login.microsoftonline.com
Open in
urlscan Pro
20.190.151.131
Public Scan
Submitted URL: https://qudos.vantagecircle.com/ng/rewards
Effective URL: https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2BoBEbYBN0YRA0lrxE4PvRQ...
Submission: On May 30 via manual from IN — Scanned from DE
Effective URL: https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2BoBEbYBN0YRA0lrxE4PvRQ...
Submission: On May 30 via manual from IN — Scanned from DE
Summary
This website contacted 18 IPs
in 5 countries
across 14 domains to perform 57 HTTP transactions.
The main IP is 20.190.151.131, located in
Tappahannock, United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 17.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 22nd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 22nd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
2a00:1450:4001:830::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
2a00:1450:4001:827::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com | |
| ampcid.google.com |
1
18.66.97.10
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
| static.hotjar.com |
1
52.222.236.43
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net
| script.hotjar.com |
2
185.48.120.161
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-185-48-120-161.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-185-48-120-161.eu-west-1.compute.amazonaws.com
| in.hotjar.com |
1
52.210.186.235
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-186-235.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-186-235.eu-west-1.compute.amazonaws.com
| content.hotjar.io |
2
20.190.151.131
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
1
20.190.151.70
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.live.com |
2
2606:2800:233:3d10:442f:fac8:6d32:4c87
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msauthimages.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
vantagecircle.com
2 redirects
qudos.vantagecircle.com |
2 MB |
| 6 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1214 |
218 KB |
| 4 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 633 script.hotjar.com — Cisco Umbrella Rank: 793 in.hotjar.com — Cisco Umbrella Rank: 5511 |
75 KB |
| 3 |
google.de
www.google.de — Cisco Umbrella Rank: 6080 ampcid.google.de — Cisco Umbrella Rank: 61764 |
888 B |
| 3 |
google.com
ampcid.google.com — Cisco Umbrella Rank: 2221 region1.analytics.google.com — Cisco Umbrella Rank: 3686 www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
| 2 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3835 |
184 KB |
| 2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 17 |
109 KB |
| 2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76 |
410 B |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30 |
21 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
173 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 92 |
|
| 1 |
hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6022 |
161 B |
| 1 |
gstatic.com
fonts.gstatic.com |
11 KB |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 57 | 14 |
| Domain | Requested by | |
|---|---|---|
| 28 | qudos.vantagecircle.com |
2 redirects
qudos.vantagecircle.com
|
| 6 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
| 2 | aadcdn.msauthimages.net | |
| 2 | login.microsoftonline.com |
qudos.vantagecircle.com
login.microsoftonline.com |
| 2 | in.hotjar.com |
script.hotjar.com
qudos.vantagecircle.com |
| 2 | www.google.de |
qudos.vantagecircle.com
|
| 2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | www.googletagmanager.com |
qudos.vantagecircle.com
www.googletagmanager.com |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | content.hotjar.io |
script.hotjar.com
|
| 1 | www.google.com |
qudos.vantagecircle.com
|
| 1 | ampcid.google.de |
www.google-analytics.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | region1.analytics.google.com |
