login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:d0::6  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bookings.oneos-test.teachingpersonnel.com/ Page URL
2. https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response bookings.oneos-test.teachingpersonnel.com/	37 KB 7 KB	202ms 46ms	Document text/html	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8490c2f9ec822bf1277edd2532841ef2bcc1fe67e59a99063a6b0334dcad12c2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Content-Encoding gzip Content-Length 6570 Content-Type text/html Date Thu, 26 Sep 2024 12:13:35 GMT ETag "0c085235eb6da1:0" Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding X-Powered-By ASP.NET
GET H/1.1	200 OK	chunk-LMISKXD3.js Show response bookings.oneos-test.teachingpersonnel.com/	113 KB 36 KB	42ms 40ms	Script application/x-javascript	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/chunk-LMISKXD3.js Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 337503fe8c78e0b08798324c847013ad5b194a8acc11815ee6eedff3bfa11eb0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bookings.oneos-test.teachingpersonnel.com Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers X-Powered-By ASP.NET Content-Encoding gzip ETag "0c085235eb6da1:0" Accept-Ranges bytes Content-Length 36352 Date Thu, 26 Sep 2024 12:13:35 GMT Content-Type application/x-javascript Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding
GET H/1.1	200 OK	chunk-HFA5G4DX.js Show response bookings.oneos-test.teachingpersonnel.com/	151 KB 52 KB	183ms 78ms	Script application/x-javascript	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/chunk-HFA5G4DX.js Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 17eea9536be4eb78fadc1b1d10505cf7c0ea78e9873d0909e72c422cb81f3377 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bookings.oneos-test.teachingpersonnel.com Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers X-Powered-By ASP.NET Content-Encoding gzip ETag "0c085235eb6da1:0" Accept-Ranges bytes Content-Length 53192 Date Thu, 26 Sep 2024 12:13:35 GMT Content-Type application/x-javascript Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding
GET H/1.1	200 OK	polyfills.js Show response bookings.oneos-test.teachingpersonnel.com/	34 KB 15 KB	296ms 192ms	Script application/x-javascript	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/polyfills.js Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 67fa4336bf9d23530c6d10018376de1685df21c4b77b0a2ddabb724b429a256b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bookings.oneos-test.teachingpersonnel.com Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers X-Powered-By ASP.NET Content-Encoding gzip ETag "0c085235eb6da1:0" Accept-Ranges bytes Content-Length 15157 Date Thu, 26 Sep 2024 12:13:35 GMT Content-Type application/x-javascript Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding
GET H/1.1	200 OK	main.js Show response bookings.oneos-test.teachingpersonnel.com/	2 MB 565 KB	254ms 146ms	Script application/x-javascript	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/main.js Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b0104b2c6963af335e4fcd9f1b391467ed20ad0f189f3c8bc01982f9d9bd2080 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bookings.oneos-test.teachingpersonnel.com Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers Transfer-Encoding chunked X-Powered-By ASP.NET Content-Encoding gzip ETag "0c085235eb6da1:0" Accept-Ranges bytes Date Thu, 26 Sep 2024 12:13:35 GMT Content-Type application/x-javascript Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding
GET H/1.1	200 OK	styles.css bookings.oneos-test.teachingpersonnel.com/	424 KB 95 KB	187ms 92ms	Stylesheet text/css	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/styles.css Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a223ff09a6719f1e6adc81a7b4239a022154232781900e10af35cf68ee43987e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers Transfer-Encoding chunked X-Powered-By ASP.NET Content-Encoding gzip ETag "0c085235eb6da1:0" Accept-Ranges bytes Date Thu, 26 Sep 2024 12:13:35 GMT Content-Type text/css Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding
GET H/1.1	200 OK	Mona-Sans.ttf bookings.oneos-test.teachingpersonnel.com/media/	269 KB 269 KB	77ms 35ms	Font application/octet-stream	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/media/Mona-Sans.ttf Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 94f2539415bc0e9d990e30047d2b1faf3aef3de887320863a1ec548872b704fc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bookings.oneos-test.teachingpersonnel.com Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers ETag "0c085235eb6da1:0" Accept-Ranges bytes Content-Length 275556 Date Thu, 26 Sep 2024 12:13:35 GMT Content-Type application/octet-stream Last-Modified Tue, 04 Jun 2024 09:04:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET
OPTIONS H2	204	sessions api.gleap.io/	0 0	167ms 43ms	Preflight	67.207.79.245 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.gleap.io/sessions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.207.79.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers api-token,content-type Access-Control-Request-Method POST Origin https://bookings.oneos-test.teachingpersonnel.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers api-token,content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * date Thu, 26 Sep 2024 12:13:36 GMT vary Access-Control-Request-Headers x-powered-by Express
GET H3	200	OneSignalSDK.page.js cdn.onesignal.com/sdks/web/v16/	2 KB 1 KB	152ms 99ms	Script application/javascript	104.17.111.223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=259200 content-encoding br cf-cache-status HIT etag W/"19fb0fd50e69d6b97e1badc837a6dff2" age 2400 via 1.1 google cf-ray 8c932b3d9a503d88-LHR expires Sun, 29 Sep 2024 12:13:36 GMT date Thu, 26 Sep 2024 12:13:36 GMT content-type application/javascript vary Accept-Encoding server cloudflare access-control-allow-headers OneSignal-Subscription-Id
POST H2	201	sessions api.gleap.io/	151 B 258 B	52ms 49ms	XHR application/json	67.207.79.245 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.gleap.io/sessions Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/polyfills.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.207.79.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Express Resource Hash Request headers Referer https://bookings.oneos-test.teachingpersonnel.com/ Api-Token L96S8j7yuTDRMXNofdUTGNNrv5CDArFr User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers access-control-allow-origin * content-length 151 etag W/"97-NWmhBrIAEddF22Webb/XRVysVOI" date Thu, 26 Sep 2024 12:13:36 GMT content-type application/json; charset=utf-8 x-powered-by Express vary Accept-Encoding
GET H/1.1	200 OK	openid-configuration login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/v2.0/.well-known/	2 KB 4 KB	197ms 59ms	Fetch application/json	2603:1027:1:d8::5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/v2.0/.well-known/openid-configuration Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/polyfills.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1027:1:d8::5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers Access-Control-Expose-Headers x-ms-srs x-ms-ests-server 2.1.19005.8 - WEULR1 ProdSlices report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]} Access-Control-Allow-Methods GET, OPTIONS X-Content-Type-Options nosniff P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Date Thu, 26 Sep 2024 12:13:36 GMT Content-Type application/json; charset=utf-8 x-ms-srs 1.P Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control max-age=86400, private nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} Referrer-Policy strict-origin-when-cross-origin x-ms-request-id 8261177e-b6f6-409a-a733-a8e4755e9100 Content-Security-Policy-Report-Only object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-PyxQ6rAqAVMr1KSQydGZFw' 'unsafe-eval' 'unsafe-inline' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com 'report-sample'; img-src 'self' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All Access-Control-Allow-Origin * Content-Length 1753 X-XSS-Protection 0
