urlscan.io logo urlscan.io
SecurityTrails logo

login-qai.fourth.com Open in urlscan Pro
2620:1ec:46::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-qai.fourth.com/
Effective URL: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-...
Submission: On July 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2620:1ec:46::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login-qai.fourth.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 1st 2023. Valid for: a year.
This is the only time login-qai.fourth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2620:1ec:46::45 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 20.150.84.164 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
11 2620:1ec:bdf::44 8075 (MICROSOFT...)
24 5
7    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure-qai.fourth.com
login-qai.fourth.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    20.150.84.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
engageazureqai.blob.core.windows.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
resources-qai.fourth.com
Domain Requested by
11 resources-qai.fourth.com login-qai.fourth.com
resources-qai.fourth.com
4 login-qai.fourth.com secure-qai.fourth.com
login-qai.fourth.com
resources-qai.fourth.com
3 fonts.googleapis.com secure-qai.fourth.com
login-qai.fourth.com
3 secure-qai.fourth.com secure-qai.fourth.com
2 fonts.gstatic.com fonts.googleapis.com
1 engageazureqai.blob.core.windows.net secure-qai.fourth.com
24 6

This site contains links to these domains. Also see Links.

Domain
www.fourth.com
Subject Issuer Validity Valid
*.azureedge.net
Microsoft Azure TLS Issuing CA 06		 2023-06-02 -
2024-05-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 05		 2023-04-29 -
2024-04-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
login-qai.fourth.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-01 -
2024-07-01		 a year crt.sh
resources-qai.fourth.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-06 -
2024-07-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Frame ID: 0A93C5CE8AE563F6AC7C0DD19224C4D4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fourth

Page URL History Show full URLs

  1. https://secure-qai.fourth.com/ Page URL
  2. https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

24
Requests

88 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

6280 kB
Transfer

6271 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-qai.fourth.com/ Page URL
  2. https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secure-qai.fourth.com/ 		806 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-qai.fourth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1e308efc3f88e426c56f538fc08ecd6aefb53a33737bf79461ca8d8efa60f3e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
806
content-md5
6xB5GUwsL7c7m0Y9NrozRw==
content-type
text/html
date
Fri, 14 Jul 2023 07:38:45 GMT
etag
"0x8DB839FB1F91B20"
last-modified
Thu, 13 Jul 2023 12:50:11 GMT
x-azure-ref
20230714T073845Z-krwv0wbmbp2ep3ee084962160s00000000mg00000001dqvq
x-cache
CONFIG_NOCACHE
x-ms-request-id
69678870-101e-0025-2126-b637ea000000
x-ms-version
2018-03-28
styles.css
secure-qai.fourth.com/styles/ 		603 KB
604 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-qai.fourth.com/styles/styles.css?v=2.21.0.29-dev
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
049dbfb10bac0190e3ed3d63c33a5487510045716eebbbb9413c1c91426ce863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 07:38:45 GMT
last-modified
Thu, 13 Jul 2023 12:50:11 GMT
content-md5
BXE6p2aKKlbmeThnvRiXdA==
etag
"0x8DB839FB1E65949"
x-azure-ref
20230714T073845Z-krwv0wbmbp2ep3ee084962160s00000000mg00000001dqwg
x-cache
CONFIG_NOCACHE
content-type
text/css
x-ms-request-id
6967888b-101e-0025-3a26-b637ea000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
617395
scripts.js
secure-qai.fourth.com/scripts/ 		5 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-qai.fourth.com/scripts/scripts.js?v=2.21.0.29-dev
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
477a5e61e98ecee6fd821088f433e33b610c5695cf0e6ebf5202ac80dee0708f

