gas.mcd.com
Open in
urlscan Pro
65.52.140.180
Public Scan
Effective URL: https://gas.mcd.com/adfs/ls/?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-Redirect&SAMLRequest=fV...
Submission: On August 27 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 15th 2022. Valid for: a year.
This is the only time gas.mcd.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 52.45.245.85 52.45.245.85 | 14618 (AMAZON-AES) (AMAZON-AES) | |
26 | 65.52.140.180 65.52.140.180 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 52.20.154.206 52.20.154.206 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 52.222.214.23 52.222.214.23 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:bad9 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 13.32.99.71 13.32.99.71 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-245-85.compute-1.amazonaws.com
rfm2au.mcd.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-154-206.compute-1.amazonaws.com
rpxnow.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-23.fra56.r.cloudfront.net
d29usylhdk1xyu.cloudfront.net |
ASN20940 (AKAMAI-ASN1, NL)
quilt-cdn.janrain.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-71.fra60.r.cloudfront.net
d1lqe9temigv1p.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
mcd.com
1 redirects
rfm2au.mcd.com gas.mcd.com — Cisco Umbrella Rank: 373773 |
801 KB |
4 |
cloudfront.net
d29usylhdk1xyu.cloudfront.net d1lqe9temigv1p.cloudfront.net |
122 KB |
2 |
janrain.com
quilt-cdn.janrain.com — Cisco Umbrella Rank: 20650 |
78 KB |
1 |
rpxnow.com
1 redirects
rpxnow.com — Cisco Umbrella Rank: 7845 |
108 B |
33 | 4 |
Domain | Requested by | |
---|---|---|
26 | gas.mcd.com |
gas.mcd.com
d29usylhdk1xyu.cloudfront.net |
3 | d29usylhdk1xyu.cloudfront.net |
gas.mcd.com
rpxnow.com |
2 | quilt-cdn.janrain.com |
d29usylhdk1xyu.cloudfront.net
|
2 | rfm2au.mcd.com | 1 redirects |
1 | d1lqe9temigv1p.cloudfront.net |
d29usylhdk1xyu.cloudfront.net
|
1 | rpxnow.com | 1 redirects |
33 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.mcd.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mcd.com Amazon |
2022-05-25 - 2023-06-23 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
quilt-cdn.janrain.com R3 |
2022-08-22 - 2022-11-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gas.mcd.com/adfs/ls/?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-Redirect&SAMLRequest=fVLLbsIwEPyVyPe8TDDIIkgpqCoSLRGkPfRSGccBS46deh3a%2Fn1DoIUeynG0M7M7Y0%2BA1Qo3NGvdXq%2FFeyvAeZ%2B10kBPkxS1VlPDQALVrBZAHaeb7HFJcRDRxhpnuFHIywCEddLomdHQ1sJuhD1ILp7XyxTtnWuAhqGtaszaoOZlwE3dw5VWUousaY5oaXZSB4wffZA3726Rmh3BxWLH4FfPygpCBSHy7o3los%2BQooopEMhbzFP0RqIkrmJW%2BmRUDfxkKGJ%2FPChjH7OKJElEtpyMOyrkDEAexEUM0IqFBse0SxGOMPajsY9HRTykQ0LxKCAkeUVefs5%2FJ3Up9e52WdsTCehDUeR%2BvtoUyHsRFvp8HQFNJ33ntN9ur5%2FhtjH76R5N%2F2l6El47n%2Fc09KmzWsxzoyT%2F8jKlzMfMCua6HpxtBQqnZ93f%2FzH9Bg%3D%3D&RelayState=
Frame ID: 48CA8CB16D46C2CFA57F0B3787B26EAB
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
MCD loginPage URL History Show full URLs
- https://rfm2au.mcd.com/ Page URL
-
https://rfm2au.mcd.com/rfm2OnlineApp/rfmLogin.action
HTTP 302
https://gas.mcd.com/adfs/ls/?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-Red... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://rfm2au.mcd.com/ Page URL
-
https://rfm2au.mcd.com/rfm2OnlineApp/rfmLogin.action
HTTP 302
https://gas.mcd.com/adfs/ls/?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-Redirect&SAMLRequest=fVLLbsIwEPyVyPe8TDDIIkgpqCoSLRGkPfRSGccBS46deh3a%2Fn1DoIUeynG0M7M7Y0%2BA1Qo3NGvdXq%2FFeyvAeZ%2B10kBPkxS1VlPDQALVrBZAHaeb7HFJcRDRxhpnuFHIywCEddLomdHQ1sJuhD1ILp7XyxTtnWuAhqGtaszaoOZlwE3dw5VWUousaY5oaXZSB4wffZA3726Rmh3BxWLH4FfPygpCBSHy7o3los%2BQooopEMhbzFP0RqIkrmJW%2BmRUDfxkKGJ%2FPChjH7OKJElEtpyMOyrkDEAexEUM0IqFBse0SxGOMPajsY9HRTykQ0LxKCAkeUVefs5%2FJ3Up9e52WdsTCehDUeR%2BvtoUyHsRFvp8HQFNJ33ntN9ur5%2FhtjH76R5N%2F2l6El47n%2Fc09KmzWsxzoyT%2F8jKlzMfMCua6HpxtBQqnZ93f%2FzH9Bg%3D%3D&RelayState= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://rpxnow.com/load/mcdonalds-crew HTTP 301
- https://d29usylhdk1xyu.cloudfront.net/load/mcdonalds-crew
