urlscan.io logo urlscan.io
SecurityTrails logo

safeway.mxterms.com Open in urlscan Pro
184.72.254.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mrx.bz/swt
Effective URL: http://safeway.mxterms.com/tos
Submission: On April 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 184.72.254.200, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is safeway.mxterms.com.
This is the only time safeway.mxterms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.235.162.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-162-39.compute-1.amazonaws.com
mrx.bz
12    184.72.254.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-254-200.compute-1.amazonaws.com
safeway.mxterms.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
12 safeway.mxterms.com safeway.mxterms.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com safeway.mxterms.com
2 www.google-analytics.com safeway.mxterms.com
www.google-analytics.com
1 ajax.aspnetcdn.com safeway.mxterms.com
1 mrx.bz 1 redirects
22 6

This site contains links to these domains. Also see Links.

Domain
www.safeway.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://safeway.mxterms.com/tos
Frame ID: 6B0A2C0A7F0BD6B52243B7022D194A8E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mrx.bz/swt HTTP 302
    http://safeway.mxterms.com/tos Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

9 %
HTTPS

63 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

205 kB
Transfer

559 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mrx.bz/swt HTTP 302
    http://safeway.mxterms.com/tos Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tos
safeway.mxterms.com/
Redirect Chain
  • http://mrx.bz/swt
  • http://safeway.mxterms.com/tos
38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
391fbcbce07b18a57e7ea85197b9dbaeae2376abb858447a5249e81f7d9e003a

Request headers

Host
safeway.mxterms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
public, max-age=86400
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Apr 2021 17:58:13 GMT
Etag
"1619543374-1"
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified
Tue, 27 Apr 2021 17:09:34 GMT
Link
</node/113>; rel="shortlink",</tos>; rel="canonical"
Server
Apache/2.4.7 (Ubuntu)
Vary
Cookie,Accept-Encoding
X-Drupal-Cache
HIT
X-Generator
Drupal 7 (http://drupal.org)
X-UA-Compatible
IE=Edge,chrome=1
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Date
Tue, 27 Apr 2021 17:50:32 GMT
Location
http://safeway.mxterms.com/tos
Server
Apache
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
0
Connection
keep-alive
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Source+Sans+Pro:200
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5200089db48c5f03f15510c1a9d7db8e8ccdd55025f6e69bc840aa0f3ebb56db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://safeway.mxterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:56:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Apr 2021 17:56:45 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 27 Apr 2021 17:56:45 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Source+Sans+Pro:400italic,700italic,400,700
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b1f6f57fa90615120215c72bc65971557b3f4ec8040238385a3c8b16d98d455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://safeway.mxterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:56:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Apr 2021 17:56:45 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 27 Apr 2021 17:56:45 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Source+Serif+Pro:400italic,700italic,400,700
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
decd979807423f24b84995d1eedccac30152dba9671d32bdc83e5529c2a3be33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://safeway.mxterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:56:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Apr 2021 17:56:45 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 27 Apr 2021 17:56:45 GMT
css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
safeway.mxterms.com/sites/default/files/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:42:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"bc0-5bf6218a741f3-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1046
css_WCEvSh72SBnoNW0EX2SrqpO_UHfhSfkWIj7ykMcEHi4.css
safeway.mxterms.com/sites/default/files/css/ 		127 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/css/css_WCEvSh72SBnoNW0EX2SrqpO_UHfhSfkWIj7ykMcEHi4.css
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
58212f4a1ef64819e8356d045f64abaa93bf5077e149f916223ef290c7041e2e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:42:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1faa7-5bf6218a770d3-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21399
css_RaDFPDaubY_17ucIbxjuQqC2vMWaaJBaCZpZs8z8TCs.css
safeway.mxterms.com/sites/default/files/css/ 		920 B
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/css/css_RaDFPDaubY_17ucIbxjuQqC2vMWaaJBaCZpZs8z8TCs.css
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
45a0c53c36ae6d8ff5eee7086f18ee42a0b6bcc59a68905a099a59b3ccfc4c2b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:41:55 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"398-5bf62181e7a53-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
357
css_bBosK3hW1HV4p5t8mVbtNScUYr5_dQC2RBW4yCOPBYY.css
safeway.mxterms.com/sites/default/files/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/css/css_bBosK3hW1HV4p5t8mVbtNScUYr5_dQC2RBW4yCOPBYY.css
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
6c1a2c2b7856d47578a79b7c9956ed35271462be7f7500b64415b8c8238f0586