Request headers

Referer
https://secure-qai.fourth.com/
Origin
https://secure-qai.fourth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 07:38:45 GMT
last-modified
Thu, 13 Jul 2023 12:50:10 GMT
content-md5
Pg+na0qwAufuzSQ7LlzSCw==
etag
"0x8DB839FB1A4ED19"
x-azure-ref
20230714T073845Z-krwv0wbmbp2ep3ee084962160s00000000mg00000001dqwh
x-cache
CONFIG_NOCACHE
content-type
text/javascript
x-ms-request-id
8584f96e-601e-002a-1526-b6da1c000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
5466646
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/styles/styles.css?v=2.21.0.29-dev
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jul 2023 07:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 07:15:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jul 2023 07:38:46 GMT
css2
fonts.googleapis.com/ 		2 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/styles/styles.css?v=2.21.0.29-dev
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jul 2023 07:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 07:13:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jul 2023 07:38:46 GMT
script.js
engageazureqai.blob.core.windows.net/maintenance/emea/ 		125 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://engageazureqai.blob.core.windows.net/maintenance/emea/script.js?t=1689320326833
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/scripts/scripts.js?v=2.21.0.29-dev
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.84.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 14 Jul 2023 07:38:46 GMT
Last-Modified
Thu, 20 Oct 2022 02:48:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AvR/PA8IKWX/ZpzToRU04Q==
ETag
0x8DAB2458806E4E8
Content-Type
application/javascript
x-ms-request-id
8bec94c1-a01e-0020-2026-b6b072000000
x-ms-version
2009-09-19
Content-Length
125
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure-qai.fourth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 22:16:07 GMT
x-content-type-options
nosniff
age
33760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jul 2024 22:16:07 GMT
openid-configuration
login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/v2.0/.well-known/openid-configuration
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/scripts/scripts.js?v=2.21.0.29-dev
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 07:38:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
public
OPTIONS,TRACE,GET,HEAD,POST
x-ms-gateway-requestid
db56af03-49ea-48ad-bf7b-666b6385ddb9
content-length
1498
x-xss-protection
1; mode=block
x-azure-ref
20230714T073847Z-64y46esvux69d9tu4m8kb47f5800000005d000000002q4pn
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure-qai.fourth.com
cache-control
no-store, must-revalidate, no-cache
allow
OPTIONS, TRACE, GET, HEAD, POST
accept-ranges
bytes
Primary Request authorize
login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/ 		208 KB
211 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Requested by
Host: secure-qai.fourth.com
URL: https://secure-qai.fourth.com/scripts/scripts.js?v=2.21.0.29-dev
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a97a66a4b0632c2fcf4c3d306338cd1d2fc2ecfbd594217c20ab2fa3d699c77a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure-qai.fourth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
allow
OPTIONS TRACE GET HEAD POST
cache-control
no-store, must-revalidate, no-cache
content-length
213043
content-type
text/html; charset=utf-8
date
Fri, 14 Jul 2023 07:38:48 GMT
expires
-1
public
OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20230714T073847Z-yfnnme5wv5309eqgx39nf6h25c00000002vg00000000fu21
x-build
1.0.2990.0
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-ms-gateway-requestid
7751eb8c-4369-4263-8783-bb1d8df7225d
x-request-id
35473da7-27a9-4e33-a483-91d6c1881042
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
index.html
resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/index.html
Requested by
Host: login-qai.fourth.com
URL: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a21f2fb14609c402f3c8c2ce1e7102dbbef19c4d705a1a89fc43675d8d661fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:48 GMT
last-modified
Thu, 13 Jul 2023 07:27:40 GMT
content-md5
6QiYHN9hptEj/IIb7bQzGA==
etag
0x8DB8372A43897D0
x-azure-ref
20230714T073848Z-q3g7bebw5x3r5f996s3bx8ea7g00000000hg000000002xqb
x-cache
CONFIG_NOCACHE
content-type
text/html
access-control-allow-origin
*
x-ms-request-id
b42f6796-701e-003e-1626-b61d07000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2244
fourth-logo.svg
resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/fourth-logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12d28b27bee1b12cbdf4ebaf27940eb09befb7d7476e0778b74ece651ba831a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:40 GMT
content-md5
HDsXiJURCe/CToGc+xStSQ==
etag
0x8DB8372A43933FE
x-azure-ref
20230714T073848Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088br
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e583d5ac-801e-0064-5326-b61b86000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
10842
styles.css
resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/styles.css
Requested by
Host: login-qai.fourth.com
URL: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b773a0822773e327bb42dfff09b9967505b3b0dc389da23764fb934dc3c2516e