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
rfm2au.mcd.com/ |
282 B 420 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
gas.mcd.com/adfs/ls/ Redirect Chain
|
49 KB 49 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
gas.mcd.com/adfs/portal/css/ |
79 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idp.png
gas.mcd.com/adfs/portal/images/idp/ |
931 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localsts.png
gas.mcd.com/adfs/portal/images/idp/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
gas.mcd.com/adfs/portal/script/ |
87 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
janrain-utils.js
gas.mcd.com/adfs/portal/script/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
janrain-init.js
gas.mcd.com/adfs/portal/script/ |
18 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
gas.mcd.com/adfs/portal/script/ |
3 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
gas.mcd.com/adfs/portal/css/ |
158 KB 158 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content_background.css
gas.mcd.com/adfs/portal/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.css
gas.mcd.com/adfs/portal/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modal.css
gas.mcd.com/adfs/portal/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts-css.css
gas.mcd.com/adfs/portal/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
gas.mcd.com/adfs/portal/css/ |
79 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
gas.mcd.com/adfs/portal/script/ |
62 KB 62 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.js
gas.mcd.com/adfs/portal/script/ |
28 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils.js
gas.mcd.com/adfs/portal/script/ |
7 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
gas.mcd.com/adfs/portal/script/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login
gas.mcd.com/api/Account/ |
54 KB 15 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mcdonalds-crew
d29usylhdk1xyu.cloudfront.net/load/ Redirect Chain
|
11 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
gas.mcd.com/API/adfs/portal/images/new/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eye_off.png
gas.mcd.com/API/adfs/portal/images/new/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner.png
gas.mcd.com/API/adfs/portal/images/new/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Speedee_A_Bd.woff2.css
gas.mcd.com/adfs/portal/fonts/Speedee/ |
20 KB 20 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Speedee_A_Rg.woff2.css
gas.mcd.com/adfs/portal/fonts/Speedee/ |
20 KB 21 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-solid-900.woff2.css
gas.mcd.com/adfs/portal/fonts/FontAwesome/ |
78 KB 79 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en-US
d29usylhdk1xyu.cloudfront.net/translations/login/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capture:login
d29usylhdk1xyu.cloudfront.net/manifest/ |
453 KB 109 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
providers.css
quilt-cdn.janrain.com/HEAD/ |
126 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widgets.css
quilt-cdn.janrain.com/HEAD/ |
242 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
janrain.css
gas.mcd.com/adfs/portal/css/ |
43 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flow.js:gadmupwrtbvydc9b4qku6rfnd3:en-US:HEAD:standard
d1lqe9temigv1p.cloudfront.net/widget_data/ |
39 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
102 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| HRDErrors function| InputUtil function| HRD number| page number| jsVer number| cssVer string| lloginErrorText object| hrdSelection object| userNameInput object| signoutArea object| errorArea object| errorText object| idpInitiatedSignOn boolean| initiateAzure object| fullPage object| brandingWrapper object| contentWrapper object| authOptionLinks undefined| d1 undefined| headerContent undefined| logoDiv undefined| imgLogo string| mfaSecondFactorErr string| mfaProofupMessage object| authArea object| mfaGreetingDescription undefined| username undefined| t2 undefined| domain_hint undefined| errorMessage undefined| openingMessage undefined| errorDetailsLink