signin.cegid.com
Open in
urlscan Pro
20.190.160.75
Public Scan
Submitted URL: http://factures.cegidlife.com/t/372/1/caa2c986-252771/252759/12/23de5f24
Effective URL: https://signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/samlp/sso/login?SAMLRequest=fZJRT8IwFIX%2FytJ3...
Submission: On March 30 via manual from FR
Effective URL: https://signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/samlp/sso/login?SAMLRequest=fZJRT8IwFIX%2FytJ3...
Submission: On March 30 via manual from FR
Summary
This website contacted 3 IPs
in 4 countries
across 3 domains to perform 16 HTTP transactions.
The main IP is 20.190.160.75, located in
Amsterdam, Netherlands and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is signin.cegid.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 13th 2020. Valid for: 2 years.
This is the only time signin.cegid.com was scanned on urlscan.io!
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 13th 2020. Valid for: 2 years.
This is the only time signin.cegid.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 185.174.54.56 185.174.54.56 | 61217 (DOLIST-AS) (DOLIST-AS) | |
| 4 4 | 169.55.60.229 169.55.60.229 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 2 | 20.190.160.75 20.190.160.75 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 13 | 20.40.144.216 20.40.144.216 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
| 16 | 3 |
4
169.55.60.229
(United States)
ASN36351 (SOFTLAYER, US)
PTR: e5.3c.37a9.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: e5.3c.37a9.ip4.static.sl-reverse.com
| www.cegidlife.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
cegid.com
signin.cegid.com accounts.cegid.com |
533 KB |
| 5 |
cegidlife.com
5 redirects
factures.cegidlife.com www.cegidlife.com |
3 KB |
| 1 |
googleapis.com
ajax.googleapis.com |
5 KB |
| 16 | 3 |
| Domain | Requested by | |
|---|---|---|
| 13 | accounts.cegid.com |
signin.cegid.com
accounts.cegid.com |
| 4 | www.cegidlife.com | 4 redirects |
| 2 | signin.cegid.com |
signin.cegid.com
|
| 1 | ajax.googleapis.com |
signin.cegid.com
|
| 1 | factures.cegidlife.com | 1 redirects |
| 16 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| signin.cegid.com Thawte TLS RSA CA G1 |
2020-01-13 - 2022-01-12 |
2 years | crt.sh |
| *.cegid.com Thawte RSA CA 2018 |
2020-09-10 - 2021-07-22 |
10 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-03-11 - 