Request headers

Referer
https://login-qai.fourth.com/
Origin
https://login-qai.fourth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:48 GMT
last-modified
Thu, 13 Jul 2023 07:27:40 GMT
content-md5
o3Bt5MG+XBnYw1fm9jhPsQ==
etag
0x8DB8372A438E5E9
x-azure-ref
20230714T073848Z-q3g7bebw5x3r5f996s3bx8ea7g00000000hg000000002xr0
x-cache
CONFIG_NOCACHE
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b42f67b3-701e-003e-3026-b61d07000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
6095
css
fonts.googleapis.com/ 		2 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: login-qai.fourth.com
URL: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jul 2023 07:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 07:17:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jul 2023 07:38:48 GMT
scripts-loader.js
resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/scripts-loader.js
Requested by
Host: login-qai.fourth.com
URL: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0074d1c5f9bf823aa12a12234f0a09f4ccea6e19b3f877e6e4f3f3f986fc90cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:40 GMT
content-md5
0512I38ANOaLoQ0lCpYe0A==
etag
0x8DB8372A43933FE
x-azure-ref
20230714T073848Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088bs
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a89f3de6-701e-0058-5a26-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
1075
perftrace
login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/B2C_1A_EMEA_LOGIN/client/ 		0
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/B2C_1A_EMEA_LOGIN/client/perftrace?tx=StateProperties=eyJUSUQiOiIzNTQ3M2RhNy0yN2E5LTRlMzMtYTQ4My05MWQ2YzE4ODEwNDIifQ&p=B2C_1A_EMEA_LOGIN
Requested by
Host: login-qai.fourth.com
URL: https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
aktHN2VHT2s1aHRKaG1GUDJTbnFkL2piTng3TGEzRmZLTlRlR3gzb2xtUHdUZjdDWmtxelozWkJkbEJmN3p6R0h5L0F2OTh2RjZhSmdYMVJKYlVPWmc9PTsyMDIzLTA3LTE0VDA3OjM4OjQ4LjI4MDk5NTJaOy9lWGZpZnNqb1k1SHI5ZWZNZFBpWUE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 14 Jul 2023 07:38:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
allow
OPTIONS, TRACE, GET, HEAD, POST
x-cache
CONFIG_NOCACHE
x-azure-ref
20230714T073848Z-yfnnme5wv5309eqgx39nf6h25c00000002vg00000000fub2
public
OPTIONS,TRACE,GET,HEAD,POST
cache-control
no-store, must-revalidate, no-cache
accept-ranges
bytes
x-ms-gateway-requestid
2e8dbad0-e2d6-4f41-aeff-81b45e3b484b
content-length
0
x-xss-protection
1; mode=block
fetch.js
resources-qai.fourth.com/idp-client/external-scripts/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/external-scripts/fetch.js
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/scripts-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe366a090ac067171ba1cfeb38e239e18154e8a54b022fd9bece881b4c555f29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:24 GMT
content-md5
a4L7tVrhm+STWWSujDOOkg==
etag
0x8DB83729ACCAAFD
x-azure-ref
20230714T073849Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088e0
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a89f3e34-701e-0058-2126-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
12680
polyfill.min.js
resources-qai.fourth.com/idp-client/external-scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/external-scripts/polyfill.min.js
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/scripts-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c3dd8bcd72cc584ace4ff00a6af8e87261d4723f955e3dd2d7555c94ccf31df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:24 GMT
content-md5
rtoqAcbs/qEALVjJZ6Eusw==
etag
0x8DB83729ACE0A59
x-azure-ref
20230714T073849Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088ek
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a89f3e45-701e-0058-2f26-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3909
runtime.js
resources-qai.fourth.com/idp-client/external-scripts/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/external-scripts/runtime.js
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/scripts-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:24 GMT
content-md5
T20KwsQ6gbGJDWRCoqcklA==
etag
0x8DB83729ACC5CE4
x-azure-ref
20230714T073849Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088f6
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a89f3e65-701e-0058-4e26-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
21453
branding.js
resources-qai.fourth.com/idp-client/common/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/common/branding.js
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/scripts-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a03b845619cc428f0e30646f30883eb59c02eeeb1d3fbde37a6f254d292b5964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:46 GMT