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:42:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1571-5bf6218a7ce93-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1573
css_CwomakdLYZov__oz7VAQJn-Z4WghnsYo5wvC1w0lq2Y.css
safeway.mxterms.com/sites/default/files/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/css/css_CwomakdLYZov__oz7VAQJn-Z4WghnsYo5wvC1w0lq2Y.css
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
0b0a266a474b619a2ffffa33ed5010267f99e168219ec628e70bc2d70d25ab66

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:46:57 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"e22d-5bf622a1af853-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10956
jquery-2.1.4.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.4.min.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C33) /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://safeway.mxterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:56:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
31432155
X-Cache
HIT
Content-Length
29619
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 31 Oct 2016 23:11:05 GMT
Server
ECAcc (mil/6C33)
Etag
"808a18ecc33d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js
safeway.mxterms.com/sites/default/files/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/js/js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
bd29a1a71fd3f804a1cadfd6316e7f4dcc30c493f58a6a1539af23bf02ff9b11

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:41:55 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"5a9d-5bf62181ec873-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7780
js_f5FMvh1krGCzBZwLpJb9Xjy7hr-ROXbk4CMAJ1WdNT0.js
safeway.mxterms.com/sites/default/files/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/js/js_f5FMvh1krGCzBZwLpJb9Xjy7hr-ROXbk4CMAJ1WdNT0.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
7f914cbe1d64ac60b3059c0ba496fd5e3cbb86bf913976e4e0230027559d353d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:41:55 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"f6e-5bf62181ef753-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1385
js_sXZP2z5sgLI5yiIqHgszgP-LfmOt9uFQdKK_uXaHsYE.js
safeway.mxterms.com/sites/default/files/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/js/js_sXZP2z5sgLI5yiIqHgszgP-LfmOt9uFQdKK_uXaHsYE.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
b1764fdb3e6c80b239ca222a1e0b3380ff8b7e63adf6e15074a2bfb97687b181

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:42:06 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"60b1-5bf6218bcdd33-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8254
js_bp0aKd9saq3YkOEJsfCWp_5-8Va3RQ3fj_C1e6QAqdA.js
safeway.mxterms.com/sites/default/files/js/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/js/js_bp0aKd9saq3YkOEJsfCWp_5-8Va3RQ3fj_C1e6QAqdA.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
6e9d1a29df6c6aadd890e109b1f096a7fe7ef156b7450ddf8ff0b57ba400a9d0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safeway.mxterms.com/tos
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:42:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"d5d1-5bf6218a83bf3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14811
mx_pharmacy_logo.png
safeway.mxterms.com/sites/default/files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://safeway.mxterms.com/sites/default/files/mx_pharmacy_logo.png
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
077a3c9a93b3466baf1e47e547edafa1e0554e145249656c992d1f96dd173e1b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://safeway.mxterms.com/tos
Cookie
has_js=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Last-Modified
Fri, 03 Mar 2004 06:32:31 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4776
Content-Type
image/png
js_MRdvkC2u4oGsp5wVxBG1pGV5NrCPW3mssHxIn6G9tGE.js
safeway.mxterms.com/sites/default/files/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://safeway.mxterms.com/sites/default/files/js/js_MRdvkC2u4oGsp5wVxBG1pGV5NrCPW3mssHxIn6G9tGE.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
HTTP/1.1
Server
184.72.254.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-254-200.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
31176f902daee281aca79c15c411b5a4657936b08f5b79acb07c489fa1bdb461