GET H3	200	OneSignalSDK.page.es6.js cdn.onesignal.com/sdks/web/v16/	259 KB 63 KB	100ms 99ms	Script application/javascript	104.17.111.223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bookings.oneos-test.teachingpersonnel.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=259200 content-encoding br cf-cache-status HIT etag W/"2d5effdf1f67f3d889acd0f923ae833f" age 3287 via 1.1 google cf-ray 8c932b3e5b9d3d88-LHR expires Sun, 29 Sep 2024 12:13:36 GMT date Thu, 26 Sep 2024 12:13:36 GMT content-type application/javascript vary Accept-Encoding server cloudflare access-control-allow-headers OneSignal-Subscription-Id
GET H2	200	L96S8j7yuTDRMXNofdUTGNNrv5CDArFr api.gleap.io/config/	7 KB 3 KB	53ms 52ms	XHR application/json	67.207.79.245 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.gleap.io/config/L96S8j7yuTDRMXNofdUTGNNrv5CDArFr?lang=en Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/polyfills.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.207.79.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Express Resource Hash Request headers Referer https://bookings.oneos-test.teachingpersonnel.com/ Api-Token L96S8j7yuTDRMXNofdUTGNNrv5CDArFr Gleap-Hash 3f5bcd596307ca19c106dbec17c74a7687c0db0b0ad450cf0e6c89588a7b0b71 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Gleap-Id 15c72711-b2cf-44c2-a7b7-135cf9f362dd Response headers access-control-allow-origin * content-encoding gzip etag W/"1cec-vNcBNkAQL6fB9GFIDkrQjO1gKRU" date Thu, 26 Sep 2024 12:13:36 GMT content-type application/json; charset=utf-8 x-powered-by Express vary Accept-Encoding
OPTIONS H2	204	L96S8j7yuTDRMXNofdUTGNNrv5CDArFr api.gleap.io/config/	0 0	42ms 42ms	Preflight	67.207.79.245 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.gleap.io/config/L96S8j7yuTDRMXNofdUTGNNrv5CDArFr?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.207.79.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers api-token,content-type,gleap-hash,gleap-id Access-Control-Request-Method GET Origin https://bookings.oneos-test.teachingpersonnel.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers api-token,content-type,gleap-hash,gleap-id access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * date Thu, 26 Sep 2024 12:13:36 GMT vary Access-Control-Request-Headers x-powered-by Express
GET H/1.1	200 OK	Primary Request authorize Show response login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/	43 KB 18 KB	239ms 108ms	Document text/html	2603:1026:3000:d0::6 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Requested by Host: bookings.oneos-test.teachingpersonnel.com URL: https://bookings.oneos-test.teachingpersonnel.com/chunk-LMISKXD3.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:d0::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash da9c9a0dfbc94840d80c346408494cf1ed052ef580d0ddb1d0b2d947351ea263 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://bookings.oneos-test.teachingpersonnel.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache Content-Encoding gzip Content-Length 15697 Content-Type text/html; charset=utf-8 Date Thu, 26 Sep 2024 12:13:36 GMT Expires -1 Link <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-DNS-Prefetch-Control on X-Frame-Options DENY X-XSS-Protection 0 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]} x-ms-clitelem 1,0,0,, x-ms-ests-server 2.1.19005.8 - NEULR1 ProdSlices x-ms-request-id 31390f25-af56-4d10-af93-cf21a7c55e00 x-ms-srs 1.P
GET H/1.1	200 OK	favicon.ico bookings.oneos-test.teachingpersonnel.com/	23 KB 23 KB	67ms 34ms	Other image/x-icon	20.90.134.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bookings.oneos-test.teachingpersonnel.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.90.134.36 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bookings.oneos-test.teachingpersonnel.com/login?returnUrl=%2F Response headers ETag "083f6c25db6da1:0" Accept-Ranges bytes Content-Length 23548 Date Thu, 26 Sep 2024 12:13:36 GMT Content-Type image/x-icon Last-Modified Tue, 04 Jun 2024 09:01:18 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET
GET H/1.1	200 OK	Me.htm login.live.com/	0 0	306ms 169ms	Other text/html	20.190.160.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.live.com/Me.htm?v=3 Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers
GET H2	200	converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css aadcdn.msauth.net/ests/2.1/content/cdnbundles/	111 KB 20 KB	183ms 72ms	Stylesheet text/css	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://login.microsoftonline.com Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DC9BA9D4131BFD x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type text/css last-modified Wed, 03 Jul 2024 21:48:08 GMT cache-control public, max-age=31536000 x-ms-request-id 764f46cd-f01e-006f-71a1-0dc9a5000000 accept-ranges bytes access-control-allow-origin * content-length 20414 x-azure-ref 20240926T121337Z-r17bcb8455drpxh4zn49ter8bg00000003vg000000001fey x-ms-blob-type BlockBlob
GET H2	200	ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js Show response aadcdn.msauth.net/shared/1.0/content/js/	439 KB 120 KB	185ms 74ms	Script application/x-javascript	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7dc87d100ffda0b44300291491bbe7ac8a6eae94937ccec0494d5f154c07c3a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://login.microsoftonline.com Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCCC8188A08D46 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type application/x-javascript last-modified Wed, 04 Sep 2024 01:33:09 GMT cache-control public, max-age=31536000 x-ms-request-id 78e25611-701e-0071-206a-0d257d000000 accept-ranges bytes access-control-allow-origin * content-length 122193 x-azure-ref 20240926T121337Z-r17bcb8455drpxh4zn49ter8bg00000003vg000000001ff0 x-ms-blob-type BlockBlob
GET H2	200	ux.converged.login.strings-en-gb.min_cbswjxuaj0rm3vcoq-_xgq2.js Show response aadcdn.msauth.net/ests/2.1/content/cdnbundles/	56 KB 17 KB	184ms 74ms	Script application/x-javascript	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_cbswjxuaj0rm3vcoq-_xgq2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 23abe6bf5235180cc10ebfb0ed488e6fbaba0c106109f13c30d1107d9682e0dc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://login.microsoftonline.com Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCC6D537996914 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type application/x-javascript last-modified Tue, 27 Aug 2024 20:17:04 GMT cache-control public, max-age=31536000 x-ms-request-id 309c0537-501e-0066-5fc2-0d8c76000000 accept-ranges bytes access-control-allow-origin * content-length 16385 x-azure-ref 20240926T121337Z-r17bcb8455drpxh4zn49ter8bg00000003vg000000001fez x-ms-blob-type BlockBlob
GET H2	200	convergedlogin_pcustomizationloader_117b650bccea354984d8.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	397 KB 114 KB	173ms 65ms	Script application/x-javascript	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCBD5317046A2F x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type application/x-javascript last-modified Thu, 15 Aug 2024 17:52:54 GMT cache-control public, max-age=31536000 x-ms-request-id 3f46aaf2-b01e-000f-32eb-0c8a97000000 accept-ranges bytes access-control-allow-origin * content-length 116365 x-azure-ref 20240926T121337Z-166b57bf9c8p9q7zsne7zd14rs00000005h0000000004wb3 x-ms-blob-type BlockBlob
GET H2	200	favicon aadcdn.msauthimages.net/c1c6b6c8-xr35uvx9qnhjprdfufpefit2gvpjvtfoswnfo9t6tdq/logintenantbranding/0/	2 KB 2 KB	274ms 118ms	Other image/*	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauthimages.net/c1c6b6c8-xr35uvx9qnhjprdfufpefit2gvpjvtfoswnfo9t6tdq/logintenantbranding/0/favicon?ts=638343690173269197 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 8b2f139e0f3db701d4eb023961c85df8b27680e473cf74d565a1a29e5c3a83a9 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers content-md5 1mjQ9oR8IBZonxseLE1xjA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DBDA344187C8EA x-content-type-options nosniff date Thu, 26 Sep 2024 12:13:37 GMT content-type image/* last-modified Tue, 31 Oct 2023 17:10:17 GMT cache-control public, max-age=86400 x-ms-request-id 1e895ab2-e01e-0063-0b0d-106a17000000 accept-ranges bytes access-control-allow-origin * content-length 1907 x-ms-blob-type BlockBlob server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	15 KB 6 KB	43ms 43ms	Script application/x-javascript	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCBD531731891C x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type application/x-javascript last-modified Thu, 15 Aug 2024 17:52:54 GMT cache-control public, max-age=31536000 x-ms-request-id a7b93c36-c01e-0021-35eb-0c9092000000 accept-ranges bytes access-control-allow-origin * content-length 5529 x-azure-ref 20240926T121337Z-166b57bf9c8p9q7zsne7zd14rs00000005h0000000004wb4 x-ms-blob-type BlockBlob
