urlscan.io logo urlscan.io
SecurityTrails logo

sso-preprod2.up-cse.fr Open in urlscan Pro
34.111.225.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://moncompte-preprod2.up-cse.fr/
Effective URL: https://sso-preprod2.up-cse.fr/authentication/login
Submission: On April 27 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 34.111.225.190, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is sso-preprod2.up-cse.fr.
TLS certificate: Issued by GTS CA 1D4 on April 26th 2023. Valid for: 3 months.
This is the only time sso-preprod2.up-cse.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.102.139.188 396982 (GOOGLE-CL...)
2 34.96.81.65 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
1 8 34.111.225.190 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
21 5
5    34.102.139.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.139.102.34.bc.googleusercontent.com
moncompte-preprod2.up-cse.fr
2    34.96.81.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.81.96.34.bc.googleusercontent.com
cdn.up-cse.fr
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    34.111.225.190 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 190.225.111.34.bc.googleusercontent.com
sso-preprod2.up-cse.fr
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
15 up-cse.fr
moncompte-preprod2.up-cse.fr
cdn.up-cse.fr
sso-preprod2.up-cse.fr
1 MB
5 gstatic.com
fonts.gstatic.com
195 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
2 KB
21 3
Domain Requested by
8 sso-preprod2.up-cse.fr 1 redirects moncompte-preprod2.up-cse.fr
sso-preprod2.up-cse.fr
5 fonts.gstatic.com moncompte-preprod2.up-cse.fr
fonts.googleapis.com
5 moncompte-preprod2.up-cse.fr moncompte-preprod2.up-cse.fr
2 fonts.googleapis.com sso-preprod2.up-cse.fr
2 cdn.up-cse.fr moncompte-preprod2.up-cse.fr
21 5

This site contains no links.

Subject Issuer Validity Valid
moncompte-preprod2.up-cse.fr
GTS CA 1D4		 2023-04-26 -
2023-07-25		 3 months crt.sh
moncompte.up-cse.fr
GTS CA 1D4		 2023-04-20 -
2023-07-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sso-preprod2.up-cse.fr
GTS CA 1D4		 2023-04-26 -
2023-07-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sso-preprod2.up-cse.fr/authentication/login
Frame ID: E69AD76C0A1C2C0B750D57CBE705B437
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authentification Synapse

Page URL History Show full URLs

  1. https://moncompte-preprod2.up-cse.fr/ Page URL
  2. https://sso-preprod2.up-cse.fr/openid/authorize?client_id=synapse-mon-compte-preprod&redirect_uri=https%3A%... HTTP 301
    https://sso-preprod2.up-cse.fr/authentication/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

1255 kB
Transfer

1258 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://moncompte-preprod2.up-cse.fr/ Page URL
  2. https://sso-preprod2.up-cse.fr/openid/authorize?client_id=synapse-mon-compte-preprod&redirect_uri=https%3A%2F%2Fmoncompte-preprod2.up-cse.fr%2Findex.html&response_type=code&scope=openid+user%3Aprofile%3Aread+user%3Aprofile%3Awrite+user%3Aorganization%3Aread+user%3Aroles%3Aread&state=6e30411ece0c4116a3b1b66ef881c91a&code_challenge=6CTPqNlifAg_dziFg_IAxSfI2ENK0t6V8BA5JbSp5Bw&code_challenge_method=S256&response_mode=query HTTP 301
    https://sso-preprod2.up-cse.fr/authentication/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
moncompte-preprod2.up-cse.fr/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.139.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.139.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8379b0ca041f01503623ae3d013cd61d062a884593a5472abfff65f1ffe05df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
11773
content-type
text/html
date
Thu, 27 Apr 2023 02:38:06 GMT
etag
"4e0f60f20c8c8be0bfeb164443b88c60"
expires
Thu, 27 Apr 2023 03:38:06 GMT
last-modified
Wed, 26 Apr 2023 15:15:03 GMT
server
UploadServer
via
1.1 google
x-goog-generation
1682522103425440
x-goog-hash
crc32c=u8bolQ== md5=Tg9g8gyMi+C/6xZEQ7iMYA==
x-goog-meta-goog-reserved-file-mtime
1682522092
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
11773
x-guploader-uploadid
ADPycdtSqrMBXHBVil0TioFwLgjz4s-C-cvd3s6Uv56ZMeh0hpwrKFR9_1HZfvLvdmvCsJRg2-rXnUmCLX7Fga-TfSHZHw
switchapp.esm.js
cdn.up-cse.fr/script/switchapp/v1/ 		419 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.up-cse.fr/script/switchapp/v1/switchapp.esm.js
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.81.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.81.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3d61192619221ee94ee03dffbd74448e92fa4c3f3d793d303d19e43492260f71