www.googletagmanager.com
|
| 1 | ampcid.google.com |
www.google-analytics.com
|
| 1 | static.hotjar.com |
www.googletagmanager.com
|
| 1 | fonts.gstatic.com |
qudos.vantagecircle.com
|
| 0 | truncated Failed |
qudos.vantagecircle.com
|
| 57 | 19 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.vantagecircle.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-23 - 2024-04-22 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| *.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
| *.hotjar.io Amazon ECDSA 256 M02 |
2023-03-02 - 2024-03-30 |
a year | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-05-22 - 2024-05-22 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-04-28 - 2024-04-28 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2023-04-05 - 2024-04-05 |
a year | crt.sh |
| aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2023-03-08 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2BoBEbYBN0YRA0lrxE4PvRQUubYJUKTCpdL270tLCZpeXPBAYHZnZnewSxS9GfhmDBf7BC8jYEh%2B9cYinworMnrLnUCN3IoekAfJD5vHB14sMj54F5x0hnyg3GYIRPBBO0uS3XZFfsiuzpmAqoKmPSnR5aLLspLV1Sm%2BMpcNNJLlIBtGkm%2FgMTJXJApFOuIIO4tB2BChrGA0qyjLjlnNy5oX7XeSbOM22oowsS4hDMjT1LiztoteS%2B%2FQnYKzRltYSNendQdV11QllZ0qaMlaRlslC6qarMoUq5is2%2FS6Y0GSzfsid87i2IM%2FgH%2FVEp6fHv5avYzK4eI1TijOILWXZjZC3Q8Grkpp79QY0eEyTMopzn9BhcQJnTRoHlMhyf4t70%2FaKm3Pt6Pu5ibk98fjnu6%2FHo5kvbxq8yk6v%2F7PlMv0Y%2FNyvpMv0Wa33Tuj5e%2Fks%2FO9CLenuCJa0dPUyoMXFjXYEAM0xv288yACrEjwI5B0PVv%2Be43rPw%3D%3D&RelayState=https%3A%2F%2Fqudos.vantagecircle.com%2Fsso%2Fadfs&sso_reload=true
Frame ID: EC2A337E2E882BE03C6A91627D24245F
Requests: 58 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
- https://qudos.vantagecircle.com/ng/rewards Page URL
-
https://qudos.vantagecircle.com/site/logout
HTTP 302
https://qudos.vantagecircle.com/sso/adfs HTTP 302
https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2Bo... Page URL
- https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2Bo... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies
Title: Datenschutz & Cookies
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://qudos.vantagecircle.com/ng/rewards Page URL
-
https://qudos.vantagecircle.com/site/logout
HTTP 302
https://qudos.vantagecircle.com/sso/adfs HTTP 302
https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2BoBEbYBN0YRA0lrxE4PvRQUubYJUKTCpdL270tLCZpeXPBAYHZnZnewSxS9GfhmDBf7BC8jYEh%2B9cYinworMnrLnUCN3IoekAfJD5vHB14sMj54F5x0hnyg3GYIRPBBO0uS3XZFfsiuzpmAqoKmPSnR5aLLspLV1Sm%2BMpcNNJLlIBtGkm%2FgMTJXJApFOuIIO4tB2BChrGA0qyjLjlnNy5oX7XeSbOM22oowsS4hDMjT1LiztoteS%2B%2FQnYKzRltYSNendQdV11QllZ0qaMlaRlslC6qarMoUq5is2%2FS6Y0GSzfsid87i2IM%2FgH%2FVEp6fHv5avYzK4eI1TijOILWXZjZC3Q8Grkpp79QY0eEyTMopzn9BhcQJnTRoHlMhyf4t70%2FaKm3Pt6Pu5ibk98fjnu6%2FHo5kvbxq8yk6v%2F7PlMv0Y%2FNyvpMv0Wa33Tuj5e%2Fks%2FO9CLenuCJa0dPUyoMXFjXYEAM0xv288yACrEjwI5B0PVv%2Be43rPw%3D%3D&RelayState=https%3A%2F%2Fqudos.vantagecircle.com%2Fsso%2Fadfs Page URL
- https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2BoBEbYBN0YRA0lrxE4PvRQUubYJUKTCpdL270tLCZpeXPBAYHZnZnewSxS9GfhmDBf7BC8jYEh%2B9cYinworMnrLnUCN3IoekAfJD5vHB14sMj54F5x0hnyg3GYIRPBBO0uS3XZFfsiuzpmAqoKmPSnR5aLLspLV1Sm%2BMpcNNJLlIBtGkm%2FgMTJXJApFOuIIO4tB2BChrGA0qyjLjlnNy5oX7XeSbOM22oowsS4hDMjT1LiztoteS%2B%2FQnYKzRltYSNendQdV11QllZ0qaMlaRlslC6qarMoUq5is2%2FS6Y0GSzfsid87i2IM%2FgH%2FVEp6fHv5avYzK4eI1TijOILWXZjZC3Q8Grkpp79QY0eEyTMopzn9BhcQJnTRoHlMhyf4t70%2FaKm3Pt6Pu5ibk98fjnu6%2FHo5kvbxq8yk6v%2F7PlMv0Y%2FNyvpMv0Wa33Tuj5e%2Fks%2FO9CLenuCJa0dPUyoMXFjXYEAM0xv288yACrEjwI5B0PVv%2Be43rPw%3D%3D&RelayState=https%3A%2F%2Fqudos.vantagecircle.com%2Fsso%2Fadfs&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 44- https://qudos.vantagecircle.com/site/logout HTTP 302
- https://qudos.vantagecircle.com/sso/adfs HTTP 302
