![](/screenshots/324ed316-eda0-435b-884f-b0978941dc7c.png)
adfs.travcorp.com
Open in
urlscan Pro
205.189.38.31
Public Scan
Effective URL: https://adfs.travcorp.com/adfs/ls/?wtrealm=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com&wa=wsignin1.0&wreply=https...
Submission: On January 20 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 31st 2020. Valid for: 2 years.
This is the only time adfs.travcorp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 18 | 185.61.209.16 185.61.209.16 | 44503 (CHARTERHOUSE) (CHARTERHOUSE) | |
4 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 205.189.38.31 205.189.38.31 | 22491 (TTC-) (TTC-) | |
1 | 52.218.213.73 52.218.213.73 | 16509 (AMAZON-02) (AMAZON-02) | |
28 | 5 |
ASN44503 (CHARTERHOUSE, GB)
identity.staging.tms.radicaltravel.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
radical-travel-lambda.s3-us-west-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
radicaltravel.com
2 redirects
identity.staging.tms.radicaltravel.com |
1 MB |
4 |
gstatic.com
fonts.gstatic.com |
129 KB |
4 |
googleapis.com
fonts.googleapis.com |
2 KB |
3 |
travcorp.com
adfs.travcorp.com |
209 KB |
1 |
amazonaws.com
radical-travel-lambda.s3-us-west-2.amazonaws.com |
27 KB |
28 | 5 |
Domain | Requested by | |
---|---|---|
18 | identity.staging.tms.radicaltravel.com |
2 redirects
identity.staging.tms.radicaltravel.com
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | fonts.googleapis.com |
identity.staging.tms.radicaltravel.com
|
3 | adfs.travcorp.com |
identity.staging.tms.radicaltravel.com
adfs.travcorp.com |
1 | radical-travel-lambda.s3-us-west-2.amazonaws.com |
identity.staging.tms.radicaltravel.com
|
28 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
identity.staging.tms.radicaltravel.com R3 |
2021-01-20 - 2021-04-20 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
adfs.travcorp.com DigiCert SHA2 Secure Server CA |
2020-07-31 - 2022-08-05 |
2 years | crt.sh |
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-07-30 - 2021-08-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://adfs.travcorp.com/adfs/ls/?wtrealm=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com&wa=wsignin1.0&wreply=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com%2Fsignin-wsfed&wctx=CfDJ8AlPBs1kPtBAnQFEK3Nwzsfghc8KS8-0wosEi7fAXp2QmaCxtO6pmisJxbuermasP0qwDD87uWElzfk0-AheJibUzfEURNygga3HaUcC4uzD0CL3o9iA4TZay4BYzwAeW4OMZ1lO54MgCt7jsvVtRG0FV6loXJThVwUA6H02_0GfhuVGe0dqbWze9Ym3W3rIObmm7iR3U9wbRKAxv-KQM0MTRpix4_AKPVYasoNVgsjdD2kxMZBtClQsN6um0RI2lULfvlm2oQmTy1ogKXKejgdnpM5VOPqn4yc4T3L_oKrA9gjtzV3i9jOABtMd4WV9CbjOTvQpIdPN06DSWtA5NGBo9PWvJSDwSY4JnTyBuEGYpQNtk_jdylcqS9w8tg_3sV2wh6OaK4jOhDNio8kkNrNhDaIVEosSDQqTHKLumb5xN-Jqh2hQR5ZdWQNGezFlTTPRCwDMsiwkhSzj1LOOORayOXOpPdbsppl9EJrC4RRK5bzFbpIUGiq70eCirqlZ8IcwQeUqR_VbM-mRBuCu6wi1-kMTc8T1mbzDg52UZH3B0b-0JRMJWPbaFtKjLEPPB4tttGXFkMaJ1bTmDnyyGHXG3JGPs2v1zcoifgh1sxMm3vg7moIEwpDP_a_gG4oPJvhOc5f2fvo7vyQsVOPYn4dzmtmlcyeHt9pTTkn0C4Ucu7PylGxMCfRYKET6JJq_Gw
Frame ID: 8E00B0B22CD2053A135739F8D84876CA
Requests: 28 HTTP requests in this frame
Screenshot
![](/screenshots/324ed316-eda0-435b-884f-b0978941dc7c.png)
Page URL History Show full URLs
- https://identity.staging.tms.radicaltravel.com/ Page URL
-
https://identity.staging.tms.radicaltravel.com/connect/authorize?response_type=id_token%20token&client_id=tms.corp.ttc&stat...