content-md5
qpsPfrQaMwS87jA8cbnpFw==
etag
0x8DB8372A7E7F3B2
x-azure-ref
20230714T073849Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088fg
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a89f3e84-701e-0058-6a26-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
5746
script.js
resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/script.js
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/scripts-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a924ea4ca153260be451afbb126f0f7974dd89ce9e4a2b9138f9ab27edf515f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 13 Jul 2023 07:27:40 GMT
content-md5
O5snlaY+1fbELK+zu5PB8A==
etag
0x8DB8372A438BEDB
x-azure-ref
20230714T073849Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088fz
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a89f3ea2-701e-0058-0626-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
7214
secure-qai.fourth.com
login-qai.fourth.com/fourth-api/brands/ 		238 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login-qai.fourth.com/fourth-api/brands/secure-qai.fourth.com
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/common/branding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2832f7cc60575bf3d36e4e9c3dc5a18de024d0745c64ff278c571eb5bfb66a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/6fb5b761-45b0-4112-b752-94febe13350a/b2c_1a_emea_login/oauth2/v2.0/authorize?client_id=5a77ee9c-e03f-4a82-8fd0-8aefbce95517&scope=https%3A%2F%2Ffourthcustomers.onmicrosoft.com%2F5a77ee9c-e03f-4a82-8fd0-8aefbce95517%2FToken.Issue%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fsecure-qai.fourth.com&client-request-id=ef25f890-eec8-4b89-b401-9530af651e01&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.29.0&client_info=1&code_challenge=VjnAuQ37FhpYbN83x08XvUI1kDjGGxCZXE39pSlnMLM&code_challenge_method=S256&nonce=f39cf20a-b15b-432b-8dfd-9b9fb74c1f74&state=eyJpZCI6ImVkZjlhYThjLTE3MDUtNGU1Ny04ZGE2LTY4NmU5MWY2MGViNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D%7CFFFsecure-qai.fourth.comFFF&brandDomain=secure-qai.fourth.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 07:38:49 GMT
x-fourth-handledby
FAS2
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref
20230714T073849Z-64y46esvux69d9tu4m8kb47f5800000005d000000002q58d
x-cache
CONFIG_NOCACHE
content-type
application/json;charset=utf-8
accept-ranges
bytes
content-length
187
logo.png
resources-qai.fourth.com/brands/DefaultCustomer/Fourth/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://resources-qai.fourth.com/brands/DefaultCustomer/Fourth/logo.png
Requested by
Host: resources-qai.fourth.com
URL: https://resources-qai.fourth.com/idp-client/emea-b2c/B2C_1_Sign_In_User_Flow/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f883c648cdacd4cb9a8d2ff81b663a3a74045b962c1e811e803eea0aa3f2fc9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 09 Mar 2023 14:04:43 GMT
content-md5
AgV5UwJpCz9fM3GVOM2RTA==
etag
0x8DB20A73B5EC10A
x-azure-ref
20230714T073849Z-q3g7bebw5x3r5f996s3bx8ea7g00000000hg000000002xw7
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b42f69be-701e-003e-1726-b61d07000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3049
logo.png
resources-qai.fourth.com/brands/DefaultCustomer/Fourth/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources-qai.fourth.com/brands/DefaultCustomer/Fourth/logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f883c648cdacd4cb9a8d2ff81b663a3a74045b962c1e811e803eea0aa3f2fc9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-qai.fourth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 07:38:49 GMT
last-modified
Thu, 09 Mar 2023 14:04:43 GMT
content-md5
AgV5UwJpCz9fM3GVOM2RTA==
etag
0x8DB20A73B5EC10A
x-azure-ref
20230714T073849Z-4y2gcdafhh2933bfzydw8gkka800000003k00000000088k5
x-cache
CONFIG_NOCACHE
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a89f3f16-701e-0058-7326-b6af5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3049
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-qai.fourth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 22:16:07 GMT
x-content-type-options
nosniff
age
33762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jul 2024 22:16:07 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime object| $i2e object| $predicateValidation object| $element function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| loadScripts object| regeneratorRuntime function| Branding function| convertHtmlCollectionToArray function| getUrlParameter function| assetExists function| init function| reBrandPage function| changeUrls function| changeBrandColors function| changeBrandAssets function| getSsoButton function| moveSsoButton function| reBrandSsoButton

