login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:c8::b
Public Scan
Submitted URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=yojana.chikodi%40sapiens.com
Effective URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2BwtgYlERy4kYXqXcXNbk...
Submission: On February 13 via api from IL — Scanned from DE
Effective URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2BwtgYlERy4kYXqXcXNbk...
Submission: On February 13 via api from IL — Scanned from DE
Summary
This website contacted 10 IPs
in 3 countries
across 9 domains to perform 53 HTTP transactions.
The main IP is 2603:1026:3000:c8::b, located in
Dublin, Ireland and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 12.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 28th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 28th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 33 | 207.54.66.120 207.54.66.120 | 30238 (AS-IRONP-...) (AS-IRONP-VEGA) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:809::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 2600:9000:225... 2600:9000:2250:b600:19:a7d3:e1c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 2603:1026:300... 2603:1026:3000:c8::b | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
| 11 | 2620:1ec:46::45 2620:1ec:46::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 40.126.31.69 40.126.31.69 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 2603:1026:300... 2603:1026:3000:d0::d | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 53 | 10 |
1
2a00:1450:4001:809::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2600:9000:2250:b600:19:a7d3:e1c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| cdn.security.cisco.com |
3
2603:1026:3000:c8::b
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
1
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msftauth.net |
2
2606:2800:233:1cb7:261b:1f9c:2074:3c
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msauthimages.net |
1
2603:1026:3000:d0::d
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autologon.microsoftazuread-sso.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 33 |
iphmx.com
1 redirects
dh578-euq1.eu.iphmx.com |
8 MB |
| 11 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 885 |
246 KB |
| 3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 12 |
29 KB |
| 2 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3496 |
285 KB |
| 2 |
cisco.com
1 redirects
cdn.security.cisco.com — Cisco Umbrella Rank: 287312 |
1 MB |
| 1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1294 |
1 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 85 |
|
| 1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 903 |
49 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
45 KB |
| 53 | 9 |
| Domain | Requested by | |
|---|---|---|
| 33 | dh578-euq1.eu.iphmx.com |
1 redirects
dh578-euq1.eu.iphmx.com
|
| 11 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
| 3 | login.microsoftonline.com |
dh578-euq1.eu.iphmx.com
aadcdn.msftauth.net aadcdn.msauth.net |
| 2 | aadcdn.msauthimages.net | |
| 2 | cdn.security.cisco.com | 1 redirects |
| 1 | autologon.microsoftazuread-sso.com | |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | aadcdn.msftauth.net |
login.microsoftonline.com
|
| 1 | www.googletagmanager.com |
dh578-euq1.eu.iphmx.com
|
| 53 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.eu.iphmx.com HydrantID Server CA O1 |
2023-10-16 - 2024-10-15 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-28 - 2024-11-28 |
a year | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-01-29 - 2025-01-29 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2024-02-09 - 2025-02-09 |
a year | crt.sh |
| aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 08 |
2024-01-11 - 2025-01-05 |
a year | crt.sh |
| autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-02-09 - 2025-02-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2BwtgYlERy4kYXqXcXNbk%2B9CUi9qZBsiEF3Gv%2F%2FWHnrtc%2BtCAh7bDLzswys6LvLrwa3FndwdMA1gUvfacsny7maDCKa2Gl5Ur0YLlr%2BK76fstxlPCL0U43ukPvSr6uENaCcVIrFGzqOTqsyhRXy5Stb2qasIyxDOdVXq9usnpdrZbLg7GHMkkIy9NT8mHRlhFclk1S0KzIKC5yv4ERjyTTSQooKM0Ldo1yQrGPckZojgEF92Cs5zFHnpYnY%2B0AG2WdUM5DCSZhgsM026c5xxkn%2BAEFtfdGKuGmqrNzF8vjuNOPUkW9bIy2%2BuS06qSCqNF9nLUsLXOCw6IULCRQslA0VITJiXoKpG2PmMSjYxgFK60sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqOboJDoLI%2FGt91Q%2Bwxuy%2FTuUpVStVI9fz%2BN4TbL8236%2FDbc%2Fd3sUVP9mNLIaejA7MM%2BygV93t%2F91t%2BecliEMT2kEQyQv5%2F5lUo0Ws1ETnww1i0%2FSZvH7pNn1D%2F7w7Db1VneyeR2l9sJ9Tj6N0gmRbXiaUjn0QnZV2xqw1ovoOv17ZUC4N2fixbXtx9%2B%2B%2BAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=l6mMbQrBJlTzgnhrjywECQS9WO6fXB9Q%2BFATWQ01Pr30KtCoe%2BXSbuZBTihZPcwzr6ZgfR4Vf3xx53EB4Gn54Jp2i28olPaU%2FGoIaV%2BRqbdWU389HbT4Bv7B3TGjG4Nez2tH%2B9d%2BJhLBZS%2BWZqOBOzrz6jtF5fQkedvdgnn0TU7ZiGFjmi42B57PLgMXqOVW5PM3%2FBU%2FYPm87vuPemf80GVuBIrORqXB8Ujf8OtNuPFpfyjZfRXCx9wJp%2BbGDkOx689R6vqNJIYfizcwA%2FheF4MsJu0ACTN%2FtBtV8HU23EqxWQlhYKrQUYIVVnUyqPIHU%2F7pv4uwuqKUsnsoJEYITg%3D%3D&sso_reload=true
Frame ID: E2F2006D8F88D9CE912F852E4ED5AD4B
Requests: 54 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
- https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=yojana.chikodi%40sapiens.com Page URL
-
https://dh578-euq1.eu.iphmx.com/?ngui=True
HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2... Page URL
- https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2... Page URL
Detected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz und Cookies
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=yojana.chikodi%40sapiens.com Page URL
-
https://dh578-euq1.eu.iphmx.com/?ngui=True
HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2BwtgYlERy4kYXqXcXNbk%2B9CUi9qZBsiEF3Gv%2F%2FWHnrtc%2BtCAh7bDLzswys6LvLrwa3FndwdMA1gUvfacsny7maDCKa2Gl5Ur0YLlr%2BK76fstxlPCL0U43ukPvSr6uENaCcVIrFGzqOTqsyhRXy5Stb2qasIyxDOdVXq9usnpdrZbLg7GHMkkIy9NT8mHRlhFclk1S0KzIKC5yv4ERjyTTSQooKM0Ldo1yQrGPckZojgEF92Cs5zFHnpYnY%2B0AG2WdUM5DCSZhgsM026c5xxkn%2BAEFtfdGKuGmqrNzF8vjuNOPUkW9bIy2%2BuS06qSCqNF9nLUsLXOCw6IULCRQslA0VITJiXoKpG2PmMSjYxgFK60sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqOboJDoLI%2FGt91Q%2Bwxuy%2FTuUpVStVI9fz%2BN4TbL8236%2FDbc%2Fd3sUVP9mNLIaejA7MM%2BygV93t%2F91t%2BecliEMT2kEQyQv5%2F5lUo0Ws1ETnww1i0%2FSZvH7pNn1D%2F7w7Db1VneyeR2l9sJ9Tj6N0gmRbXiaUjn0QnZV2xqw1ovoOv17ZUC4N2fixbXtx9%2B%2B%2BAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=l6mMbQrBJlTzgnhrjywECQS9WO6fXB9Q%2BFATWQ01Pr30KtCoe%2BXSbuZBTihZPcwzr6ZgfR4Vf3xx53EB4Gn54Jp2i28olPaU%2FGoIaV%2BRqbdWU389HbT4Bv7B3TGjG4Nez2tH%2B9d%2BJhLBZS%2BWZqOBOzrz6jtF5fQkedvdgnn0TU7ZiGFjmi42B57PLgMXqOVW5PM3%2FBU%2FYPm87vuPemf80GVuBIrORqXB8Ujf8OtNuPFpfyjZfRXCx9wJp%2BbGDkOx689R6vqNJIYfizcwA%2FheF4MsJu0ACTN%2FtBtV8HU23EqxWQlhYKrQUYIVVnUyqPIHU%2F7pv4uwuqKUsnsoJEYITg%3D%3D Page URL
- https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2BwtgYlERy4kYXqXcXNbk%2B9CUi9qZBsiEF3Gv%2F%2FWHnrtc%2BtCAh7bDLzswys6LvLrwa3FndwdMA1gUvfacsny7maDCKa2Gl5Ur0YLlr%2BK76fstxlPCL0U43ukPvSr6uENaCcVIrFGzqOTqsyhRXy5Stb2qasIyxDOdVXq9usnpdrZbLg7GHMkkIy9NT8mHRlhFclk1S0KzIKC5yv4ERjyTTSQooKM0Ldo1yQrGPckZojgEF92Cs5zFHnpYnY%2B0AG2WdUM5DCSZhgsM026c5xxkn%2BAEFtfdGKuGmqrNzF8vjuNOPUkW9bIy2%2BuS06qSCqNF9nLUsLXOCw6IULCRQslA0VITJiXoKpG2PmMSjYxgFK60sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqOboJDoLI%2FGt91Q%2Bwxuy%2FTuUpVStVI9fz%2BN4TbL8236%2FDbc%2Fd3sUVP9mNLIaejA7MM%2BygV93t%2F91t%2BecliEMT2kEQyQv5%2F5lUo0Ws1ETnww1i0%2FSZvH7pNn1D%2F7w7Db1VneyeR2l9sJ9Tj6N0gmRbXiaUjn0QnZV2xqw1ovoOv17ZUC4N2fixbXtx9%2B%2B%2BAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=l6mMbQrBJlTzgnhrjywECQS9WO6fXB9Q%2BFATWQ01Pr30KtCoe%2BXSbuZBTihZPcwzr6ZgfR4Vf3xx53EB4Gn54Jp2i28olPaU%2FGoIaV%2BRqbdWU389HbT4Bv7B3TGjG4Nez2tH%2B9d%2BJhLBZS%2BWZqOBOzrz6jtF5fQkedvdgnn0TU7ZiGFjmi42B57PLgMXqOVW5PM3%2FBU%2FYPm87vuPemf80GVuBIrORqXB8Ujf8OtNuPFpfyjZfRXCx9wJp%2BbGDkOx689R6vqNJIYfizcwA%2FheF4MsJu0ACTN%2FtBtV8HU23EqxWQlhYKrQUYIVVnUyqPIHU%2F7pv4uwuqKUsnsoJEYITg%3D%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js HTTP 302
