urlscan.io logo urlscan.io
SecurityTrails logo

novaservice-uat-cms.3forcom.org Open in urlscan Pro
171.244.42.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://novaservice-uat-cms.3forcom.org/
Effective URL: https://novaservice-uat-cms.3forcom.org/admin/login
Submission: On April 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 171.244.42.31, located in Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is novaservice-uat-cms.3forcom.org.
TLS certificate: Issued by R3 on April 4th 2022. Valid for: 3 months.
This is the only time novaservice-uat-cms.3forcom.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 171.244.42.31 7552 (VIETEL-AS...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 4
Apex Domain
Subdomains		 Transfer
14 3forcom.org
novaservice-uat-cms.3forcom.org
425 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
343 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 7
23 KB
21 3
Domain Requested by
14 novaservice-uat-cms.3forcom.org 2 redirects novaservice-uat-cms.3forcom.org
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com novaservice-uat-cms.3forcom.org
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
21 4

This site contains no links.

Subject Issuer Validity Valid
novaservice-uat-cms.3forcom.org
R3		 2022-04-04 -
2022-07-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://novaservice-uat-cms.3forcom.org/admin/login
Frame ID: 225994F261CBC30A624640F47D58F3BC
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Frame ID: AE8B96F787C77FBC6A76FE637F7C507D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

| Nova Service UAT CMS

Page URL History Show full URLs

  1. https://novaservice-uat-cms.3forcom.org/ HTTP 302
    https://novaservice-uat-cms.3forcom.org/admin HTTP 302
    https://novaservice-uat-cms.3forcom.org/admin/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

790 kB
Transfer

2306 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://novaservice-uat-cms.3forcom.org/ HTTP 302
    https://novaservice-uat-cms.3forcom.org/admin HTTP 302
    https://novaservice-uat-cms.3forcom.org/admin/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
novaservice-uat-cms.3forcom.org/admin/
Redirect Chain
  • https://novaservice-uat-cms.3forcom.org/
  • https://novaservice-uat-cms.3forcom.org/admin
  • https://novaservice-uat-cms.3forcom.org/admin/login
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/ PHP/7.4.28
Resource Hash
8cd1991ff303ff0b97af5666232827495e8daf5c8e6cd5e5372c5ff117d4aa98
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 16:23:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.28

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 16:23:31 GMT
location
https://novaservice-uat-cms.3forcom.org/admin/login
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
PHP/7.4.28
style.min.css
novaservice-uat-cms.3forcom.org/assets/core/css/ 		425 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/css/style.min.css?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
262b4c14a187ad44abab02835d17a725fa060fa4070cb7a0a72e20b212623a88
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-6a3f6"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
flag-icon.min.css
novaservice-uat-cms.3forcom.org/assets/core/css/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/css/flag-icon.min.css?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
f67da83d7dc6da8d06990b885930a515f3441d1a802964ed056b70c1dd3c5890
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-84a9"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
custom.css
novaservice-uat-cms.3forcom.org/assets/core/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/css/custom.css?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
d65b6127a2b98618a6188b3ade07f5899074c4096c9d2ab5f32eba44cfc54f29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-da0"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
library.js
novaservice-uat-cms.3forcom.org/assets/core/js/ 		732 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/js/library.js?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
cb61d2bd6e69bcbdde312324cd347edb06131f809d03afacf4628142e827a757
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-b6f6e"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
script.min.js
novaservice-uat-cms.3forcom.org/assets/core/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/js/script.min.js?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
bcf806f0f5c8bc52c9d87f5388747f4bfc68e407814f131256cb98a6b817c3b1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-336c"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
sortable.min.js
novaservice-uat-cms.3forcom.org/assets/plugins/sortable/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/plugins/sortable/sortable.min.js
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
0ea5a6fbfbf5434b606878533cb7a66bcf700f0f08afe908335d0978fb63ad94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-abd6"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
helper.min.js
novaservice-uat-cms.3forcom.org/assets/core/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/js/helper.min.js?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
25e93deb561984e79a096f492e5d1e8b96ba11b7a897680312baed446377f389
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-d2b"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
custom.js
novaservice-uat-cms.3forcom.org/assets/core/js/ 		2 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/js/custom.js?v=1.0
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
6b7f9de668c797d2f4702a870d9b9f0f3838e5c006ff2df6de58d47e2aae713c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
etag
W/"6246c3fe-827"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/admin/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
185f29d16a73cd21961f5b9cff381914e3e587b5d3dcb07532a9f74f524fc77e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 16:23:32 GMT
loading.gif
novaservice-uat-cms.3forcom.org/assets/core/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/images/loading.gif
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/assets/core/css/style.min.css?v=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
c58ceba67b04122491637d8310c5c4386cba29d550609072929b42e2071cef96
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/assets/core/css/style.min.css?v=1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:35 GMT
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
accept-ranges
bytes
etag
"6246c3fe-8e19"
content-length
36377
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/gif
UVNHongHaHepBold.woff2
novaservice-uat-cms.3forcom.org/assets/core/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/fonts/UVNHongHaHepBold.woff2
Requested by
Host: novaservice-uat-cms.3forcom.org
URL: https://novaservice-uat-cms.3forcom.org/assets/core/css/style.min.css?v=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
7bf21ed56f1516aedaffe6226e24d29cc53d7bfa47a0ca323ba69fe29197c499
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://novaservice-uat-cms.3forcom.org/assets/core/css/style.min.css?v=1.0
Origin
https://novaservice-uat-cms.3forcom.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:35 GMT
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
accept-ranges
bytes
etag
"6246c3fe-4fdc"
content-length
20444
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 		362 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://novaservice-uat-cms.3forcom.org/
Origin
https://novaservice-uat-cms.3forcom.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146406
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 15:34:51 GMT
anchor
www.google.com/recaptcha/api2/ Frame AE8B 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7c768a2cd2fc6eb8de586c5620a07941b0baf3828a9d0ac0eabddacf440d7636
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tpLiqABrWomBkXuaG6Tjwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22028
content-security-policy
script-src 'report-sample' 'nonce-tpLiqABrWomBkXuaG6Tjwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 16:23:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame AE8B 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 13:43:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame AE8B 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146406
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 15:34:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AE8B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
age
509037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 05 Apr 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE8B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
515825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE8B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 14:17:54 GMT
x-content-type-options
nosniff
age
525952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 14:17:54 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AE8B 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwgsIZAAAAAHZFFWu3icOSaGK2_SVjZwY-kEjQ&co=aHR0cHM6Ly9ub3Zhc2VydmljZS11YXQtY21zLjNmb3Jjb20ub3JnOjQ0Mw..&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=5jfo2x9rylef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 16:23:46 GMT
banner-auth.jpg
novaservice-uat-cms.3forcom.org/assets/core/images/ 		140 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://novaservice-uat-cms.3forcom.org/assets/core/images/banner-auth.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
171.244.42.31 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://novaservice-uat-cms.3forcom.org/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:23:46 GMT
last-modified
Fri, 01 Apr 2022 09:21:02 GMT
accept-ranges
bytes
etag
"6246c3fe-47afb"
content-length
293627
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dbSupportedLocales function| $ function| jQuery function| EvEmitter function| imagesLoaded function| moment function| Popper object| bootstrap object| core object| __core-js_shared__ function| SimpleBar function| Sortable function| toggleBodyLoading function| getLinkBrowsers function| initCKEditor function| initSimpleCKEditor function| initCKEditorFullPage function| openCKFinderImages function| openCKFinderFiles function| initAceEditor function| calFileSizeFromByte function| slug object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_59119