Request headers

Referer
https://moncompte-preprod2.up-cse.fr/
Origin
https://moncompte-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1680876620
age
0
x-guploader-uploadid
ADPycdsEOTjKbWFSLP7V7dQJ5GRB6BLgPJ11dC6Yi7VKJrM3exKXgmsKM59-LRUWsykCn1HkIFHc5sS1yNAVnmh9C-r4cQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
419
last-modified
Fri, 07 Apr 2023 14:23:12 GMT
server
UploadServer
etag
"1d1b77ccbf961eaebb3c02e0339489bd"
x-goog-hash
crc32c=CbeZ1g==, md5=HRt3zL+WHq67PALgM5SJvQ==
x-goog-generation
1680877392393470
content-language
en
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
419
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 27 Apr 2023 03:38:06 GMT
runtime.234651a075b86b59.js
moncompte-preprod2.up-cse.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moncompte-preprod2.up-cse.fr/runtime.234651a075b86b59.js
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.139.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.139.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cc9558da0d42e730c0047b619a3b4922d92e77aa12deb08c23d693a9f3bac45e

Request headers

Referer
https://moncompte-preprod2.up-cse.fr/
Origin
https://moncompte-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1682522092
age
0
x-guploader-uploadid
ADPycdskOFHFYrq9qId1tbBCCaeLg1jkax2ki5LkXR9N-Giys8GBpcPGDiE7UFhpPTFIR0jECG-MBaKrIjfH7czgsar4Pw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2957
last-modified
Wed, 26 Apr 2023 15:15:03 GMT
server
UploadServer
etag
"69b2127f541b1dc430bff11e1094550d"
x-goog-generation
1682522103731136
x-goog-hash
crc32c=mbJLlw==, md5=abISf1QbHcQwv/EeEJRVDQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
2957
accept-ranges
bytes
expires
Thu, 27 Apr 2023 03:38:06 GMT
polyfills.a23abb240ee0d920.js
moncompte-preprod2.up-cse.fr/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moncompte-preprod2.up-cse.fr/polyfills.a23abb240ee0d920.js
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.139.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.139.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7a168ac7c5316e362aec681b793885d058bf8d1a48df57783d3c2746b3f69fa0

Request headers

Referer
https://moncompte-preprod2.up-cse.fr/
Origin
https://moncompte-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1682518206
age
0
x-guploader-uploadid
ADPycduHW-QORB8eXFgz7SvyGcNMi-nX55tsyCzTQrHl916Bv1IAZENew2wb-acZv7iH9n-ZjdvhWGC_cje73P8oLE8lNw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33873
last-modified
Wed, 26 Apr 2023 15:15:03 GMT
server
UploadServer
etag
"8cb62484ae33efa73170cf368b207739"
x-goog-hash
crc32c=7xaBAg==, md5=jLYkhK4z76cxcM82iyB3OQ==
x-goog-generation
1682518210976855
content-language
en
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
33873
accept-ranges
bytes
expires
Thu, 27 Apr 2023 03:38:06 GMT
main.21ce45427686e5e0.js
moncompte-preprod2.up-cse.fr/ 		819 KB
820 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moncompte-preprod2.up-cse.fr/main.21ce45427686e5e0.js
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.139.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.139.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e401bdd2992429006ec9737b2a120a3775dd58a51537b8e383b228a85f9b167

Request headers

Referer
https://moncompte-preprod2.up-cse.fr/
Origin
https://moncompte-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1682522092
age
0
x-guploader-uploadid
ADPycdtE7yR1iOLfNT5hplPHglTNrSn7dMrsa0QLO7ZIjLckkfVczYtz3FsCAvTxEG04bK-xewCJQ-yC-e2H2Hq5zwW52g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
838815
last-modified
Wed, 26 Apr 2023 15:15:03 GMT
server
UploadServer
etag
"01329f951fea9b33bfc7fcc237c33c00"
x-goog-generation
1682522103735080
x-goog-hash
crc32c=tFqoew==, md5=ATKflR/qmzO/x/zCN8M8AA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
838815
accept-ranges
bytes
expires
Thu, 27 Apr 2023 03:38:06 GMT
styles.368b93c676e9b88d.css
moncompte-preprod2.up-cse.fr/ 		94 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moncompte-preprod2.up-cse.fr/styles.368b93c676e9b88d.css
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.139.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.139.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8a553ed53f4941d0379f1df5e085033634aef4a642fccca39d82fbfc2055784

