login.microsoftonline.com
Open in
urlscan Pro
2603:1036:3000:60::16
Public Scan
Effective URL: https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00Eu...
Submission: On September 22 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 30th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-84.yul62.r.cloudfront.net
bannerhealth.tuition.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-0-79.compute-1.amazonaws.com
tio-api.tuition.io |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-82.iad79.r.cloudfront.net
bannerhealth.legacy.tuition.io |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
tuitionio-production-public-assets.s3.amazonaws.com | |
tuitionio-production-images.s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com |
ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-52.iad89.r.cloudfront.net
api.tuition.works |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Domain | Requested by | |
---|---|---|
10 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
10 | bannerhealth.tuition.io |
bannerhealth.tuition.io
|
9 | bannerhealth.legacy.tuition.io |
bannerhealth.tuition.io
bannerhealth.legacy.tuition.io |
7 | static.zdassets.com |
bannerhealth.tuition.io
static.zdassets.com |
6 | tio-api.tuition.io |
bannerhealth.tuition.io
bannerhealth.legacy.tuition.io |
5 | tio.zendesk.com |
static.zdassets.com
|
4 | fonts.googleapis.com |
bannerhealth.tuition.io
ajax.googleapis.com bannerhealth.legacy.tuition.io client |
2 | aadcdn.msauthimages.net | |
2 | login.microsoftonline.com |
bannerhealth.tuition.io
aadcdn.msauth.net |
2 | q7n3gpmqhcp7.statuspage.io |
bannerhealth.legacy.tuition.io
q7n3gpmqhcp7.statuspage.io |
2 | rum.browser-intake-datadoghq.com |
bannerhealth.tuition.io
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | login.live.com |
login.microsoftonline.com
|
1 | api.tuition.works | 1 redirects |
1 | rum-http-intake.logs.datadoghq.com |
bannerhealth.legacy.tuition.io
|
1 | tuitionio-production-images.s3.amazonaws.com |
bannerhealth.legacy.tuition.io
|
1 | cdn.jsdelivr.net |
client
|
1 | tuitionio-production-public-assets.s3.amazonaws.com | |
1 | ekr.zdassets.com |
static.zdassets.com
|
1 | ajax.googleapis.com |
bannerhealth.tuition.io
|
0 | autologon.microsoftazuread-sso.com Failed | |
69 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tuition.io Amazon RSA 2048 M02 |
2023-02-26 - 2024-03-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
zdassets.com Cloudflare Inc ECC CA-3 |
2022-11-10 - 2023-11-09 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
tio.zendesk.com Cloudflare Inc ECC CA-3 |
2023-04-14 - 2024-04-13 |
a year | crt.sh |
legacy.tuition.io Amazon RSA 2048 M02 |
2022-11-16 - 2023-12-15 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-03-21 - 2023-12-19 |
9 months | crt.sh |
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-17 - 2024-06-18 |
a year | crt.sh |
*.statuspage.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-26 - 2024-08-23 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-22 - 2024-03-22 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-08-30 - 2024-08-30 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-07-29 - 2024-07-29 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2023-07-02 - 2024-07-02 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2023-03-08 - 2024-03-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true
Frame ID: D1AB8B91A5E4BDD32635DC76716D8488
Requests: 37 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Frame ID: B05773AD28B541BB5E91930EB9F870F4
Requests: 9 HTTP requests in this frame
Frame:
https://bannerhealth.legacy.tuition.io/ember-start
Frame ID: BAD9DCA1A883F3588B1AB4D0DAEE9C00
Requests: 17 HTTP requests in this frame
Frame:
https://q7n3gpmqhcp7.statuspage.io/embed/frame
Frame ID: CAB5EED00CAB619592DC061097DDF1A7
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://bannerhealth.tuition.io/ Page URL
-
https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io
HTTP 302
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT... Page URL
- https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT... Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- googleapis\.com/.+webfont
