urlscan.io logo urlscan.io
SecurityTrails logo

qa2-login.connectedfleet.michelin.com Open in urlscan Pro
20.101.240.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qa2-myaccount.connectedfleet.michelin.com/
Effective URL: https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://...
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 32 HTTP transactions. The main IP is 20.101.240.28, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is qa2-login.connectedfleet.michelin.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 13th 2023. Valid for: a year.
This is the only time qa2-login.connectedfleet.michelin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.245.46.14 16509 (AMAZON-02)
1 27 20.101.240.28 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
32 4
Apex Domain
Subdomains		 Transfer
28 michelin.com
qa2-myaccount.connectedfleet.michelin.com
qa2-login.connectedfleet.michelin.com
2 MB
3 gstatic.com
fonts.gstatic.com
192 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
32 3
Domain Requested by
27 qa2-login.connectedfleet.michelin.com 1 redirects qa2-login.connectedfleet.michelin.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com qa2-login.connectedfleet.michelin.com
1 qa2-myaccount.connectedfleet.michelin.com 1 redirects
32 4

This site contains links to these domains. Also see Links.

Domain
www.masternaut.com
connectedfleet.michelin.com
Subject Issuer Validity Valid
qa2-login.connectedfleet.michelin.com
GeoTrust TLS RSA CA G1		 2023-09-13 -
2024-10-02		 a year crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
Frame ID: F45BE183461C53DFC73CF6239FA7F39C
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Michelin Connected Fleet account

Page URL History Show full URLs

  1. https://qa2-myaccount.connectedfleet.michelin.com/ HTTP 307
    https://qa2-login.connectedfleet.michelin.com/api/login?client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&re... HTTP 302
    https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&r... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

1958 kB
Transfer

5315 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qa2-myaccount.connectedfleet.michelin.com/ HTTP 307
    https://qa2-login.connectedfleet.michelin.com/api/login?client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback&customer= HTTP 302
    https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qa2-login.connectedfleet.michelin.com/
Redirect Chain
  • https://qa2-myaccount.connectedfleet.michelin.com/
  • https://qa2-login.connectedfleet.michelin.com/api/login?client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback...
  • https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a4cd6cf1370142f52bd6eecb729b82021db607861030b892cb5a9be6a12a915
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=28800, must-revalidate, private
content-language
de-DE
content-length
1164
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
content-type
text/html
date
Wed, 28 Aug 2024 19:24:41 GMT
last-modified
Thu, 18 Jul 2024 13:22:59 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
date
Wed, 28 Aug 2024 19:24:41 GMT
expires
0
location
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,500,600,700%7CMaterial+Icons
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef72fece5fba80ff5c6896514a40c143d8f209f36390b68cec1e3bf2a4876085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 19:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 19:24:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 19:24:41 GMT
css2
fonts.googleapis.com/ 		2 KB
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84d8386c2ef8737f099f68ba179a704a2c7199c594f8046b0a34d2c316a74c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 19:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 18:38:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 19:24:41 GMT
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f6916794cf64334dcb936ddcf567fa1a5ebf16f0eba42c757fb55cce3a82b43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 19:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 18:39:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 19:24:41 GMT
index.a2accd89.js
qa2-login.connectedfleet.michelin.com/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff1a31ab85b840d029f06a13e0bba32a79f78bd41945804b7fd76ce638abfd28
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
8146
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
865.3ba08f54.js
qa2-login.connectedfleet.michelin.com/js/ 		662 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/865.3ba08f54.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7205c902fdaa149e86e43b98d8d96d4f7f9c6aba37e2e8b8fb3018e82365d0ad
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
245.ac6ba797.js
qa2-login.connectedfleet.michelin.com/js/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/245.ac6ba797.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
943f989a813e03a74cd6b1a6c6333ecde579c2372c558b0ce55f91faac424cde
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
10117
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
497.95a221af.js
qa2-login.connectedfleet.michelin.com/js/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/497.95a221af.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
751aa08c31461c01e403f1ee3d5e70bc746baf86b0b602dbc188de16bbf65934
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
934.546c5cd6.js
qa2-login.connectedfleet.michelin.com/js/ 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/934.546c5cd6.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c24e178f816982da5a36a827dd05178f3b5614d4a7898b20feb667f9f707531
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
626.487a0ac6.js
qa2-login.connectedfleet.michelin.com/js/ 		2 MB
748 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/626.487a0ac6.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fd89ed58be48dcd45eaa41f52b5f02621e394818de880b4e561355b489e2da8
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
356.b298caed.js
qa2-login.connectedfleet.michelin.com/js/ 		569 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/356.b298caed.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
569c0326307394b2cab5cd453766329460a798618d82e468473b15acbe1b5738
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
569
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
904.4b413e6c.js
qa2-login.connectedfleet.michelin.com/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/904.4b413e6c.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6413bec8c951ab5cbb8d2adee1a5406e61579bd6147f8d6ae548ea6bb101de8f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
3931
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
967.7e73a9fb.js
qa2-login.connectedfleet.michelin.com/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/967.7e73a9fb.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74852375d85e209f6b848b946f30f7f4b25543d3eedfbd47ff9eb30114d6c303
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
4242
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
820.6fb9df1b.js
qa2-login.connectedfleet.michelin.com/js/ 		365 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/820.6fb9df1b.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
791006099eeb9dbdcb804b2b9f56e079ac4e4df65b76a0b7623d1f9caad4d04f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
669.ebe69170.js
qa2-login.connectedfleet.michelin.com/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/669.ebe69170.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9d68892293afe4d8ea9b91ae4e0ea9f078ecd25015a9475bcaf79698fd6917d
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
345.1bd3428a.js
qa2-login.connectedfleet.michelin.com/js/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/345.1bd3428a.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be51f89a55089402fcb99f0ee633a03eae44308bff6d5e3a949ee32bbd4266ad
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
954.19f6795e.js
qa2-login.connectedfleet.michelin.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/954.19f6795e.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9e1efbcc4aeb699778428f4fb6e98b188d65457e22a64e99a670e8c3ff367cf
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
269.70c62d48.js
qa2-login.connectedfleet.michelin.com/js/ 		660 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/269.70c62d48.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0112ba456ba7adab9b84a033dd8cbd1003578d281c7460783dbae3328ab65ff1
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
629.8097f988.js
qa2-login.connectedfleet.michelin.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/629.8097f988.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df67021d5df9559fcee59bf6872ea19562a4c206e08157d3b261fffb5c6653df
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
152.8c42d917.js
qa2-login.connectedfleet.michelin.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/152.8c42d917.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
efd2e2f688c744e3154aa2681157f442c036a2eda706e948e507862f99212015
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
829.a523c8a7.js
qa2-login.connectedfleet.michelin.com/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/js/829.a523c8a7.js
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/index.a2accd89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3973de800175243f5556d449902b42ceec1d57f8f7b356f74ffc0c891c56548
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https://qa2-myaccount.connectedfleet.michelin.com/oauth/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:41 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
8047
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
loginOptions
qa2-login.connectedfleet.michelin.com/api/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/api/loginOptions?customerId=&clientId=connectAppShell
Requested by
Host: qa2-login.connectedfleet.michelin.com
URL: https://qa2-login.connectedfleet.michelin.com/js/669.ebe69170.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08cc97902f643883a17980c6f15e278573dc62ee7c30e52341703b52e5be3549
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-XSRF-TOKEN
0817d0ea-0bf1-4bf6-8010-44821d6a7bb8