HTTP 302
https://identity.staging.tms.radicaltravel.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3D... Page URL
-
https://identity.staging.tms.radicaltravel.com/api/v1/identity/login/travcorp-gateway?return_url=/connect/authorize/callbac...
HTTP 302
https://adfs.travcorp.com/adfs/ls/?wtrealm=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com&wa=wsi... Page URL
Detected technologies
![](/vendor/wappa/icons/WindowsServer.png)
Detected patterns
- headers server /^Kestrel/i
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- headers server /^Kestrel/i
Detected patterns
- headers server /^Kestrel/i
![](/vendor/wappa/icons/IIS.png)
Detected patterns
- headers server /^Kestrel/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://identity.staging.tms.radicaltravel.com/ Page URL
-
https://identity.staging.tms.radicaltravel.com/connect/authorize?response_type=id_token%20token&client_id=tms.corp.ttc&state=S0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV&redirect_uri=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com&scope=openid%20profile%20offline_access%20tour_management_system&nonce=S0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV
HTTP 302
https://identity.staging.tms.radicaltravel.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token%2520token%26client_id%3Dtms.corp.ttc%26state%3DS0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV%26redirect_uri%3Dhttps%253A%252F%252Fidentity.staging.tms.radicaltravel.com%26scope%3Dopenid%2520profile%2520offline_access%2520tour_management_system%26nonce%3DS0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV Page URL
-
https://identity.staging.tms.radicaltravel.com/api/v1/identity/login/travcorp-gateway?return_url=/connect/authorize/callback?response_type=id_token%2520token&client_id=tms.corp.ttc&state=S0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV&redirect_uri=https%253A%252F%252Fidentity.staging.tms.radicaltravel.com&scope=openid%2520profile%2520offline_access%2520tour_management_system&nonce=S0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV
HTTP 302
https://adfs.travcorp.com/adfs/ls/?wtrealm=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com&wa=wsignin1.0&wreply=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com%2Fsignin-wsfed&wctx=CfDJ8AlPBs1kPtBAnQFEK3Nwzsfghc8KS8-0wosEi7fAXp2QmaCxtO6pmisJxbuermasP0qwDD87uWElzfk0-AheJibUzfEURNygga3HaUcC4uzD0CL3o9iA4TZay4BYzwAeW4OMZ1lO54MgCt7jsvVtRG0FV6loXJThVwUA6H02_0GfhuVGe0dqbWze9Ym3W3rIObmm7iR3U9wbRKAxv-KQM0MTRpix4_AKPVYasoNVgsjdD2kxMZBtClQsN6um0RI2lULfvlm2oQmTy1ogKXKejgdnpM5VOPqn4yc4T3L_oKrA9gjtzV3i9jOABtMd4WV9CbjOTvQpIdPN06DSWtA5NGBo9PWvJSDwSY4JnTyBuEGYpQNtk_jdylcqS9w8tg_3sV2wh6OaK4jOhDNio8kkNrNhDaIVEosSDQqTHKLumb5xN-Jqh2hQR5ZdWQNGezFlTTPRCwDMsiwkhSzj1LOOORayOXOpPdbsppl9EJrC4RRK5bzFbpIUGiq70eCirqlZ8IcwQeUqR_VbM-mRBuCu6wi1-kMTc8T1mbzDg52UZH3B0b-0JRMJWPbaFtKjLEPPB4tttGXFkMaJ1bTmDnyyGHXG3JGPs2v1zcoifgh1sxMm3vg7moIEwpDP_a_gG4oPJvhOc5f2fvo7vyQsVOPYn4dzmtmlcyeHt9pTTkn0C4Ucu7PylGxMCfRYKET6JJq_Gw Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://identity.staging.tms.radicaltravel.com/connect/authorize?response_type=id_token%20token&client_id=tms.corp.ttc&state=S0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV&redirect_uri=https%3A%2F%2Fidentity.staging.tms.radicaltravel.com&scope=openid%20profile%20offline_access%20tour_management_system&nonce=S0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV HTTP 302
- https://identity.staging.tms.radicaltravel.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token%2520token%26client_id%3Dtms.corp.ttc%26state%3DS0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV%26redirect_uri%3Dhttps%253A%252F%252Fidentity.staging.tms.radicaltravel.com%26scope%3Dopenid%2520profile%2520offline_access%2520tour_management_system%26nonce%3DS0tjNW0wY28xVkp-V0E2WTFCY1BkRUFCYWFiQkpBWVdhM25Sdk14Q09IcHdV