undefined| mfaRegisterUrl undefined| header undefined| form undefined| title undefined| isAuthenticated undefined| siteSelectionArea undefined| siteSelectionText undefined| signInButton undefined| signInOtherButton undefined| signOutButton undefined| otherPanel undefined| dropDownlist undefined| idp_SignInPanel function| fOnLoadJquery function| fOnLoadAPI function| addSpinner function| addScript function| addCssScript function| getParameterByName undefined| secs object| timerID boolean| timerRunning number| totalSeconds number| delay undefined| objectToClick string| timeRemaingForRegistration function| CheckKeepMeSignIn function| InitializeTimer function| StopTheClock function| StartTheTimer function| InitVariables function| StartCounter function| pad function| refreshCounter function| StartFlashing function| StagingFlashInit function| setIframeHeight function| janrainUtilityFunctions function| initJanrain function| removeCookie function| getCookie function| checkURLLength function| janrainCaptureWidgetOnLoad function| janrainExampleImplementationFunctions function| $ function| jQuery object| API boolean| firstCall string| loginErrorText boolean| spinnerVisible function| setCountryAndLanguage object| bootstrap object| Login object| janrain object| Utils boolean| crewIconsHidden object| passwordFocus boolean| _noReturnExperience number| _recaptchaVersion boolean| _recaptchaInvisible string| uri boolean| cssNotFound2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mcd.com/ | Name: GlobalAS_SessionId Value: 36777924-6bad-4e6e-9376-ba3577a549e4 |
|
.gas.mcd.com/ | Name: __RequestVerificationToken_L0FQSQ2 Value: Nzb_ol5SBR4QiaO9ulQCB2GeAT-5zcCLryBGpRL03yGr1HyeO2RvbR5k2S1EIal9BxTOQ4sGZf9QCBfeGpvjHZBRhrI1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d1lqe9temigv1p.cloudfront.net
d29usylhdk1xyu.cloudfront.net
gas.mcd.com
quilt-cdn.janrain.com
rfm2au.mcd.com
rpxnow.com
13.32.99.71
2a02:26f0:6c00::210:bad9
52.20.154.206
52.222.214.23
52.45.245.85
65.52.140.180
03407ba5018b550cb434bebba8a6b289aaf69c8731a9e376a7fe34f7d5a4db9a
097a30ea3997d4c585b35e102b51496c6ee58fcd088b6dee5c0fbe9825ff7043
0fddf3346203324950d452b19d33beca11f715b2149e0579cca2fadb48c3055b
1742285d85f8579196172ab1ca109e49e08c01e0b5f1914c3459cac1ff73f173
1f0186d7509b72f042daafbdd3dce6afaaf74ad136d89aa0885c85c13c4d606b
239884f5f7035830a2a86fd499cfcf741840f0d453aa4f8266ed443d90bf06ad
245e030c9b4aeed6a69dd858500134e5aebd2b19f16d823426f3f4ebf5229186
2d1be956f5219e03aefe2cabc6ac1d8044ed2361e87ed1d7ab7091332cbb65eb
35c81af218119395206379ad491cfc32a218c64c0800e27bcdf961707c1ea300
3d4afff7ae9777bd3878847e90b2a3183b7afdf66fdd431236557f7b72cd3832
3eadd3e829a20df612c7a77960ff811e66e3ee6bae2c33c9b20e7478bac87548
430d2b116c4b6c675ce029b74f756bc34fadcb1dbeac596a229ab9e733ecbd97
44c09a1300a946429d86582c5416de91810a9fe3cf55b31f852510fd0fe01a53
57e1bef7ed99464d9aa5ed6e00280baaecf75d908c0293dfb07039feca140f9c
65535f8f75898ad5809b5038dfd72b0db7d47e3644150425c8d73e3f14f55325
6799bff5af54f559359a82bd4c2e96d59f28c7282267170bd89a3580afd8b8d7
6dcc70699293f0820cb61c365b448163e8f28fa1d1366e7f3b5d4e296c52ae85
778a776d4ebf81fc1d31e3a6c09ed1c9cc84912d6afbfc1fea60de1509c2085f
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81
82792ad4ae89054d281cab2c8f4d32e5d96f748f660e52118365f2f89245d33f
86751defcb319e924ac90043874e3d7427149e5c4662f0af5c6cf0c3be83ba7c
896f2bcedb02f1d564ea553d9b739698bba1d89e5dff9cdb30771d6b06dd57a0
932f9c5733d36beba3c90209ea06f367374544dfbb5b7e2a1e88994d54a3c45d
a15ae3cbe1a9f95e52363f90457629406e4e90a84efaff95da56c20ae191388f
a248fc6db27cea86eae89bc7c40844ad86050e2928f5367e9d9b9f2e2e67c004
a3911892be04d81eba5a8e0c74f77099aa1db05e542fbfcc78c9df4b0ec0e3a6
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
a629ca520b887162c272682e3c589846e657ba6c05945da871d8e6df86d2f31c
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
da1e227f0af00c0e4b2d805ca3d2325bc6a6e7e4d57a26bba9955ee428cbe464
e2c0ca0c1f3d03d6e078326e875bba102aa519805ce45a9252721d0e147b6d9c
ed391f5620d329d55071ea3840a07f52452ff7a5cd7f07a289c91f689f299e4a
f397050057cfd104eeb1f57ef6ec9ab02347bc37fa045cdb6995b5e5a96dc8c5