- https://login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/saml2?SAMLRequest=hVLLbtswEPwVgXdaD%2BoBEbYBN0YRA0lrxE4PvRQUubYJUKTCpdL270tLCZpeXPBAYHZnZnewSxS9GfhmDBf7BC8jYEh%2B9cYinworMnrLnUCN3IoekAfJD5vHB14sMj54F5x0hnyg3GYIRPBBO0uS3XZFfsiuzpmAqoKmPSnR5aLLspLV1Sm%2BMpcNNJLlIBtGkm%2FgMTJXJApFOuIIO4tB2BChrGA0qyjLjlnNy5oX7XeSbOM22oowsS4hDMjT1LiztoteS%2B%2FQnYKzRltYSNendQdV11QllZ0qaMlaRlslC6qarMoUq5is2%2FS6Y0GSzfsid87i2IM%2FgH%2FVEp6fHv5avYzK4eI1TijOILWXZjZC3Q8Grkpp79QY0eEyTMopzn9BhcQJnTRoHlMhyf4t70%2FaKm3Pt6Pu5ibk98fjnu6%2FHo5kvbxq8yk6v%2F7PlMv0Y%2FNyvpMv0Wa33Tuj5e%2Fks%2FO9CLenuCJa0dPUyoMXFjXYEAM0xv288yACrEjwI5B0PVv%2Be43rPw%3D%3D&RelayState=https%3A%2F%2Fqudos.vantagecircle.com%2Fsso%2Fadfs
57 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
rewards
qudos.vantagecircle.com/ng/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.slim.min.js
qudos.vantagecircle.com/ng/assets/libraries/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.bundle.min.js
qudos.vantagecircle.com/ng/assets/libraries/bootstrap-4.6.0-dist/js/ |
82 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
qudos.vantagecircle.com/ng/assets/libraries/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.0af5a9a0cee95575.js
qudos.vantagecircle.com/ng/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfills.007f8a88a693e180.js
qudos.vantagecircle.com/ng/ |
46 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select2-min-js.3a7fcbd47f916fa2.js
qudos.vantagecircle.com/ng/ |
73 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.ce2e069cc540b81d.js
qudos.vantagecircle.com/ng/ |
3 MB 860 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
qudos.vantagecircle.com/ng/assets/font-packs/font-pack-final-2019/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vfit-icons.css
qudos.vantagecircle.com/ng/assets/font-packs/vfit-icons/ |
2 KB 672 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
qudos.vantagecircle.com/ng/assets/font-packs/fontawesome-free/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
qudos.vantagecircle.com/ng/assets/libraries/bootstrap-4.6.0-dist/css/ |
158 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
366 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.8931966318beb682.css
qudos.vantagecircle.com/ng/ |
204 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select2-min-css.1d3ae197acacbe04.css
qudos.vantagecircle.com/ng/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-2526403.js
static.hotjar.com/c/ |
77 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
233 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.fee08111252915d9fd11.js
script.hotjar.com/ |
265 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 373 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/2526403/ |
148 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 214 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
content.hotjar.io/ |
56 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
truncated
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1083.f7f14697ee11d6be.js
qudos.vantagecircle.com/ng/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8014.afde06661ba25e58.js
qudos.vantagecircle.com/ng/ |
93 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9508.05e701e07555e8dc.js
qudos.vantagecircle.com/ng/ |
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4546.ff1adcac232ed15d.js
qudos.vantagecircle.com/ng/ |
135 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2699.1ec652ec43e2b5c8.js
qudos.vantagecircle.com/ng/ |
94 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3513.e16aca6f23d80595.js
qudos.vantagecircle.com/ng/ |
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9436.ff69ee1b59e218bd.js
qudos.vantagecircle.com/ng/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8173.73c209382696f54d.js
qudos.vantagecircle.com/ng/ |
1 MB 363 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5454.9b8ff844b73cd74d.js
qudos.vantagecircle.com/ng/ |
41 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4219.3825506f21ab994b.js