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://bannerhealth.tuition.io/ Page URL
-
https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io
HTTP 302
https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D Page URL
- https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 53- https://api.tuition.works/saml/bannerhealth/auth?redirect=https%3A%2F%2Fbannerhealth.tuition.io HTTP 302
- https://login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/saml2?SAMLRequest=lZJLb9swEIT%2FisC7HqT8EiErcGMUNZC2Ruz00EuxJFcxUYl0uVTS%2FvvISoPm0gC5Lmb22xlsffW775IHDGS9WzOeFeyqqTdDPLlb%2FDUgxWQUOFqzITjpgSxJBz2SjFoeNp9vpMgKeQ4%2Beu079iyWBH33tgOIMMSRyZJvL%2FBxzpLdds1%2BmLmCEtrCcFXNcAFLozTOeKF0xVetAlTAsYVFyUcD0YA7RxFcHHcUokyLKhXiyIWcV1LMs2qx%2Bs6S7ZjFOogT6hTjmWSed%2F7euqy3OnjybfSusw4z7fscDILRRqQlQJvOVuU8VWJZphwVrmC5FIuW55ecgiWblzDX3tHQYzhgeLAa725v%2FqHgbLM42Isse%2FThJ03uXIFzGE4IXTzloIkl%2B79lfrDOWHf%2Fdo%2FqWUTy0%2FG4T%2FdfD0fW1JfFcuolNO%2FB9xihzl%2B76y8jcbfd%2B87qP8lHH3qI%2Fz%2BIZ3yaWJO2k1QOjs6obWvRjDV1nX%2B8DggR1yyGAVne1PnrX2ueAA%3D%3D&RelayState=https%3A%2F%2Fbannerhealth.tuition.io&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qw35UWCACtFH%2F2Lu%2BCzM5I1YBXM4DPaGY8V6b3DeFbNxvcUmZNmzRSTj%2B32KhNsM2ZHOGpNlqrUOJtYVwclaRkRflKRbBNEiIxLu1JWS8qVvX4fKIwlktQ4vMeIKOhcT76XKPXRoTi2FoyIlzyRgoQc2I6yA3tKdDruT3eOoZkTuMm7uwqdTk%2FADtofcTb5zgeuE%2BNAwnFeZNUIDxpXG6Rfm71aUz%2BRZ38uE96CJ08klUaLE8VO1Dlyv3BuUdDe6wa06F6IOYayA0HLvzOJVZZqxF31j4TMJelVftaFRO69FWdyfsKFF9UbZcSd10A%2BPP1I7adQGNXDBJecDzVjthg%3D%3D
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bannerhealth.tuition.io/ |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tailwind-92b3264a00c8df86b9cf164f2dca3278.css
bannerhealth.tuition.io/assets/ |
86 KB 86 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-6a55574089aa7bda8bce9a25135a74c4.css
bannerhealth.tuition.io/assets/ |
14 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk.143.7501c0c2b47dd66e9041.css
bannerhealth.tuition.io/assets/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tio-employee-8b700748f32d694eb59c3ee6363f808c.css
bannerhealth.tuition.io/assets/ |
406 B 901 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-8c3763193f72639a3a48f96488b6c1b7.js
bannerhealth.tuition.io/assets/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk.766.dd0dbaf9e8d8b1eefe7e.js
bannerhealth.tuition.io/assets/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk.143.7501c0c2b47dd66e9041.js
bannerhealth.tuition.io/assets/ |
736 KB 738 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tio-employee-92a2534bddd7c0b7aa409fe8d318f3db.js
bannerhealth.tuition.io/assets/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 681 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tio-common-ab5d81d9af5801e5b8846fc20db692f9.css
bannerhealth.tuition.io/assets/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b4a45fc6-354a-41ee-b685-57b33d687ad6
ekr.zdassets.com/compose/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
bannerhealth
tio-api.tuition.io/preregister/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerhealth
tio-api.tuition.io/preregister/ |
3 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-main-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame B057 |
453 KB 143 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us-json-4b22769.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame B057 |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-4852-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame B057 |
139 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-519-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame B057 |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-5178-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame B057 |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-9535-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame B057 |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pv
tio.zendesk.com/frontendevents/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pv
tio.zendesk.com/frontendevents/ Frame B057 |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