2021-06-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/samlp/sso/login?SAMLRequest=fZJRT8IwFIX%2FytJ36NoBkYaRDNBIgrIAauLLUkoHTbp29nZO%2F71s04gP8tje0%2B%2Fce24nwAtdsqTyJ7ORb5UEH3wU2gBrCzGqnGGWgwJmeCGBecG2ycOK0X7ISme9FVajIAGQzitr5tZAVUi3le5dCfm0WcXo5H0JDOO6rvtCHtVBq1z2hS3w9qT2e6ulP%2FUBLG7AFKfr7Q4Fi3MnyvCG%2BUsAdTTKdJAW0F10Z2sKJZwFm%2Fu2NqPzjCTZJs1e0tXy7jZLN%2BsFbsfCjZu2R2VQsFzEKIvoICJjno%2BiYS7Ge0LC4ZjciNGAkgMNZXSWAVRyacBz42NEQ0p6YdSLwh2hjAzZYPiKgvQ7j5kyB2WO18PbdyJg97td2uuGfpYO2oHPAjSdNL2y1thdLOU6lv9sAk3%2Fz70uAZfWea4n%2BMKkcyzZ45m6XKRWK%2FEZJFrbeu4k9zJGBOFp9%2BTvn5l%2BAQ%3D%3D&RelayState=cookie%3A1617106545_edd3&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CS5nbddnvWgMZPIt8pjkfXFjPIccG3n4vPiM6fZkI6guL4YTWYgLHrroeGX%2BLO2U8owtAktFTjZCdzSgr1pi9DefWn%2Fzvh1rG0rPjVMefz%2FE47kKvkj0bEOko4l465yJnQ38DY30Ao5Gk79h5CqmcNJvjtdIkokp7AEy7JYtkmyFkbFkkB%2FVEqOtMx6FzO3MYACyCoXRDTXUF2h1rJN3YsYItVK54OzitBn1sV0wbjVxv8nHHoQyh0JwxsPwu8PxFAAKefBvrn0e5smrqpcLDgjvrcgAUS0wL8WObYGMJJjuR6UlV36t22nWkxwZ0QIBO57wnFJZci0BYSPWLXnNag%3D%3D
Frame ID: 9448B8AB234F1B797E98BC535DD21DFB
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://factures.cegidlife.com/t/372/1/caa2c986-252771/252759/12/23de5f24
HTTP 302
http://www.cegidlife.com/ HTTP 302
https://www.cegidlife.com/wps/portal HTTP 302
https://www.cegidlife.com/wps/portal/cl%2Fhidden%2FLogin/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zi_UwM... HTTP 302
https://www.cegidlife.com/wps/myportal HTTP 302
https://signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/samlp/sso/login?SAMLReques... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googleapis\.com\/.+webfont/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://factures.cegidlife.com/t/372/1/caa2c986-252771/252759/12/23de5f24
HTTP 302
http://www.cegidlife.com/ HTTP 302
https://www.cegidlife.com/wps/portal HTTP 302
https://www.cegidlife.com/wps/portal/cl%2Fhidden%2FLogin/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zi_UwM_C2dDB0N_D0MLAw8TcMcA8MMQ4wMfM30wwkpiAJKG-AAjgZA_VGElBTkRhikOyoqAgAczPvf/dz/d5/L2dBISEvZ0FBIS9nQSEh/ HTTP 302
https://www.cegidlife.com/wps/myportal HTTP 302
https://signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/samlp/sso/login?SAMLRequest=fZJRT8IwFIX%2FytJ36NoBkYaRDNBIgrIAauLLUkoHTbp29nZO%2F71s04gP8tje0%2B%2Fce24nwAtdsqTyJ7ORb5UEH3wU2gBrCzGqnGGWgwJmeCGBecG2ycOK0X7ISme9FVajIAGQzitr5tZAVUi3le5dCfm0WcXo5H0JDOO6rvtCHtVBq1z2hS3w9qT2e6ulP%2FUBLG7AFKfr7Q4Fi3MnyvCG%2BUsAdTTKdJAW0F10Z2sKJZwFm%2Fu2NqPzjCTZJs1e0tXy7jZLN%2BsFbsfCjZu2R2VQsFzEKIvoICJjno%2BiYS7Ge0LC4ZjciNGAkgMNZXSWAVRyacBz42NEQ0p6YdSLwh2hjAzZYPiKgvQ7j5kyB2WO18PbdyJg97td2uuGfpYO2oHPAjSdNL2y1thdLOU6lv9sAk3%2Fz70uAZfWea4n%2BMKkcyzZ45m6XKRWK%2FEZJFrbeu4k9zJGBOFp9%2BTvn5l%2BAQ%3D%3D&RelayState=cookie%3A1617106545_edd3&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CS5nbddnvWgMZPIt8pjkfXFjPIccG3n4vPiM6fZkI6guL4YTWYgLHrroeGX%2BLO2U8owtAktFTjZCdzSgr1pi9DefWn%2Fzvh1rG0rPjVMefz%2FE47kKvkj0bEOko4l465yJnQ38DY30Ao5Gk79h5CqmcNJvjtdIkokp7AEy7JYtkmyFkbFkkB%2FVEqOtMx6FzO3MYACyCoXRDTXUF2h1rJN3YsYItVK54OzitBn1sV0wbjVxv8nHHoQyh0JwxsPwu8PxFAAKefBvrn0e5smrqpcLDgjvrcgAUS0wL8WObYGMJJjuR6UlV36t22nWkxwZ0QIBO57wnFJZci0BYSPWLXnNag%3D%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