2 Cookies

Domain/Path Name / Value
novaservice-uat-cms.3forcom.org/ Name: XSRF-TOKEN
Value: eyJpdiI6InNuakcxYmRVb3ZQanVvTDVQUzlMRHc9PSIsInZhbHVlIjoiOGZLVVBJMDA5TlJXRWtXU0R4dEdveVFHa2taaDJYN2F1dXk3c3JlRTkrelpBdGJQQ2tWVWxrVVJaQ1VVNW9cL0tobGx0Q0xLVzRsbEt3YXkrV3RpdHM0a2w5RkYwWWZSaVM2U2ZrRTVqY1g4bXZuVzRmeFF0b0tzUmVYdjRnYXZnIiwibWFjIjoiYTQ3NWU3NTg2OWNlMGZiOWI0Zjg4NTE4YTQ1ZDU5OGEyOWRjZjFhMGY5NGE3OTFlMmJkMzI2MjNjYjg1NGIxMyJ9
novaservice-uat-cms.3forcom.org/ Name: nova_service_uat_cms_session
Value: eyJpdiI6IjdcL1wvUHBJbXI3KzBqXC9uaGcyd29VaXc9PSIsInZhbHVlIjoick1lTnJsU0hQbldITzFOaDRKZWRFTGhadDIxWlh5MU9GK0s2N0J1eWUwdjV4UERDbUROdmN1NGJhYU5xZ3NpNUl2NStia2M0bnM5YnFpTHozd2R0akRnUkllVXZVb0p1amZLTlhcL0ZDdUEyV3B3bGJSZmFQY3ZUN3YzNUpuWWp3IiwibWFjIjoiN2FiY2FlZTljOWI4MmRjYTljZGIxNmUyMmVkZWUzMjJiYTk0NmE4OTRiZGRhMmFjODgyMzc0ZTlkNmU0MThhOCJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
novaservice-uat-cms.3forcom.org
www.google.com
www.gstatic.com
171.244.42.31
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
0ea5a6fbfbf5434b606878533cb7a66bcf700f0f08afe908335d0978fb63ad94
185f29d16a73cd21961f5b9cff381914e3e587b5d3dcb07532a9f74f524fc77e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25e93deb561984e79a096f492e5d1e8b96ba11b7a897680312baed446377f389
262b4c14a187ad44abab02835d17a725fa060fa4070cb7a0a72e20b212623a88
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6b7f9de668c797d2f4702a870d9b9f0f3838e5c006ff2df6de58d47e2aae713c
7bf21ed56f1516aedaffe6226e24d29cc53d7bfa47a0ca323ba69fe29197c499
7c768a2cd2fc6eb8de586c5620a07941b0baf3828a9d0ac0eabddacf440d7636
8cd1991ff303ff0b97af5666232827495e8daf5c8e6cd5e5372c5ff117d4aa98
bcf806f0f5c8bc52c9d87f5388747f4bfc68e407814f131256cb98a6b817c3b1
c58ceba67b04122491637d8310c5c4386cba29d550609072929b42e2071cef96
cb61d2bd6e69bcbdde312324cd347edb06131f809d03afacf4628142e827a757
d65b6127a2b98618a6188b3ade07f5899074c4096c9d2ab5f32eba44cfc54f29
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
f67da83d7dc6da8d06990b885930a515f3441d1a802964ed056b70c1dd3c5890
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48