tio.zendesk.com/embeddable/ Frame B057 |
965 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conditions
tio-api.tuition.io/preregister/bannerhealth/ |
678 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
conditions
tio-api.tuition.io/preregister/bannerhealth/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ember-start
bannerhealth.legacy.tuition.io/ Frame BAD9 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_health_logo.svg.png
tuitionio-production-public-assets.s3.amazonaws.com/uploads/2023/08/25/4a5cc40c-5832-4302-adac-f0562ac35fd8/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
rum.browser-intake-datadoghq.com/api/v2/ |
53 B 305 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ Frame BAD9 |
9 KB 975 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.03242217381fb8044271.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 |
2 MB 203 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.f6aad8bf4429568ef3c4.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 |
7 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
q7n3gpmqhcp7.statuspage.io/embed/ Frame BAD9 |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.c5f9b8b5c27757d5cf41.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 |
0 43 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.33690ef00a949c59df16.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 |
0 8 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.ebde1e0f78179fc49b69.js
bannerhealth.legacy.tuition.io/static/js/ Frame BAD9 |
0 42 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame
q7n3gpmqhcp7.statuspage.io/embed/ Frame CAB5 |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ Frame BAD9 |
7 KB 850 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.9.0/css/ Frame BAD9 |
55 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
growth.svg
tuitionio-production-images.s3.amazonaws.com/staticImages/mousai/ Frame BAD9 |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-SemiBold.woff2
bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame BAD9 |
79 KB 79 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame BAD9 |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-Medium.woff2
bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame BAD9 |
79 KB 80 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
bannerhealth
tio-api.tuition.io/preregister/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerhealth
tio-api.tuition.io/preregister/ Frame BAD9 |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pv
tio.zendesk.com/frontendevents/ Frame B057 |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pv
tio.zendesk.com/frontendevents/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-Regular.woff2
bannerhealth.legacy.tuition.io/static/fonts/Montserrat-woff2/ Frame BAD9 |
79 KB 80 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
rum.browser-intake-datadoghq.com/api/v2/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pub2b0a5007df194a17333ea4bc92733249
rum-http-intake.logs.datadoghq.com/v1/input/ Frame BAD9 |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
135 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/ |
38 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_prc91eyu9sqvbxj8tusclg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_gi39Edvdc7MTH8raduM_DA2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
416 KB 115 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
49 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_ad69b2c2408c2332edca.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_ae8e0b1c20216cc1fee1.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/dbd5a2dd-hncn8sieuzk0k1g9y-ezsg2qcbgw8m6zyydoi7ohpxc/logintenantbranding/0/ |
193 KB 193 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-hncn8sieuzk0k1g9y-ezsg2qcbgw8m6zyydoi7ohpxc/logintenantbranding/0/ |
4 KB 4 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ssoprobe
autologon.microsoftazuread-sso.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/winauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- autologon.microsoftazuread-sso.com
- URL