GET H2	200	marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif aadcdn.msauth.net/shared/1.0/content/images/	3 KB 3 KB	42ms 41ms	Image image/gif	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8DB5C3F48EC4154 x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type image/gif last-modified Wed, 24 May 2023 10:11:47 GMT cache-control public, max-age=31536000 x-ms-request-id 19323406-f01e-0021-6b76-0cd880000000 accept-ranges bytes access-control-allow-origin * content-length 2672 x-azure-ref 20240926T121337Z-166b57bf9c8p9q7zsne7zd14rs00000005h0000000004wb5 x-ms-blob-type BlockBlob
GET H2	200	marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif aadcdn.msauth.net/shared/1.0/content/images/	4 KB 4 KB	42ms 41ms	Image image/gif	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8DB5C3F4904824B x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:37 GMT content-type image/gif last-modified Wed, 24 May 2023 10:11:48 GMT cache-control public, max-age=31536000 x-ms-request-id 8c719d91-601e-0052-2deb-0cbfbe000000 accept-ranges bytes access-control-allow-origin * content-length 3620 x-azure-ref 20240926T121337Z-166b57bf9c8p9q7zsne7zd14rs00000005h0000000004wb6 x-ms-blob-type BlockBlob
GET H2	200	illustration aadcdn.msauthimages.net/c1c6b6c8-xr35uvx9qnhjprdfufpefit2gvpjvtfoswnfo9t6tdq/logintenantbranding/0/	82 KB 82 KB	131ms 130ms	Image image/*	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauthimages.net/c1c6b6c8-xr35uvx9qnhjprdfufpefit2gvpjvtfoswnfo9t6tdq/logintenantbranding/0/illustration?ts=638343690180080770 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash aff92fcf3670834335cf106bc216fdf82651d66f7775bcca3b2212220e174c6e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers content-md5 YXWn9EF++njM06LEhuvCvQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DBDA3441F19EE2 x-content-type-options nosniff date Thu, 26 Sep 2024 12:13:36 GMT content-type image/* last-modified Tue, 31 Oct 2023 17:10:18 GMT cache-control public, max-age=86400 x-ms-request-id 70312536-301e-006a-440d-107099000000 accept-ranges bytes access-control-allow-origin * content-length 83685 x-ms-blob-type BlockBlob server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	bannerlogo aadcdn.msauthimages.net/c1c6b6c8-xr35uvx9qnhjprdfufpefit2gvpjvtfoswnfo9t6tdq/logintenantbranding/0/	4 KB 5 KB	224ms 223ms	Image image/*	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauthimages.net/c1c6b6c8-xr35uvx9qnhjprdfufpefit2gvpjvtfoswnfo9t6tdq/logintenantbranding/0/bannerlogo?ts=636739909587267090 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 90c145434af1d095b160fabf28a0291dbcf8558429062bd5cd76a9569cc9121e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers content-md5 Fy+0UIguVBKBGmXsv56Xeg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8D62792FD9111F3 x-content-type-options nosniff date Thu, 26 Sep 2024 12:13:37 GMT content-type image/* last-modified Mon, 01 Oct 2018 11:42:39 GMT cache-control public, max-age=86400 x-ms-request-id 9c6bf6ff-c01e-0074-710d-10aa74000000 accept-ranges bytes access-control-allow-origin * content-length 4545 x-ms-blob-type BlockBlob server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H/1.1	401 Unauthorized	ssoprobe autologon.microsoftazuread-sso.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/winauth/	12 B 1 KB	276ms 73ms	Image image/png	2603:1026:3000:150::a MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://autologon.microsoftazuread-sso.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/winauth/ssoprobe?client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&_=1727352817650 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers x-ms-ests-server 2.1.19005.8 - SEC ProdSlices report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]} X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, OPTIONS Expires -1 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Date Thu, 26 Sep 2024 12:13:37 GMT Content-Type image/png; charset=utf-8 Vary Origin Cache-Control no-store, no-cache nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} Pragma no-cache WWW-Authenticate Negotiate Access-Control-Allow-Credentials true Referrer-Policy strict-origin-when-cross-origin x-ms-request-id e8848524-fce9-4387-bf91-a5d23a056400 Access-Control-Allow-Origin https://login.microsoftonline.com Content-Length 12 X-XSS-Protection 0