6 Cookies

Domain/Path Name / Value
secure-qai.fourth.com/ Name: ai_user
Value: 4PfxNhdbIXOfiWmpxkML1s|2023-07-14T07:38:46.402Z
secure-qai.fourth.com/ Name: ai_session
Value: 7m45VttibMzH9jAX1ov4MU|1689320327107|1689320327107
.login-qai.fourth.com/ Name: x-ms-cpim-sso:fourthcustomers.onmicrosoft.com_0
Value: m1.FxYv3pa5q2H9Uu2q.ua2YgKyskwAwV/nGVY6uEg==.0.duvDXg4HgSUnSY/PL2GGQ8G3QVuvT1MSiHVJT1nwp9muE4QlVLU8jukUndjNz6Tpf+ht5PRjWlewo1ToX/sEcC15I8y0wbHisUUybGYAeajJ8kUvh5Kw5h3z7uRd0wJoXU2hyuhdYj46nIJE8qayI1NaEcFGhfis/z3cvA8nx1h2A81dOAOufm+QcQpW/5/vg/0UOnuCcciWV/9M2Q9CPezUx1QItgekdm+E/WEwPuY2o+VONYuJGRaVVKvT0L92VBW3H5o4y5lKw7ptVm13qjxDkcQjdDuu76Y79c6fCUE1ZoRfPRviWWfjLhr/WzYvVX4utr0soGQxWBeZKR9LxNlkS6aJeQAt+rxQtS0PiLhTE/DZEIY0rrTQb1tm8KmoZC7zaRsptW9rpeugU/G9MSDAuVqoiwxsp7ETk+Km3Rax5sAkz2/mrwZmENswFezNyxDyZmTCdvF4mGg+KNkd
.login-qai.fourth.com/ Name: x-ms-cpim-csrf
Value: aktHN2VHT2s1aHRKaG1GUDJTbnFkL2piTng3TGEzRmZLTlRlR3gzb2xtUHdUZjdDWmtxelozWkJkbEJmN3p6R0h5L0F2OTh2RjZhSmdYMVJKYlVPWmc9PTsyMDIzLTA3LTE0VDA3OjM4OjQ4LjI4MDk5NTJaOy9lWGZpZnNqb1k1SHI5ZWZNZFBpWUE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==
.login-qai.fourth.com/ Name: x-ms-cpim-cache|pz1hnaknm06kg5hwwygqqg_0
Value: m1.s5LMTIxeoI4w+7pm.nvk1+2giJQeNqDLKfQcPNw==.0.ooHQ0FuOBRWpLiO+28xHkXn934cFgj3Oo5KVxe/LU8kHZIq0IZIADEqAUO4RZ4VcWxQrfr0cwDdVkra0zCGbNyhR8cAUCDi9vHvWiYvJZ5gTgK2+zFFJ5CPuK9jKV1DkJZ+5kaSmJGTHUb2uW5h788YT4TZnDVb5AZxWlwNoBwmefko6LYzoN8cCyHUh7GTBxjFjqcAYj7f6zpiioLW1Db9oykRP6EtJ9iqJbaL+C2xOpvo3LTsHW5O3aYhPFL7QvLNYC71q+C46wsa8I1+2K5cvdbgDwn562/U2UnNDnGYN9WAx0ZG6T93bhftTQYXVZv+kIUReE6pnm8fdV1YhYoi7PTSp0eZHvRECBPPvOETmiRnAvchSFm5vUtqfaiD+ifGFtL0VIE0XkJgJwD4xzC0tOYdEXzVAdVgTwD0cQWO1ECmuwaG5kFPBDOE7zCf8qlbzBRzpHR6G1ZC5pLQLgMYJ+9MWTzzOGBidtvPSPB61/UigB0F+d2FzzEaJxP1GHLbuSIm3CuXyvMdoMbDvPJI5sTWF1It6UuhPzy9DQIOilTQTUbueZvc6ohk/OQlmh/7FgGi0diGNtbTjcWgFAB0X8vxraBwAn9Z5U/IbT9TTE4Ofq4sQTEmFU4fGBw17V/xc+rjqprdgwOYwduQvoTj7Ini2IjUK66FBXJSXjDV+xJqJN2kVy60vNzdtOYvuzAqWKU/Erv7uBWCfLA2hmkZ7s1LfIdyWqnP16McmuZf008pN3shaTCAk24waP6OnPHtlWfNrw3mCec3lzh+Ut2P+Njnexq/3QaCFfXO43TskrfABrDOu52RTdoWF7JLBfmbZEJqsu3XC8uk8+MYnh5opwAw3XR9nOjNula3P2b9YN2qFBWmU3DNESorLLBnhQ3klKp9eNq5G9vWjzAZS+mGUjkmUJHsIDYlEoAKc7CXjvtzQGVNBhLAhzy1HKK/rnfvLX3g7f/+cHMipauaJNOBXXHVIsa/Sh05XQgBZWIgoBBoHp4B3P7MttnzsUoCql7ys8qGv7FlG5viRBWTXrXANJk7czsZmrfGt1hVOnEY+qk7Xspz+B9fJyAfNEnRbEU5ZPBwuW/9IKgWQYiGIB1vx5FVYJ966I7DyNm5U9HmBYKGsbqXpxkWbp6tjKhG0AkvTaUuLoYs42QWynsMFhxw2Zca6SM2v+qLouBTtvhM2EICeYvcPbKyasAb4oY5UF4k77Dptswe/wu5zp6GHY6+rqz8wAkE1/Lkxew/moFtoOIDuGxpdSgMd+3syV4g1uFPiGhntzKvys4CXGHLM6WHVabn/L1T54d8uCR9LZNkpISGV6D9nzDENP4pCUChgCks46ZH1AryOHMdBHZZsnKtRC/OPJSSvIzD0
.login-qai.fourth.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjM1NDczZGE3LTI3YTktNGUzMy1hNDgzLTkxZDZjMTg4MTA0MiIsIlQiOiJmb3VydGhjdXN0b21lcnMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9lbWVhX2xvZ2luIiwiQyI6IjVhNzdlZTljLWUwM2YtNGE4Mi04ZmQwLThhZWZiY2U5NTUxNyIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiMzU0NzNkYTctMjdhOS00ZTMzLWE0ODMtOTFkNmMxODgxMDQyIn0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