- https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
- https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
- https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2F%2BwtgYlERy4kYXqXcXNbk%2B9CUi9qZBsiEF3Gv%2F%2FWHnrtc%2BtCAh7bDLzswys6LvLrwa3FndwdMA1gUvfacsny7maDCKa2Gl5Ur0YLlr%2BK76fstxlPCL0U43ukPvSr6uENaCcVIrFGzqOTqsyhRXy5Stb2qasIyxDOdVXq9usnpdrZbLg7GHMkkIy9NT8mHRlhFclk1S0KzIKC5yv4ERjyTTSQooKM0Ldo1yQrGPckZojgEF92Cs5zFHnpYnY%2B0AG2WdUM5DCSZhgsM026c5xxkn%2BAEFtfdGKuGmqrNzF8vjuNOPUkW9bIy2%2BuS06qSCqNF9nLUsLXOCw6IULCRQslA0VITJiXoKpG2PmMSjYxgFK60sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqOboJDoLI%2FGt91Q%2Bwxuy%2FTuUpVStVI9fz%2BN4TbL8236%2FDbc%2Fd3sUVP9mNLIaejA7MM%2BygV93t%2F91t%2BecliEMT2kEQyQv5%2F5lUo0Ws1ETnww1i0%2FSZvH7pNn1D%2F7w7Db1VneyeR2l9sJ9Tj6N0gmRbXiaUjn0QnZV2xqw1ovoOv17ZUC4N2fixbXtx9%2B%2B%2BAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=l6mMbQrBJlTzgnhrjywECQS9WO6fXB9Q%2BFATWQ01Pr30KtCoe%2BXSbuZBTihZPcwzr6ZgfR4Vf3xx53EB4Gn54Jp2i28olPaU%2FGoIaV%2BRqbdWU389HbT4Bv7B3TGjG4Nez2tH%2B9d%2BJhLBZS%2BWZqOBOzrz6jtF5fQkedvdgnn0TU7ZiGFjmi42B57PLgMXqOVW5PM3%2FBU%2FYPm87vuPemf80GVuBIrORqXB8Ujf8OtNuPFpfyjZfRXCx9wJp%2BbGDkOx689R6vqNJIYfizcwA%2FheF4MsJu0ACTN%2FtBtV8HU23EqxWQlhYKrQUYIVVnUyqPIHU%2F7pv4uwuqKUsnsoJEYITg%3D%3D
53 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
quarantine
dh578-euq1.eu.iphmx.com/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
117 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6fe2d8eff3060566fcd8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
172 KB 173 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
551d61d85642806b1eb4.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
175 KB 176 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a353775e8ccc7c92df5d.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
180 KB 182 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
d2eff700e3825a7b4eb8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
175 KB 176 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1fce311df2cf4fad51ee.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
177 KB 178 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
391432e2abfd51718112.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
179 KB 180 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
27452bd0217dbb3492f6.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
186 KB 187 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2a9b7bb7f260f878eea3.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
186 KB 187 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
10ade40df398d7a1dc9c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
198 KB 199 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a6a6b7a83a7327418ee1.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
198 KB 199 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8996201684ac43ebf0dc.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
240 KB 241 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0a1d77c4b69c3c66302a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
242 KB 243 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
40970c37c6c54d4d573b.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
196 KB 197 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e452ead4c517f686176f.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
196 KB 197 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f2dabe0b8066eb875f95.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
214 KB 215 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7312133e39aa2d7211fe.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