POST H/1.1	200 OK	dssostatus Show response login.microsoftonline.com/common/instrumentation/	265 B 2 KB	67ms 65ms	XHR application/json	2603:1026:3000:d0::6 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/common/instrumentation/dssostatus Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:d0::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a584c7f50a717971adf3bc024537c7f89c56a844e2e70bed29ba3d0c7b770912 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers hpgid 1104 Referer https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D hpgact 1800 canary PAQABDgEAAADW6jl31mB3T7ugrWTT8pFe_AEx10kDrD8IQu2WoESqC9R87IFykoMITqGx-ngvZ2Bt2S0fRx7IfsbX2zarjF8Elucu0XvZoVvfQaH9-25W3IZKzotoK8DjR3KrL8RnlsFyC_nbA_x-4KKiMoS8gZXwlbAheUuzvoUuMXmlv5aaCY6BNrmVswrZhq5tW5ZblPFkd6nWPy8vDvz9NEHcZz3wP0GdW48cfW0gElG1JZGLpyAA client-request-id efac42ce-f4bb-40cc-96c2-4c3df3f60a51 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json hpgrequestid 31390f25-af56-4d10-af93-cf21a7c55e00 Content-type application/json; charset=UTF-8 Response headers x-ms-ests-server 2.1.19005.8 - WEULR1 ProdSlices report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]} X-Content-Type-Options nosniff Access-Control-Allow-Methods POST, OPTIONS Expires -1 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Date Thu, 26 Sep 2024 12:13:37 GMT Content-Type application/json; charset=utf-8 x-ms-srs 1.P Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control no-store, no-cache nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} Pragma no-cache Access-Control-Allow-Credentials true Referrer-Policy strict-origin-when-cross-origin x-ms-request-id e21c77a8-7785-42cf-ab69-1a7f34da5700 Content-Security-Policy-Report-Only object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-ihe1ChNv4zEyGy9xF9E5jQ' 'unsafe-eval' 'unsafe-inline' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com 'report-sample'; img-src 'self' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All client-request-id efac42ce-f4bb-40cc-96c2-4c3df3f60a51 Access-Control-Allow-Origin https://autologon.microsoftazuread-sso.com/ Content-Length 265 X-XSS-Protection 0
GET H2	200	convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	111 KB 35 KB	39ms 39ms	Script application/x-javascript	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCBD5317AEB807 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 4554691 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:38 GMT content-type application/x-javascript last-modified Thu, 15 Aug 2024 17:52:55 GMT cache-control public, max-age=31536000 x-ms-request-id f3ac8c33-c01e-002a-6b1d-0d23eb000000 accept-ranges bytes access-control-allow-origin * content-length 35168 x-azure-ref 20240926T121338Z-166b57bf9c8p9q7zsne7zd14rs00000005h0000000004wbb x-ms-blob-type BlockBlob
GET H2	200	signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg aadcdn.msauth.net/shared/1.0/content/images/	2 KB 1 KB	51ms 51ms	Image image/svg+xml	2620:1ec:29:1::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.microsoftonline.com/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DB5C3F49ED96E0 x-ms-lease-status unlocked x-fd-int-roxy-purgeid 0 x-cache TCP_HIT date Thu, 26 Sep 2024 12:13:38 GMT content-type image/svg+xml last-modified Wed, 24 May 2023 10:11:49 GMT cache-control public, max-age=31536000 x-ms-request-id bb068fb7-b01e-0066-361d-0dfbc9000000 accept-ranges bytes access-control-allow-origin * content-length 621 x-azure-ref 20240926T121338Z-166b57bf9c8p9q7zsne7zd14rs00000005h0000000004wbc x-ms-blob-type BlockBlob

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834 boolean| __convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bookings.oneos-test.teachingpersonnel.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: e449f4958af486f02f43dfe120dcf1fa5feea3c78b154c4e26ee7bc9816eeba2