engageazureqai.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
login-qai.fourth.com
resources-qai.fourth.com
secure-qai.fourth.com
20.150.84.164
2620:1ec:46::45
2620:1ec:bdf::44
2a00:1450:4001:808::2003
2a00:1450:4001:828::200a
0074d1c5f9bf823aa12a12234f0a09f4ccea6e19b3f877e6e4f3f3f986fc90cd
049dbfb10bac0190e3ed3d63c33a5487510045716eebbbb9413c1c91426ce863
12d28b27bee1b12cbdf4ebaf27940eb09befb7d7476e0778b74ece651ba831a8
1e308efc3f88e426c56f538fc08ecd6aefb53a33737bf79461ca8d8efa60f3e6
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
477a5e61e98ecee6fd821088f433e33b610c5695cf0e6ebf5202ac80dee0708f
4c3dd8bcd72cc584ace4ff00a6af8e87261d4723f955e3dd2d7555c94ccf31df
a03b845619cc428f0e30646f30883eb59c02eeeb1d3fbde37a6f254d292b5964
a21f2fb14609c402f3c8c2ce1e7102dbbef19c4d705a1a89fc43675d8d661fa7
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
a924ea4ca153260be451afbb126f0f7974dd89ce9e4a2b9138f9ab27edf515f6
a97a66a4b0632c2fcf4c3d306338cd1d2fc2ecfbd594217c20ab2fa3d699c77a
b773a0822773e327bb42dfff09b9967505b3b0dc389da23764fb934dc3c2516e
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2832f7cc60575bf3d36e4e9c3dc5a18de024d0745c64ff278c571eb5bfb66a3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f883c648cdacd4cb9a8d2ff81b663a3a74045b962c1e811e803eea0aa3f2fc9e
fe366a090ac067171ba1cfeb38e239e18154e8a54b022fd9bece881b4c555f29