-medium.ttf
accounts.haravan.com/fonts/ |
168 KB 168 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ |
343 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
125 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
d952cmcgwqsjf.cloudfront.net/assets/ |
104 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 463 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/810106461/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit.json
hrv.freshsales.io/track/ |
69 B 498 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/810106461/ |
42 B 327 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/810106461/ |
42 B 569 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-bold.ttf
accounts.haravan.com/fonts/ |
167 KB 167 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame C901 |
39 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame C901 |
52 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame C901 |
343 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C901 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C901 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C901 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webworker.js
www.google.com/recaptcha/api2/ Frame C901 |
102 B 204 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
reload
www.google.com/recaptcha/api2/ Frame C901 |
29 KB 16 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| dataLayer string| clientid object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| createTempFunction string| assets_url object| freshsales object| functions_list object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| isRelativeUrlWithoutProtocol function| sanitizeUrl object| Freshsales function| session_fetch object| session object| params function| hasClickDuplicate function| _randomColor function| _createCookie function| _readCookie function| onSwitchLanguage function| onSwitchUrlLocal function| onDisplayFlagCurrent function| getGeoInfo function| _localizer function| changePrefixPhone number| submit undefined| rawImg object| CroppieOpt function| $ function| jQuery function| Croppie object| closure_lm_48827 function| onYouTubeIframeAPIReady10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.google.com/recaptcha | Name: _GRECAPTCHA Value: 09ADZ-Ys6_K_W0vl6gTBACHbyYJvGvN5FmKBE_yvyOyuA1kE0v1zgl3PFRH2oJidLZK1a_WV6l2nJ1iA-uWJbaqa0 |
|
accounts.haravan.com/ | Name: idsrv.antiforgery Value: CfDJ8K_8uYNnHStBj2MkdWP8mVSK8skeoE6BqZqZMEENWINtatg7KnRTk9gTXydkYS0mD7QSwP5Sh58FTDW9kB-rQvmlI0r7qrK0kaGPFHsiwV0jERQF_XiNFZbdvQmNtiYO9n0cX5-4n3yXW2I-0a3mLCc |
|
.haravan.com/ | Name: _gid Value: GA1.2.1173168407.1633555653 |
|
.haravan.com/ | Name: _gat_UA-148534917-1 Value: 1 |
|
.haravan.com/ | Name: _ga Value: GA1.1.2034331609.1633555653 |
|
accounts.haravan.com/ | Name: first_session Value: %7B%22visits%22%3A1%2C%22start%22%3A1633555652935%2C%22last_visit%22%3A1633555652935%2C%22url%22%3A%22https%3A%2F%2Faccounts.haravan.com%2FAccount%2FLogin%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fresponse_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520profile%252520email%252520org%252520userinfo%2526client_id%253Da1451ac9fa4afdc78c6c13e09b4cb497%2526redirect_uri%253Dhttps%25253A%25252F%25252Fservicecoupon-apps.haravan.com%25252Fservicecoupon%25252Finstall%25252Flogin%2526nonce%253Dkcjqhdltd%22%2C%22path%22%3A%22%2FAccount%2FLogin%22%2C%22referrer%22%3A%22%22%2C%22referrer_info%22%3A%7B%22host%22%3A%22%22%2C%22path%22%3A%22blank%22%2C%22protocol%22%3A%22about%3A%22%2C%22port%22%3A80%2C%22search%22%3A%22%22%2C%22query%22%3A%7B%7D%7D%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22version%22%3A0.4%7D |
|
.accounts.haravan.com/ | Name: _fw_crm_v Value: 5cf8b632-5e98-475d-cd4b-36a00e7b67c7 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
accounts.haravan.com/ | Name: __idsrv.language Value: vi |
|
.haravan.com/ | Name: _ga_W14F7XD5DZ Value: GS1.1.1633555652.1.0.1633555653.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | block-all-mixed-content; upgrade-insecure-requests |
Strict-Transport-Security | max-age=2592000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.haravan.com
d952cmcgwqsjf.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
hrv.freshsales.io
hrw.hstatic.net
servicecoupon-apps.haravan.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.185.194
143.204.98.18
210.245.125.92
2606:4700:10::ac43:ebf
2a00:1450:4001:800::2003
2a00:1450:4001:808::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:400c:c01::9a
3.210.19.160
35.185.186.84
07c2e07c8fec5c0546e1dd0a8c787988dcfade5a31c5f562b14f6af1e048c2a4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23dc4db7922b2aeab7517e50904d0d9683f870281c4215361f6fbed50d8cf059
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
51d818fa9d125e4b16baf901e0ffb49b9c86e772680b4fe205f7e39eb92dffb3
525906b1eef867cd9f55a40712535a2af4cdcf472535c559a478b202fd083d89
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c818d9595d2ca814cff157bd77389b853ffc997adebdfd22feaf88f92be553e
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
641f1788166acf19c2d8ce328c217c21d229de57ec7c1203828a04bfb23534a0
66d160a0394ac3f2e0238ad51b78163b04b0cddc973a4c0014d904721a9b2946
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edc3375bbac2c30bf872103bf8c9447e96deda5d11aa2580a5b4849f08805ea
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
90a548c3d10193622f85feb9881bfd90056242d565ccf88165f9233a934a9b82
941eb55ffd3c7b1df89373ac737f1bdedc07d907eae05817db2347f627df7896
c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b
c8e67122b7fa7d332d8d758b9b970864de8f16ecf70be8ea3af4ae2b285eec83
daaaf9bdee4655c13bea7fa2006bcddb6f1899049166bff03df8bc8e53e9ba93
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc178a68479cddd286bbc4c3be4b79dd4954790a4edc609d2c6b9ec425cb0b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05125caae000da7f9399f285cd3c1109428c46ed5067970e76aa07a631bdf1b
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
f226ebe9fec9bf626fa54dc86b5af541141f60621c858a2de4b4bd055d731659
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62