qudos.vantagecircle.com/ng/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.898a86d97feec887.js
qudos.vantagecircle.com/ng/ |
58 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2401.114a8ff5716b6282.js
qudos.vantagecircle.com/ng/ |
176 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saml2
login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/ Redirect Chain
|
154 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/2526403/ |
148 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
region1.analytics.google.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
region1.analytics.google.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/6be5b754-cbd2-4393-9dc2-d7050d353c69/ |
203 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
409 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-de.min_j4scmmnyfwcxptcac6gudg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 16 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msauthimages.net/dbd5a2dd-tubprvu-jt4cr0cexz2jkhqnqqraubygqddsjki2xmw/logintenantbranding/0/ |
179 KB 179 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-tubprvu-jt4cr0cexz2jkhqnqqraubygqddsjki2xmw/logintenantbranding/0/ |
5 KB 5 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 964 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- truncated
- URL
- data:truncated
- Domain
- region1.analytics.google.com
- URL
- https://region1.analytics.google.com/g/collect?v=2&tid=G-LLCFDEYLYN>m=45je35o0&_p=966924944&cid=437956670.1685429188&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1685429188&sct=1&seg=0&dl=https%3A%2F%2Fqudos.vantagecircle.com%2Fng%2Frewards&dt=Vantage%20Circle&en=scroll&epn.percent_scrolled=90&_et=6
- Domain
- region1.analytics.google.com
- URL
- https://region1.analytics.google.com/g/collect?v=2&tid=G-LLCFDEYLYN>m=45je35o0&_p=966924944&cid=437956670.1685429188&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1685429188&sct=1&seg=0&dl=https%3A%2F%2Fqudos.vantagecircle.com%2Fng%2F&dt=Vantage%20Circle&en=user_engagement&_et=2421
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283 boolean| __convergedlogin_pstringcustomizationhelper_9877123961886facadfe23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .vantagecircle.com/ | Name: _gcl_au Value: 1.1.1973986923.1685429188 |
|
| .vantagecircle.com/ | Name: _hjSessionUser_2526403 Value: eyJpZCI6ImIzYzQ0MmFmLTVlMDctNTE4YS05ZTJiLTAwNzU0YzViNjg3OCIsImNyZWF0ZWQiOjE2ODU0MjkxODgxMjgsImV4aXN0aW5nIjpmYWxzZX0= |
|
| .vantagecircle.com/ | Name: _hjFirstSeen Value: 1 |
|
| .vantagecircle.com/ | Name: _hjIncludedInSessionSample_2526403 Value: 1 |
|
| .vantagecircle.com/ | Name: _hjSession_2526403 Value: eyJpZCI6IjRhMjI2ZTkyLWUzYzEtNDc5NC04MjliLTc0ZmRlYzY2YWNkMSIsImNyZWF0ZWQiOjE2ODU0MjkxODgxMzQsImluU2FtcGxlIjp0cnVlfQ== |
|
| .vantagecircle.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
| .vantagecircle.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
| .vantagecircle.com/ | Name: _ga Value: GA1.2.437956670.1685429188 |
|
| .vantagecircle.com/ | Name: _gid Value: GA1.2.342100059.1685429188 |
|
| .vantagecircle.com/ | Name: _gat_UA-47126287-1 Value: 1 |
|
| .vantagecircle.com/ | Name: Vantagecircle Value: vn4t8t70ol0dfh17abebr6rg79 |
|
| .vantagecircle.com/ | Name: vantagecirclessoSessionID Value: e0e4b7c0683dd1ea3a2a70ebb2273e1f |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .vantagecircle.com/ | Name: _ga_LLCFDEYLYN Value: GS1.1.1685429188.1.0.1685429190.58.0.0 |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AVsAVLfla9LLk0OdwtcFDTU8aXYSnHXLs4hLkmxR1ewhR7dbAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrSe0NDaNqny2dfyx_DP4CE5YpYavkrig9arXJvomQ5-ndGKoCUSk9vM5aRNgtLpKu2TZ6MlXk7x1H5P13Y6Xl1-FRNxW4SsliMn_vI6jXTiogAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrI4vbgmKk5wfwX0jnQU8IS87L6_RCLdMFCrCnN6hNMkQj31ULare0oec-ScOKEp1fMczEAmL0KyOFT1ZUCB0I-Ganqsag-VZbP2TR41BTHMrutU19xZ-uWCGIpgE4uj1G6idYrEX1-PXyEMbX9_pkfeYDTeTEEjHPQdJyF0UDfFd002b6eryn57qr0LVp5g-gtf4MXleJ02DdWAvYbNkeCApBemNlentDiBRnf2xFZZggAA |