Response headers

expires
0
pragma
no-cache
date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
DENY
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
favicon.ico
qa2-login.connectedfleet.michelin.com/ 		70 KB
71 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d53f7d640d240bbf91e86a927e87c97f124cd597a669cbd4e3522b9eeb8a1c6
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/x-icon
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
71562
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
google_g.a73c1aa1.svg
qa2-login.connectedfleet.michelin.com/img/ 		689 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa2-login.connectedfleet.michelin.com/img/google_g.a73c1aa1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
689
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
apple.cb6c585a.svg
qa2-login.connectedfleet.michelin.com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa2-login.connectedfleet.michelin.com/img/apple.cb6c585a.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f848d03ee7782c6756cd1a85d962005943bdc4113998d6708de2c53ffab855a
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
1045
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
login_logo_container_2x.2b1c11aa.webp
qa2-login.connectedfleet.michelin.com/img/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa2-login.connectedfleet.michelin.com/img/login_logo_container_2x.2b1c11aa.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49fec7184b3483938dae3736714b60e69c9657807e997ab385ac895fbe9bff18
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/webp
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
163806
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
login_logo_2x.82073b5b.png
qa2-login.connectedfleet.michelin.com/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa2-login.connectedfleet.michelin.com/img/login_logo_2x.82073b5b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d5ce58f6f46cfe1d4de9609cda2769f96b78183f86eea75a8db9bcf6e34bcf3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
9252
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c12bdf52ed12a582ad7490961fc236798f9aab64b67ce6fdd5aca5d78cfb884c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qa2-login.connectedfleet.michelin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:07:16 GMT
x-content-type-options
nosniff
age
217048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:07:16 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,500,600,700%7CMaterial+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qa2-login.connectedfleet.michelin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:18:14 GMT
x-content-type-options
nosniff
age
216390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:18:14 GMT
materialdesignicons-webfont.6b47958b.woff2
qa2-login.connectedfleet.michelin.com/fonts/ 		271 KB
273 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/fonts/materialdesignicons-webfont.6b47958b.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
839aebb98e934e0f6d1f6eda50cc92a5b53f778a6fa32642a6030c2848773876
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
Origin
https://qa2-login.connectedfleet.michelin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/font-woff2
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
277912
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qa2-login.connectedfleet.michelin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 14:03:06 GMT
x-content-type-options
nosniff
age
105698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 14:03:06 GMT
95c7cc3ee17e1c795d18beea72b2dfa5.ico
qa2-login.connectedfleet.michelin.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qa2-login.connectedfleet.michelin.com/95c7cc3ee17e1c795d18beea72b2dfa5.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.101.240.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48444dc66fda2f777176378b9060d2c6086f980760ae49711002415cb04d775b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa2-login.connectedfleet.michelin.com/?customer=&client_id=connectAppShell&state=eyJwYXRoIjoiLyIsInF1ZXJ5Ijp7fX0&redirect_uri=https%3A%2F%2Fqa2-myaccount.connectedfleet.michelin.com%2Foauth%2Fcallback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 19:24:44 GMT
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
last-modified
Wed, 10 Jul 2024 09:20:34 GMT
referrer-policy
strict-origin-when-cross-origin
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/x-icon
cache-control
max-age=28800, must-revalidate, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(self), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block
request-context
appId=5bdc7a96-124a-45b9-9b16-f7f0d69ada35