login
signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/samlp/sso/ Redirect Chain
|
276 KB 95 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Signin
accounts.cegid.com/Ui/Authentication/Blue/ |
4 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/css/ |
121 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-theme.min.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/css/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cegidsignin.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LoginResponsive.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tooltipster-cegid.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/css/ |
907 B 759 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fonts.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/css/ |
1 KB 651 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.a4dae97c.chunk.css
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/static/css/ |
118 B 439 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.4f57c88a.chunk.js
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/static/js/ |
325 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.060c2a0c.chunk.js
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
perftrace
signin.cegid.com/signincegid.onmicrosoft.com/B2C_1A_RP_WPLIFE_PROD/client/ |
0 387 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
montgolfiere.0f190358.png
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/static/media/ |
252 KB 252 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Montserrat-regular.woff2
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/fonts/Montserrat-regular/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cegid-logo-blue.f372663a.svg
accounts.cegid.com/UI/Authentication/Blue/spa-email-entry/static/media/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime object| $i2e object| $modal object| $element function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady object| webpackJsonpspa-email-entry object| WebFont function| setImmediate function| clearImmediate object| regeneratorRuntime4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .signin.cegid.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6ImU0OTllZTliLWZjZDItNGE2NS1hNDhmLThjYTRlNWZkNjU0NCIsIlQiOiJzaWduaW5jZWdpZC5vbm1pY3Jvc29mdC5jb20iLCJQIjoiQjJDXzFBX1JQX1dQTElGRV9QUk9EIiwiQyI6IiIsIlMiOjEsIk0iOnt9LCJEIjowfV0sIkNfSUQiOiJlNDk5ZWU5Yi1mY2QyLTRhNjUtYTQ4Zi04Y2E0ZTVmZDY1NDQifQ== |
|