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://moncompte-preprod2.up-cse.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1682522092
age
0
x-guploader-uploadid
ADPycdt7ToQcdWxp0JT6eFv2Ud9KOBTi2n7rVK8tBuUZL9_NOkYy6YJsApKpAfLjXz_t-DWN0584uGvsWD48PY7t3Ebnsw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96001
last-modified
Wed, 26 Apr 2023 15:15:04 GMT
server
UploadServer
etag
"d57775ba12820756868a2be94dce3542"
x-goog-generation
1682522104598064
x-goog-hash
crc32c=4NeA2A==, md5=1Xd1uhKCB1aGiivpTc41Qg==
content-type
text/css
cache-control
public, max-age=3600
x-goog-stored-content-length
96001
accept-ranges
bytes
expires
Thu, 27 Apr 2023 03:38:06 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://moncompte-preprod2.up-cse.fr/
Origin
https://moncompte-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:02:15 GMT
x-content-type-options
nosniff
age
376551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11160
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 18:02:15 GMT
p-75fdfa27.js
cdn.up-cse.fr/script/switchapp/v1/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.up-cse.fr/script/switchapp/v1/p-75fdfa27.js
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.81.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.81.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e48ce7961aa00d769333f79343c6e1232c4cfd56a69625355395115bbef04054

Request headers

Referer
https://cdn.up-cse.fr/script/switchapp/v1/switchapp.esm.js
Origin
https://moncompte-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1680876620
age
0
x-guploader-uploadid
ADPycdtzFd1z5Id3RtKZBxA0UmLNtUtR8ntXxHZdRf3_v2KOSvKTVwAqPAntrYJIXE2xg8JxGiAzVc6jV0V8LTe6fZzD7A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10908
last-modified
Fri, 07 Apr 2023 14:23:12 GMT
server
UploadServer
etag
"33a10c94ca18bdd8c934824f5a166357"
x-goog-hash
crc32c=EOd71Q==, md5=M6EMlMoYvdjJNIJPWhZjVw==
x-goog-generation
1680877392419299
content-language
en
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
10908
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 27 Apr 2023 03:38:06 GMT
openid-configuration
sso-preprod2.up-cse.fr/openid/.well-known/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso-preprod2.up-cse.fr/openid/.well-known/openid-configuration
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/polyfills.a23abb240ee0d920.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f25ace7d530b8422e05b98825e237e35bc7bbfe66b83af70601311ed5a859e73

Request headers

Accept
application/jwk-set+json, application/json
Referer
https://moncompte-preprod2.up-cse.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
x-powered-by
Express
etag
W/"7af-G5cQdRXl3SKNifmaxPiOSv2c3mg"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1967
Primary Request login
sso-preprod2.up-cse.fr/authentication/
Redirect Chain
  • https://sso-preprod2.up-cse.fr/openid/authorize?client_id=synapse-mon-compte-preprod&redirect_uri=https%3A%2F%2Fmoncompte-preprod2.up-cse.fr%2Findex.html&response_type=code&scope=openid+user%3Aprof...
  • https://sso-preprod2.up-cse.fr/authentication/login
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso-preprod2.up-cse.fr/authentication/login
Requested by
Host: moncompte-preprod2.up-cse.fr
URL: https://moncompte-preprod2.up-cse.fr/main.21ce45427686e5e0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8ce421431e4e3e3e02f9c4a8525ac7d48dcf58122327e54a7112ef1feebf133f

Request headers

Referer
https://moncompte-preprod2.up-cse.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2042
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 02:38:06 GMT
etag
W/"7fa-dLCYOiCczVZlhWmZvJnZULCnOE4"
via
1.1 google
x-powered-by
Express