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getMasternauthAppSettings object| webpackChunkmasternauth_login_ui function| clearImmediate function| setImmediate object| regeneratorRuntime object| masternauth

2 Cookies

Domain/Path Name / Value
qa2-login.connectedfleet.michelin.com/ Name: XSRF-TOKEN
Value: 0817d0ea-0bf1-4bf6-8010-44821d6a7bb8
qa2-login.connectedfleet.michelin.com/ Name: JSESSIONID
Value: OWM4ZWRmZjQtMTdkNC00NDYyLThiMjMtZjQ2OGExZDY2OTFk

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://www.google.com; frame-ancestors 'self' localhost:* *.masternautconnect.com:* *.connectedfleet.michelin.com:*; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
qa2-login.connectedfleet.michelin.com
qa2-myaccount.connectedfleet.michelin.com
18.245.46.14
20.101.240.28
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
0112ba456ba7adab9b84a033dd8cbd1003578d281c7460783dbae3328ab65ff1
08cc97902f643883a17980c6f15e278573dc62ee7c30e52341703b52e5be3549
0fd89ed58be48dcd45eaa41f52b5f02621e394818de880b4e561355b489e2da8
1a4cd6cf1370142f52bd6eecb729b82021db607861030b892cb5a9be6a12a915
1d5ce58f6f46cfe1d4de9609cda2769f96b78183f86eea75a8db9bcf6e34bcf3
2f848d03ee7782c6756cd1a85d962005943bdc4113998d6708de2c53ffab855a
48444dc66fda2f777176378b9060d2c6086f980760ae49711002415cb04d775b
49fec7184b3483938dae3736714b60e69c9657807e997ab385ac895fbe9bff18
569c0326307394b2cab5cd453766329460a798618d82e468473b15acbe1b5738
6413bec8c951ab5cbb8d2adee1a5406e61579bd6147f8d6ae548ea6bb101de8f
6c24e178f816982da5a36a827dd05178f3b5614d4a7898b20feb667f9f707531
7205c902fdaa149e86e43b98d8d96d4f7f9c6aba37e2e8b8fb3018e82365d0ad
74852375d85e209f6b848b946f30f7f4b25543d3eedfbd47ff9eb30114d6c303
751aa08c31461c01e403f1ee3d5e70bc746baf86b0b602dbc188de16bbf65934
791006099eeb9dbdcb804b2b9f56e079ac4e4df65b76a0b7623d1f9caad4d04f
7d53f7d640d240bbf91e86a927e87c97f124cd597a669cbd4e3522b9eeb8a1c6
7f6916794cf64334dcb936ddcf567fa1a5ebf16f0eba42c757fb55cce3a82b43
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
839aebb98e934e0f6d1f6eda50cc92a5b53f778a6fa32642a6030c2848773876
84d8386c2ef8737f099f68ba179a704a2c7199c594f8046b0a34d2c316a74c7f
943f989a813e03a74cd6b1a6c6333ecde579c2372c558b0ce55f91faac424cde
9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9
a3973de800175243f5556d449902b42ceec1d57f8f7b356f74ffc0c891c56548
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
be51f89a55089402fcb99f0ee633a03eae44308bff6d5e3a949ee32bbd4266ad
c12bdf52ed12a582ad7490961fc236798f9aab64b67ce6fdd5aca5d78cfb884c
d9d68892293afe4d8ea9b91ae4e0ea9f078ecd25015a9475bcaf79698fd6917d
df67021d5df9559fcee59bf6872ea19562a4c206e08157d3b261fffb5c6653df
ef72fece5fba80ff5c6896514a40c143d8f209f36390b68cec1e3bf2a4876085
efd2e2f688c744e3154aa2681157f442c036a2eda706e948e507862f99212015
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f9e1efbcc4aeb699778428f4fb6e98b188d65457e22a64e99a670e8c3ff367cf
ff1a31ab85b840d029f06a13e0bba32a79f78bd41945804b7fd76ce638abfd28