| .signin.cegid.com/ | Name: x-ms-cpim-cache|m-6z5nl8zuqkj4yk5f1lra_0 Value: m1.1gQ+um0XITDuIpv5.ETfNBPlzPRQrnAfV6LFOgQ==.0.rTrmDu7vD7fTJ8EQhLJHxbucKWlQrfM7c47vSs4Damhcc78jELyWP7F/lKUji8YGXIRk7CSJBLBhE5M76JONcpg2qlcEywLUk1ckdTZyzNvN3y99Gc9zTCC+yHFK+FBrF3xpLRmtwtArkbIt1T5SdHUHtGTucph6NqnyUrGgU2YgutFWoefflA77DCdp5Epe74218R+2k3eUHSxxp76Oaw5eFAD9SyTEQlizPlDpocKQuwMgwL8utw7Hvs+8TRYiNWhyLuw4710FTmU2OQBUHQ+EdCVlA+fERqu0UGvJFvthwAeKm62u+2wMFj89R/R/TcHT60aLibpovZeiwp6/u5AmovLM/wmfD6Cg9j9StqAdExkwNBz7pnbhT27WxvgKzul1sMtCVC1Z8l6/+gNgYIn1htVwQK1TxTmOdMsbvJaG2axkdYdsz8APod/UxKsH9Gxdyc6ezuvnNSaDasck4isbMOoVLY7GabXvUVGDWSAubaX985RbWanX75cZNKvCQdEp4X+MlqWm3d+JOzyqot3RIS9MKngBxzseuinJHStKtKmemrsLQGXspoxpBpjK6AzZAUbtIN6bjCyCfl0CSV+ozolJynCb1tuqz/9tIOWxTWMv4Q4A5f6qh0YKwYIcH6CWRcBxGfH16xVt26Zl0rjpzL5rOjqXup1s/B13MV7R3vgTfY/YhkIDcQQ2DM/RaNda/3+Zm8Rz7Xhc9LAog4/Ya+98R7okw6L2B0RZHz+viDnStZmnRzdTnnKksDpzsPLnYZ8Svoex1wB0ixnvQaLBCzDERagktnmGEX3xZop1ix3j/SYfUEQGsREonAX7FotoeFwWKF6qtLVzHE84D2PU7MJGn0mjcxQ8eA== |
|
| .signin.cegid.com/ | Name: x-ms-cpim-csrf Value: RmVVQnI2UFhsTHV3b1gwWEVNMnpmdXJtdnlQWFh5RTdCUTVRQmI1RHk3M3FKRXk4b05NWnYwQkxycTA2am5aK0k0eDhxK1g0dW5xR0ZMaUNjbEI0dGc9PTsyMDIxLTAzLTMwVDEyOjE1OjQ1Ljc2NzU2OThaO3VYQTluNWFVRVR3QnloQVJGYUxiWEE9PTt7IlRhcmdldEVudGl0eSI6IkV4dHJhY3RTZXNzaW9uLUV4Y2hhbmdlIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9 |
|
| .signin.cegid.com/ | Name: x-ms-cpim-sso:signincegid.onmicrosoft.com_0 Value: m1.HcqjlyF5Nr0bAfFs.6rwmE55/t92QHOdkxD0J/w==.0.MYxc9yVzLl3y+ZnL4DPZK/e7FuaQBhYlfAowt7FfqRNcHdAAKwyKq5g0PNtlQHeGhaRGLc/oa0RKeBPiIdUZrtHu+7fQRK0GBmCZ16NuBuBTLD5f75mhtR8tjiztax8wUs7XCxjj2fFG/IRg8OaeePavIpx6wxQHlFVTujHEwKh/Vsx1qo6rk/G4VJOrl6/UV2TuiMHMaryc7aOIKU7xQKBh0e/aDSGHkN1MxW6xUyy0OtWchMNn2W6gCM8WNw+Lxto26yPZpm9GlPIBeFKVJUtv7nzEumFRtc3O3G6CD1vLaJqdvuX4COACb4Cu21V+Asu+LTo5 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.cegid.com
ajax.googleapis.com
factures.cegidlife.com
signin.cegid.com
www.cegidlife.com
169.55.60.229
185.174.54.56
20.190.160.75
20.40.144.216
2a00:1450:4001:828::200a
3a1eac64ea7ad8f0b6c8fe2e68292ef654d0faff2652a168ef69c54dc69096b6
5087961996eb57086540e3db8adde3a10fb48abdd7aa6435f1c9aa014037224c
5e522f43408bc91ebda7ae4aadcf7e15d3e1100e221ed9f0aaec9608f2f18299
61f5e332829d19d1517adab955a926548317d592bdc6b2227ab00efbd37a1a63
717422a0459fa27e1051622215c447bc7302b87bbf9ce5bba3cd4f96a9ee413a
7c3281a8525d5aa3184118786479750c3e674ace9027a4552c578715b9ad1570
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
9ede34f9e9428e493de28d78008fe95784bfda956b7966dca8253160ce31b92f
a7a77f7f09b406efaf3bd2b3ba5b62c1ed81db057f1ebf67c93a53b5f4de2e9f
bb0e09e6eabc5eca993f816c7365198cba0cb830f6b3aa3b42ff99e12f10df15
c44471a8e960abbcd676ed1e86a585fe80f97dcbc2e4ab8a4c9895e89c6f632d
c5b8aca52aa183935d42ce54b8b40a5d4b871379f9b0ee3f9b2608da88848e74
d9ca453e68bfc09184828fb0de061ffe0e4a9c737403f94e356693f5dceacf5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d9892fc56d4877c3739590d0b2cf65829f5b4745e5df4013a539713cb241db
ffcd1301911fcde76c5995448643a4bb5cb47c904c26901a9bc69f0f4d7eeaf8