			.bookings.oneos-test.teachingpersonnel.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: e449f4958af486f02f43dfe120dcf1fa5feea3c78b154c4e26ee7bc9816eeba2
			.onesignal.com/	1970-01-20 23:49:14	Name: __cf_bm Value: CTJC7U_jaBzPg8n2PSrBqn9wwcure68oTVi.nEDaXp0-1727352816-1.0.1.1-4ebCwwFLvPYRHPXElnDpRenrEq73bnIsZtVGw5heEPWlDd5aUMBF78P0Vsv2ozgSi85rH8roqTXvEJ9z6yqYNw
			login.microsoftonline.com/	1970-01-21 00:32:24	Name: buid Value: 0.AXkAiJvYFgHKYkWfELlUHz6094XmUihCyw9AhTz54CmR_egMAQA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeQFbUpj5Y6EHlETaAUZnBJDCLVKAT8MldfAfhTQEoSHPyiTHrSUlMEPzBZZnJ9sO6bIovoYbM0WtJwXKm9duZHLWf0YUJewy_b2xoc3j_zOwgAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFecLfo6RFp1i7bJ94HxkVqF-YkJpUdmFoYynQ8LGAA96v51ZqmRoQk5-3_czC8RWhktD7r8NFAF9JU8ES_yZXWTdlj8Z4dvY7aQKFA1G9sD54uzATZoQLHrlegNEouW1ndIg-_vliPgI9T2RtVDn8TfFiBrbEhtsXQKosjOvVivocgAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-B2O63d7iDak Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFertEpXULnUThn2l1ttNtftcXkpEh54BOn2ml8DF742P4KJc2prnmurajnuhL25OnULzoOL4_Z9GMxsfMnMrhRjTCBGl1Vkza4ubbQ2KUCennEdDpfHKzOtslRo6DPYTtHU6QoqxMA3Wgfirwyk05V5yAA
			login.microsoftonline.com/	1970-01-21 00:32:24	Name: fpc Value: AjBNoZQJUF9JvIFZIrByRnjYmgtVAQAAAO9Gh94OAAAA
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
			.login.microsoftonline.com/	1970-01-21 09:10:48	Name: brcap Value: 0
			.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: fe8a8f5135c34f71bf01c31c78503dd5
			.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1727352817&co=1
			autologon.microsoftazuread-sso.com/	1970-01-21 00:32:24	Name: fpc Value: AkjGpeghz-pAlkrMQYBR__A
			autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/winauth/ssoprobe?client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&_=1727352817650 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation	verbose	URL: https://login.microsoftonline.com/16d89b88-ca01-4562-9f10-b9541f3eb4f7/oauth2/v2.0/authorize?client_id=2852e685-cb42-400f-853c-f9e02991fde8&scope=api%3A%2F%2Fb7f9e073-818a-452d-91b3-d80e9233fa3e%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fbookings.oneos-test.teachingpersonnel.com%2F&client-request-id=efac42ce-f4bb-40cc-96c2-4c3df3f60a51&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.6.0&client_info=1&code_challenge=cIzQ4RvkAMDqlRBZmLJjY-uxZgZbQUd7OroYwgxiLjU&code_challenge_method=S256&nonce=261b9439-4a03-4356-8b88-90bedb1f3f0c&state=eyJpZCI6IjkyYTk1OTcxLThmYWQtNGM3NS05Njg3LTdhNDJlZDExYTM2OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
api.gleap.io
autologon.microsoftazuread-sso.com
bookings.oneos-test.teachingpersonnel.com
cdn.onesignal.com
login.live.com
login.microsoftonline.com
104.17.111.223
20.190.160.22
20.90.134.36
2603:1026:3000:150::a
2603:1026:3000:d0::6
2603:1027:1:d8::5
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:29:1::64
67.207.79.245
17eea9536be4eb78fadc1b1d10505cf7c0ea78e9873d0909e72c422cb81f3377
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
23abe6bf5235180cc10ebfb0ed488e6fbaba0c106109f13c30d1107d9682e0dc
337503fe8c78e0b08798324c847013ad5b194a8acc11815ee6eedff3bfa11eb0
67fa4336bf9d23530c6d10018376de1685df21c4b77b0a2ddabb724b429a256b
7dc87d100ffda0b44300291491bbe7ac8a6eae94937ccec0494d5f154c07c3a0
8490c2f9ec822bf1277edd2532841ef2bcc1fe67e59a99063a6b0334dcad12c2
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b2f139e0f3db701d4eb023961c85df8b27680e473cf74d565a1a29e5c3a83a9
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90c145434af1d095b160fabf28a0291dbcf8558429062bd5cd76a9569cc9121e
94f2539415bc0e9d990e30047d2b1faf3aef3de887320863a1ec548872b704fc
a223ff09a6719f1e6adc81a7b4239a022154232781900e10af35cf68ee43987e
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a584c7f50a717971adf3bc024537c7f89c56a844e2e70bed29ba3d0c7b770912
aff92fcf3670834335cf106bc216fdf82651d66f7775bcca3b2212220e174c6e
b0104b2c6963af335e4fcd9f1b391467ed20ad0f189f3c8bc01982f9d9bd2080
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
da9c9a0dfbc94840d80c346408494cf1ed052ef580d0ddb1d0b2d947351ea263
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855