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
safeway.mxterms.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://safeway.mxterms.com/tos
Cookie
has_js=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://safeway.mxterms.com/tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 17:58:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Apr 2021 13:42:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"26bd-5bf6218a722b3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2725
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: safeway.mxterms.com
URL: http://safeway.mxterms.com/tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://safeway.mxterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2043
date
Tue, 27 Apr 2021 17:22:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 27 Apr 2021 19:22:42 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400italic,700italic,400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://safeway.mxterms.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 00:01:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:10:09 GMT
Server
sffe
Age
64511
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16112
X-XSS-Protection
0
Expires
Wed, 27 Apr 2022 00:01:34 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400italic,700italic,400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://safeway.mxterms.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Apr 2021 05:44:16 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:10:35 GMT
Server
sffe
Age
216749
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15280
X-XSS-Protection
0
Expires
Mon, 25 Apr 2022 05:44:16 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400italic,700italic,400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://safeway.mxterms.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 21:36:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:10:17 GMT
Server
sffe
Age
418793
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15764
X-XSS-Protection
0
Expires
Fri, 22 Apr 2022 21:36:52 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:200
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c8180d1998460b559dee08da2ff6e3acf7a093090cc30bd43d8446006cfac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://safeway.mxterms.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 21:17:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:09:45 GMT
Server
sffe
Age
592727
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15824
X-XSS-Protection
0
Expires
Wed, 20 Apr 2022 21:17:58 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=969110369&t=pageview&_s=1&dl=http%3A%2F%2Fsafeway.mxterms.com%2Ftos&ul=en-us&de=UTF-8&dt=Terms%20of%20Service%20%7C%20Safeway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1968378436&gjid=336330161&cid=1869047107.1619546206&tid=UA-84274809-11&_gid=1718564866.1619546206&_r=1&_slc=1&z=1227675915
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://safeway.mxterms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 17:56:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://safeway.mxterms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery object| Drupal function| _ string| GoogleAnalyticsObject function| ga boolean| carbide_editor string| carbide_ajaxurl string| carbide_lang string| carbide_baseurl string| recaptcha_publickey object| classie function| MLMenu number| glazedNavBreakpoint number| glazedWindowWidth object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.mxterms.com/ Name: _gat
Value: 1
.mxterms.com/ Name: _ga
Value: GA1.2.1869047107.1619546206
.mxterms.com/ Name: _gid
Value: GA1.2.1718564866.1619546206
safeway.mxterms.com/ Name: has_js
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
fonts.googleapis.com
fonts.gstatic.com
mrx.bz
safeway.mxterms.com
www.google-analytics.com
152.199.19.160
184.72.254.200
2a00:1450:4001:803::200a
2a00:1450:4001:809::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
54.235.162.39
077a3c9a93b3466baf1e47e547edafa1e0554e145249656c992d1f96dd173e1b
0b0a266a474b619a2ffffa33ed5010267f99e168219ec628e70bc2d70d25ab66
0b1f6f57fa90615120215c72bc65971557b3f4ec8040238385a3c8b16d98d455
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31176f902daee281aca79c15c411b5a4657936b08f5b79acb07c489fa1bdb461
391fbcbce07b18a57e7ea85197b9dbaeae2376abb858447a5249e81f7d9e003a
45a0c53c36ae6d8ff5eee7086f18ee42a0b6bcc59a68905a099a59b3ccfc4c2b
5200089db48c5f03f15510c1a9d7db8e8ccdd55025f6e69bc840aa0f3ebb56db
58212f4a1ef64819e8356d045f64abaa93bf5077e149f916223ef290c7041e2e
6c1a2c2b7856d47578a79b7c9956ed35271462be7f7500b64415b8c8238f0586
6e9d1a29df6c6aadd890e109b1f096a7fe7ef156b7450ddf8ff0b57ba400a9d0
73c8180d1998460b559dee08da2ff6e3acf7a093090cc30bd43d8446006cfac6
7f914cbe1d64ac60b3059c0ba496fd5e3cbb86bf913976e4e0230027559d353d
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b1764fdb3e6c80b239ca222a1e0b3380ff8b7e63adf6e15074a2bfb97687b181
bd29a1a71fd3f804a1cadfd6316e7f4dcc30c493f58a6a1539af23bf02ff9b11
decd979807423f24b84995d1eedccac30152dba9671d32bdc83e5529c2a3be33