|
| login.microsoftonline.com/ | Name: fpc Value: AocEWz74_hNLpEMgFOI3lqidbIBgAQAAAMaSB9wOAAAA |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: 2bc13b4ea6c74fb59d2368bc2ec395d9 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1685429191&co=1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src * http: https: 'unsafe-inline' 'unsafe-eval' ; img-src * 'self' blob: data: https:; |
| Strict-Transport-Security | max-age=63072000; includeSubdomains; |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
ampcid.google.com
ampcid.google.de
content.hotjar.io
fonts.gstatic.com
in.hotjar.com
login.live.com
login.microsoftonline.com
qudos.vantagecircle.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
truncated
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
region1.analytics.google.com
truncated
139.59.51.246
18.66.97.10
185.48.120.161
20.190.151.131
20.190.151.70
2001:4860:4802:32::36
2606:2800:233:3d10:442f:fac8:6d32:4c87
2620:1ec:4e:1::69
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c0d::9c
52.210.186.235
52.222.236.43
04d0c937a28647481e7bfdff1d1c9d1c14ff6be819301600bc83d0ab4a0feb7d
0d1964a04736c6ba824ffce4beae080c9668a3e77eecc4d3c89d51c2c74b8364
0e87c2024b99e1948be734ff0d0a2367c1485885932651131b6f1fa532b94351
174b35b592e6a4baeb40f3b6d06c9690b95dd6d264d1dc6ec6049f675094cd57
1db5caef6d39380d09c9126ce506a43dc68c975c4f47491a37c01e1f1e683052
29bbe52b606079ca0191018d8f30c3f110934efcc71c3d83857b939cdb365184
2b6340ee1a70477db53d71610221954e324513d03ee2a04a1c404181c0963690
38398e47a7e97344814a99c915fc84b9064e1f9e2bba5dda24f5b489a68c0932
3b89a9783d7afc41f529c819ccbc00b7b70f6da014e65b00b1e502cc563cc849
3c2fb11dffb8ac933c99e625517e4421d72aecaff38724f6bbd172f2088828b8
4225bd8e1b274953dbaa5a8adfea4092695461109b2ec791281c5d5fefcb4216
4b0ef913de7f495e95dcd8f7efcc16657d5cb7be4c2e3cfe31018c213b51645d
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
68001d9437670a171af68205e4b130b72ef4aa121b3167209f233aaf74bfd85d
6ea27838581268805c9153bad3d0e98eae968cff0d4547770822e9c351b15f72
76afce8803465ab080bcb167b298add695cdc84a6ed685d7b6ab23184c05e57e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f491583edbf931b88f643d5cbd932beb8e26d955719567575e2e98b740db26
86cdcdd6f66d29cb7966b858c4dcfb9cc2aa9772963e91a7ed0f3df55be8a002
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9685dc7bcb7e5bc40f0b08284ac1bbe65c0337b5d495f8fc7f2519099786ca00
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b8b41b1b4d8e7eb19c361d862c7274fcf2ee695872f4ad8aa89ac4902692be7
a5c8acffadd7a1ff83b2b39dc2f3a549b537ef0d46ab028c45020b98fdbadf29
aa4fc250b69cf84b3ee0166bb1dc741f85d8e5e62933826ad5219705a1a747f1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b52decccecb8f993977580d4dc13b92831339b2cf80679a4ddadafc7b6fa559c
bc4abf3e976226e6d182e4f6a41eca988e84bf0aff27ec3aa2bbe9bf0b5aa439
c0d88411db6b2f8c016d8fa8255815a93fd3cf9201183828949bf495e31aef38
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d105df41fc2ac5fc8959647605e62c36916128452667ed3dd94328a4f8cf494f
da8acf6dca2c629cda10215e7b05fb973f5af04ede910397a8be2f5707cd940d
e12dc8e08cf2e7ab3ce8fb86abe80235f798029ecc1a36b9a7b5697e6a391923
e1d8c1e1fc094c1e3a4d4246020b6ac023aa81d87bf8ad747646f3002c81b193
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eac35dd99dd76df29299de53ae1d964e933e6c9e5fa95ae6dc1cf9274d59fd82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fc81433847049696f6bb018fb926773e2826d6899b09c073eb016c313f8d28
f18b2ad1468e25aa6c3b63b5f377e43bfef8101df5d93273bc3f09ddaa9005fc
f5f36e6a359088c4bb46e7c0df6d8eeff467a689143cdd6219210c37aa1478b6
f6be311b5e7688d60dcb0fa4e55d13f2d0f0863d02692dfd57250036dbaf833d
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fffd08cd46c697947f2fbb05772838d89ee3f7c803f1243512175937e936ba85