212 KB 214 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
98ece92e76784330efb9.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
213 KB 214 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5cccf33da32d5f62079c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
209 KB 210 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
263c9cd0726b2528ac4a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
265 KB 267 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4631fbf9149dfa65af13.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
272 KB 273 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/ |
243 B 1 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
locale-en.json
dh578-euq1.eu.iphmx.com/quarantine/i18n/ |
41 KB 41 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
env_head.d2bf2eaba9fb584b6010.js
dh578-euq1.eu.iphmx.com/quarantine/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.e10747a5e17a6be14a33.css
dh578-euq1.eu.iphmx.com/quarantine/css/ |
358 KB 359 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.84346936698c6e417592.css
dh578-euq1.eu.iphmx.com/quarantine/css/ |
744 KB 747 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.0e554207647b8b5f5607.js
dh578-euq1.eu.iphmx.com/quarantine/ |
2 MB 2 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
commons.4a5b68aeb88279c7c4c8.js
dh578-euq1.eu.iphmx.com/quarantine/ |
188 KB 189 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.8c02ed63691d729daeaa.js
dh578-euq1.eu.iphmx.com/quarantine/ |
480 KB 482 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/ |
243 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ats-ribbon.js
cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ Redirect Chain
|
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
euq_url_details
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/ |
90 B 748 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
euq_authentication_method
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/ |
43 B 701 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saml2
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/ Redirect Chain
|
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
110 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_mhdbJ62YdCWpzYzhbauKwg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
424 KB 117 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-de.min_257iol14ivnp4afbxzvefw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
58 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_0c5d6c4f56c024f87ecb.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_53d55f8ec0ef531dd9ef.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/ |
217 KB 217 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pstringcustomizationhelper_a19f9db4ecf7bffaf340.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_0c5d6c4f56c024f87ecb boolean| __convergedlogin_pfetchsessionsprogress_53d55f8ec0ef531dd9ef boolean| __convergedlogin_pstringcustomizationhelper_a19f9db4ecf7bffaf34016 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| dh578-euq1.eu.iphmx.com/ | Name: sid Value: P5Q0iZCRGNqjnnhDNizr |
|
| .login.microsoftonline.com/ | Name: esctx-LvLl0jrXA2w Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-SPGV3ueiQW6f5Vfot8hlH-LVMIvqvjmbbFMsPyc4fOyXOXxEoZJ2xfx0z8q1HZTk7OWDZ-AECvXrfFjTOLupulIosnP5QVyhnHRM4G6H3W61MYl-Tso--HC_KhnFOTIJ7otnML70FXi5En4SE4cmBCAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AQYAQoWRPaloiU6seg90dU3bJBeqDZPoV2dMhqwnhWrbTFwGAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-EEF1yGLQAOVte2ERG5Tiku5fKdaL2-i9_7-qQUYGQ5CkqWePvojvItADYoGDP3NB23O4ahXwNG1zzWGjjMCX9WJjlg9-RhrqZWjYancXA4kgAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-8AsF_4Ul4p0TQ4fPlARAXqn6gNgbVY3KpBApudu20Xw1_LNM2-vS7tVXHP03fdPolBpyhB8WFXBlvV7AsHRUyCbWN5IN2H0tQAF6pDUNpyUOl63-dXeCLmz0qU4uRQ0ZCqWhSMWccCqKdiyA9gVNjIBR6NQ-wt4rXVZJWrNxaHggAA |