- https://autologon.microsoftazuread-sso.com/adeadcd2-3aaf-4835-b273-1ebe8a7726f1/winauth/ssoprobe?client-request-id=9448c22c-8dfe-4175-860d-0374052b07fa&_=1695387567440
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bannerhealth.legacy.tuition.io/ | Name: _dd_s Value: rum=1&id=fd07c77b-a723-4087-8d02-c6c9691afd6d&created=1695387564519&expire=1695388464519 |
|
bannerhealth.tuition.io/ | Name: _dd_s Value: rum=2&id=818b52dd-aa50-4312-a906-2cd5765547f2&created=1695387562819&expire=1695388462819 |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQ0A0tzqra86NUiycx6-incm8cj-15w0DkZGrOx4w0Q8w8ANAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEP5bkiOp4sijanMo1m1GeY3iH5sJjqcgSmbpWh-S1lTXRqRgcjh02sHaZjI-5mbTE6BQ7B-_78A1cmmrIXQ2akLhgtn7OF1jFUZIaM2Ydn1SkgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPaYkYgBfAu6ien9V-0dyTWoxNE4PAt8X_Euzbo2CwAoYxpktAilLpt7kxfbwl11HIUeSAh83KraS8CUUHV2XW5j6j5h3w9vR-qZAfswa0vv53qgH1A3a1yZSR2Pj8Uz9DAi3L01A2HRHKYXA-PKzr158VcLBISKJ0OUc1xkd8W2JVlM9LbisSDH0dM4ptxn-sZGmDZc9UFTorlVafBfx5M_he3CCFznuo69dvUTKh3NEgAA |
|
login.microsoftonline.com/ | Name: fpc Value: AjvTRaTra4VOoyTD8_9K8Qh8CQHHAQAAAK6Gn9wOAAAA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
ajax.googleapis.com
api.tuition.works
autologon.microsoftazuread-sso.com
bannerhealth.legacy.tuition.io
bannerhealth.tuition.io
cdn.jsdelivr.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
q7n3gpmqhcp7.statuspage.io
rum-http-intake.logs.datadoghq.com
rum.browser-intake-datadoghq.com
static.zdassets.com
tio-api.tuition.io
tio.zendesk.com
tuitionio-production-images.s3.amazonaws.com
tuitionio-production-public-assets.s3.amazonaws.com
autologon.microsoftazuread-sso.com
104.16.51.111
104.18.70.113
104.192.142.23
2600:1f18:24e6:b900:b8:f69a:7375:53e1
2600:1f18:24e6:b901:1e89:8cb4:9181:6321
2603:1036:3000:60::16
2606:2800:21f:3ab5:de35:a4f4:79e0:ff17
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::5f
2620:1ec:29:1::40
2a04:4e42:400::485
3.161.213.84
34.225.0.79
40.126.28.14
52.217.18.172
52.85.151.52
99.86.229.82
13c225901578165f30739f352a04bf47db44fc14bbd535ded28e1304fbc26947
1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
261e46cbc743d7c2942693a1758ff4e01b87d432412596cd3dd36bd936933d7f
2be1191aa91480113eb1796254bf719489de2a478fe0331c78ee7abedb18bd89
38ea669feefa27a2240b638998b8477e979602d39d718cbc8099903b46f6a5ba
3ef53705d23c72e645048b8312e8931f89f6cb11a2e38eaf19d0d404d369f03b
40cde6def4fc61c6b62f84cb6b0e108c8b42362970dc9b3a14d14db1abb40361
45303ee70360a339ff987b487dcdc74f484912228fd2d544c2138e9eb91c81de
462777e36dbf87252ae56cdf45ff2446d588be6c2382dee0334501418d00e06f
4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d
4e50bd3b2de69f4c825296e31de7a341a525b2ac8669b3980798f27d9b6dc27c
50a6d4f73938002e2e5d10863e6b53831ed0f85322c37bf40c81c9de602424d5
5b36f7c33d4ec4e54d733d11b14e08bd198099308f14db33ebc3eb76160c38d6
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5ea2107bf656126005f1c080359c253eec21c21da412a7f6c8d1e7977ee3bda2
667839eef07b4fb257a282c40d75f653383946a6ec66fdb7447e252099cc3f17
688fd4894001f7c2131a5991b6b7a64162eed60287f44cbda2932c35486b450c
74152b74e39ae0cee923a4fe42ca0199de83a59804d4e6af90484f8d0cb85c89
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a07a9cfe67bdc784095618e768e7bc86cdb517ad755fc8564c6b4e23b034f1d4
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d
aa782c7d5929cfde55b46473b7a28c0108d3554e26852c7f2a5601fc749a3383
afc0898b6e7779ecd64b6a5a5b2626284d3e0316ad79cc45662c6d0158f4b2a1
b035c3f43c618433403abffd2ac4e6f9d0177dd4b3a4d1ca4a2dae39c894b33c
b44a061481079728bec82d167bc0c663c861e02f111d7ca1a8bc82e90135acce
b85f390f8f63c126bf0b6ab72f161ba9793a7f49ead022c97c63ea03ef573a87
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbb9df9d0ef6dc90c98a36788a209b743f9a5114d0a0d60195a7e2cda30720e9
bd0b610012747ebdd50b04d5b14040c89d6185ad7d1cfa82211740f9e014f782
c4f1d76175ef60559d04842f2a2d6449d52e0ad97dbe2bb4e8a730eae802bd5a
cdffb83ce343c48f78a6583df54956aee5c7502a446f9af1955b56fd508cbbb2
d2bcbb363967a7ba88c125dc69f0791c5e07a147f32caf7707066227fbf13f42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
f94d53ef0708ec00743d9e0c35ab499a23aed440bb025f9f10e5f796a44c0672
f9d1bf31fdb6f2915cd5444236c0569e9a8efab69a2dd99b532264854057c273