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 02:38:06 GMT
location
/authentication/login
vary
Accept
via
1.1 google
x-powered-by
Express
sheet.css
sso-preprod2.up-cse.fr/static/styles/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso-preprod2.up-cse.fr/static/styles/sheet.css
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/authentication/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
44d8f403bbbc9646155e9d6c33b74603bf3eb680d80b41cd3d581d8f72424fd7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/authentication/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 15:22:03 GMT
x-powered-by
Express
etag
W/"1313-187be284578"
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4883
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/authentication/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 02:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 02:38:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Apr 2023 02:38:07 GMT
form-status.js
sso-preprod2.up-cse.fr/static/scripts/user/authentication/ 		768 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso-preprod2.up-cse.fr/static/scripts/user/authentication/form-status.js
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/authentication/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e171eda670bf654294619b952c7e8eb1634dc44b80a00819adc26ef6322c268b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/authentication/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 15:22:03 GMT
x-powered-by
Express
etag
W/"300-187be284578"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
768
password.js
sso-preprod2.up-cse.fr/static/scripts/user/authentication/ 		637 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso-preprod2.up-cse.fr/static/scripts/user/authentication/password.js
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/authentication/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
30873c72ba9fbd168da088953a5349b984b3165f73e540d424c3776102a25a01

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/authentication/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:06 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 15:22:03 GMT
x-powered-by
Express
etag
W/"27d-187be284578"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
637
logo-250x42.svg
sso-preprod2.up-cse.fr/static/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso-preprod2.up-cse.fr/static/img/logo-250x42.svg
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/authentication/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
edab997c05c73dc550e879917f94ce559f86a2d5b12db31707a76f012b6586f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/authentication/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:07 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 15:22:03 GMT
x-powered-by
Express
etag
W/"dee-187be284578"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3566
css2
fonts.googleapis.com/ 		8 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/static/styles/sheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc5a61f81ec35ff8e09e5256c0b91c1134e3c859e6696962c7b2d2cc1c168e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 02:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 02:38:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Apr 2023 02:38:07 GMT
login.jpg
sso-preprod2.up-cse.fr/static/img/background/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso-preprod2.up-cse.fr/static/img/background/login.jpg
Requested by
Host: sso-preprod2.up-cse.fr
URL: https://sso-preprod2.up-cse.fr/static/styles/sheet.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.225.190 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
190.225.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
56b12fc134b35099a9ec21c4a70a934be971f76d0a1c65b35633ce0508792f18

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-preprod2.up-cse.fr/static/styles/sheet.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 02:38:07 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 15:22:03 GMT
x-powered-by
Express
etag
W/"11aba-187be284578"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72378
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
520364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v21/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:40:24 GMT
x-content-type-options
nosniff
age
377863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27116
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:40:24 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:43:28 GMT
x-content-type-options
nosniff
age
377679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:43:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso-preprod2.up-cse.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:03:36 GMT
x-content-type-options
nosniff
age
365671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 21:03:36 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Domain/Path Name / Value
sso-preprod2.up-cse.fr/ Name: connect.sid
Value: s%3ASoh_JFdxSy0SopuSr4stFRyTgTDI6cfC.mqs%2FeK%2FTeSuoAPjajYSfRp2hDAzJq8v7bgyRM2%2BWG4E

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.up-cse.fr
fonts.googleapis.com
fonts.gstatic.com
moncompte-preprod2.up-cse.fr
sso-preprod2.up-cse.fr
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2003
34.102.139.188
34.111.225.190
34.96.81.65
1e401bdd2992429006ec9737b2a120a3775dd58a51537b8e383b228a85f9b167
30873c72ba9fbd168da088953a5349b984b3165f73e540d424c3776102a25a01
3d61192619221ee94ee03dffbd74448e92fa4c3f3d793d303d19e43492260f71
44d8f403bbbc9646155e9d6c33b74603bf3eb680d80b41cd3d581d8f72424fd7
56b12fc134b35099a9ec21c4a70a934be971f76d0a1c65b35633ce0508792f18
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
7a168ac7c5316e362aec681b793885d058bf8d1a48df57783d3c2746b3f69fa0
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8ce421431e4e3e3e02f9c4a8525ac7d48dcf58122327e54a7112ef1feebf133f
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
abc5a61f81ec35ff8e09e5256c0b91c1134e3c859e6696962c7b2d2cc1c168e3
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed
cc9558da0d42e730c0047b619a3b4922d92e77aa12deb08c23d693a9f3bac45e
e171eda670bf654294619b952c7e8eb1634dc44b80a00819adc26ef6322c268b
e48ce7961aa00d769333f79343c6e1232c4cfd56a69625355395115bbef04054
edab997c05c73dc550e879917f94ce559f86a2d5b12db31707a76f012b6586f1
f25ace7d530b8422e05b98825e237e35bc7bbfe66b83af70601311ed5a859e73
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8379b0ca041f01503623ae3d013cd61d062a884593a5472abfff65f1ffe05df
f8a553ed53f4941d0379f1df5e085033634aef4a642fccca39d82fbfc2055784