|
| .login.microsoftonline.com/ | Name: esctx-FxjeSBZdvyI Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-ndWY735QoseyDDe2-iSuYCsVS2GmYa0ceBsD3uCHaN_62cWyHzhzm6Z3nNcWQZUOClgrUdCeHzLLV9iY5E7sf7gSOBXGqmxjYic3gvX5RX8O_gC2zauwxUyOBAxAZJtzAm7ukw_Ml8jZX-L1PqHZHSAA |
|
| login.microsoftonline.com/ | Name: fpc Value: AmWmBHR_gyZAl0zL9PBwXWssyLwtAQAAAH6AXd0OAAAA |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: 5271ca64000c4dcbbcbc465113fd82b8 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1707837823&co=1 |
|
| autologon.microsoftazuread-sso.com/ | Name: fpc Value: Ah2RN-7B9J9Av-uPfeauIj4 |
|
| autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/ |
| Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
aadcdn.msftauth.net
autologon.microsoftazuread-sso.com
cdn.security.cisco.com
dh578-euq1.eu.iphmx.com
login.live.com
login.microsoftonline.com
www.googletagmanager.com
207.54.66.120
2600:9000:2250:b600:19:a7d3:e1c0:93a1
2603:1026:3000:c8::b
2603:1026:3000:d0::d
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::45
2a00:1450:4001:809::2008
40.126.31.69
00a85c1eb822be6d3bbf09bae15c37c42eb2e4fd02e6adbd732f54d30fa20901
167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b
1b23870d8263953a6e3c786c7d964f47afd4270c40b48cfe241ab71c7e73cff4
2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b
3375dcff0a76e37bd5d6fc20d0d5a4ebca1732b48375d4ab6ee759aff6c379d5
38ebc790eb773b0460c4fcf825f36531cbb235b4f5618b09f4205d8df685e2f9
3ef2866d5cca4f75e3ea8be04ecb58d27a71e5f122a01282e0615c6c9831a0f0
42976e3f7e07d76e675a97382b7187e080fbd8ab3de382883c40c89c44becbba
4499ad9e89be52321d8f1d22502e87af1a0bcb6dc76971b39baae5d811ada415
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4cb75429570041d0a766b57d31a2f876ac2b2ef38d28cb7ba06c93210a65a86f
4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05
51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33
555d20ddd88d77f0ced2cb48b51a181891089b6cbf9f8adeac6dc60cd78ea485
565aaa4c8a37cbb95c94bbc4e5c44e20b486d977a9ad32256eaf254b85dfbe06
5924b0fe56e02a29a3598c877af09aebc8a0e3a222d9b6532127229303b812e0
6f4fa3cd4df8d3df00a8aa928e8ef57b7c375c28fb2f0368d3ed55743b4d15f8
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
78a1c79165972648e5450935b44a738de9edc163c329fa88b1e0c2074b01f5fa
7af82e94c56dd54d15e6cd7513c454d5ba3089f689805928a6f8b034d3b92ffc
7ed624b3ee31a0e62e123feb308836d1f259edda7e7d187bb5d599f8c4964bbc
7f57c7e74ccde0712a9afd0c079addbd23f066f420322ac730be0a0675902112
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8c44dd8322aa48dce0d920607bca6ca65dec7c5bdc53c39e2d66658f9e39e89b
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6
a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c
a37556fbe1a59bc18e9dcda336967b1401861f862720b1c729d02173eefaa1d1
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b069ceea552a59312ee383b78c8e1b526cf798c2d29cb95293a1feb54a4ad40a
b1929eebc1fb383d6db843b846c166ee5074bc0c22431043a3f4c89752985e8a
b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af
b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16
bb7d278ab80d55e7559d54db2c79ca936313e341b19d832720b681bf97abe63d
c34c37056ef1aaf0d8dbccbd5fd84cd064975f1613b20628c3d01cfcc114b0c0
c6d48ae3356bd32baa6e7082c8b84fafbe108db3a61cb58709dad62c7e67832b
ce2b3e67fe3dd6093d7a915540d92c47c3e1f1d9cb8defce4da64e7c5f238d9c
cf831b905d2fd94b4ebc38b37196acfec0c7d6cf21b339457e95ddee266d5633
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e
d195755ae409f6e1cefb766c45563f08c7e90748f7974f72222b853daf9c9a74
d5533e8c475630df84fcfc1d20a363719378310c1b9598d6a9819d3529188cb8
d987e276c171ba11d3fb1f4f1059f930ba2d710a576767b9664761f6748da18e
f28d579b984fcd979d95e9f19a82a63b64027e06c8ca75c724efdc7b40bb6da3
ffebec9dd051122236916aca90a88ce8d3d90e056f01c288fdbd74ed1592f23b