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
identity.staging.tms.radicaltravel.com/ |
1 KB 924 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 479 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 765 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.b83001a44be3a6acb151.css
identity.staging.tms.radicaltravel.com/ |
487 KB 95 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime-es2015.c9afb3256f2870e161de.js
identity.staging.tms.radicaltravel.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills-es2015.e99b4baf39601b1fa464.js
identity.staging.tms.radicaltravel.com/ |
36 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-es2015.f8b02b5e587d604a36a0.js
identity.staging.tms.radicaltravel.com/ |
1 MB 387 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-es2015.214ac63e08a914a0695e.js
identity.staging.tms.radicaltravel.com/ |
117 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
identity.staging.tms.radicaltravel.com/.well-known/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
identity.staging.tms.radicaltravel.com/.well-known/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jwks
identity.staging.tms.radicaltravel.com/.well-known/openid-configuration/ |
451 B 679 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jwks
identity.staging.tms.radicaltravel.com/.well-known/openid-configuration/ |
451 B 679 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login
identity.staging.tms.radicaltravel.com/Account/ Redirect Chain
|
1 KB 919 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
icon
fonts.googleapis.com/ |
574 B 438 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
6 KB 701 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.b83001a44be3a6acb151.css
identity.staging.tms.radicaltravel.com/ |
487 KB 95 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime-es2015.c9afb3256f2870e161de.js
identity.staging.tms.radicaltravel.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills-es2015.e99b4baf39601b1fa464.js
identity.staging.tms.radicaltravel.com/ |
36 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-es2015.f8b02b5e587d604a36a0.js
identity.staging.tms.radicaltravel.com/ |
1 MB 387 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-es2015.214ac63e08a914a0695e.js
identity.staging.tms.radicaltravel.com/ |
117 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
adfs.travcorp.com/adfs/ls/ Redirect Chain
|
16 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rtg-bab-logo.png
radical-travel-lambda.s3-us-west-2.amazonaws.com/brand-logos-icons/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v70/ |
96 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfs.travcorp.com/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.jpg
adfs.travcorp.com/adfs/portal/illustration/ |
184 KB 184 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adfs.travcorp.com
fonts.googleapis.com
fonts.gstatic.com
identity.staging.tms.radicaltravel.com
radical-travel-lambda.s3-us-west-2.amazonaws.com
185.61.209.16
205.189.38.31
2a00:1450:4001:80b::2003
2a00:1450:4001:819::200a
52.218.213.73
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
656193d4b997bf5bb8991f73be6ac35b4d41394b7b0c464af45ca4d54f499006
6b3c1812616170df66a99bbfe79e94e24b4ddffa7793a60e690626e9917ffad8
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
9ca74df1843123b32889206f39b8d0a44ba40c4e69bc1c9bc006ae33925a66e6
9debb160cd4ee67eb7124036a2bae3e6b1eb12dcb5cce0f7a9484b561cbea879
a30e933e54fbee9d586553157c3d6c3ad1f49f260063bdba108a2c4b9370585f
a50c533753be53dbaa8ceb25f733c95a2e1e20b6fc392e381f604d39d1f67477
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
d982fb0497398d68357886a489847be63b62ebbd1f2ed6311f6ad22f653a4168
f326dfbdd9269295264c3857ac083433ae240d74bd3fb47b4c56e7712b6e1270