login.microsoftonline.com
Open in
urlscan Pro
2603:1027:1:158::c
Public Scan
Effective URL: https://login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/saml2?SAMLRequest=lVJNb%2BIwEP0rke9JcBICWASJBVVF6najwu6hN8c...
Submission: On June 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 54 | 149.96.89.234 149.96.89.234 | 16839 (SNC) (SNC) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2603:1027:1:1... 2603:1027:1:158::c | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
1 | 40.126.32.74 40.126.32.74 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2620:1ec:29:1... 2620:1ec:29:1::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2603:1027:1:d... 2603:1027:1:d8::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
73 | 8 |
ASN16839 (SNC, US)
PTR: vip-149-96-89-234.cust.service-now.com
legacy-itsupport.kestrelcoal.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
54 |
kestrelcoal.com
2 redirects
legacy-itsupport.kestrelcoal.com |
2 MB |
11 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1105 |
324 KB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
26 KB |
2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 4469 |
6 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1071 |
1 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 65 |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77 |
1 KB |
73 | 8 |
Domain | Requested by | |
---|---|---|
54 | legacy-itsupport.kestrelcoal.com |
2 redirects
legacy-itsupport.kestrelcoal.com
|
11 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
3 | login.microsoftonline.com |
legacy-itsupport.kestrelcoal.com
aadcdn.msftauth.net |
2 | aadcdn.msftauthimages.net | |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | fonts.googleapis.com |
legacy-itsupport.kestrelcoal.com
|
73 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
itsupport.kestrelcoal.com R11 |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 07 |
2024-05-12 - 2025-05-07 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-05-09 - 2025-05-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/saml2?SAMLRequest=lVJNb%2BIwEP0rke9JcBICWASJBVVF6najwu6hN8cZU2sdO%2BtxaPvvN7hUyx5aqdfxm3lfXiLvdNaz9eCfzAP8GQB99NJpg%2BztpSKDM8xyVMgM7wCZF2y%2F%2Fn7HsmTCeme9FVaTaI0IzitrNtbg0IHbgzspAT8f7iry5H2PLE01HLl4jZXHoe%2Bt88nvkc6BFpbrRNiORNtxoAw%2FH7pas0dlkk4JZ9FKb41WBs74VM6AF3QuY9pkZVy0UMQcFou4hAXNmynAPGvSYIREN9YJCD4rIrlGINFuW5H9%2FYaLNp83DS1l0U6mUub5jAoKrZgL2RTtbARizRHVCf6tIg6wM%2Bi58RXJJlkRT8qY5geaMZqz6TQpZ%2FkjiepLQt%2BUaZU5fh5n8wZCdns41HH9Y38IB06qBXc%2For%2BS5C9wGFIcD5PVMoTAgmp3XfDngvh7q2T1zvwh5TK95rgw9uyse7etrVbiNVprbZ83DrgfvXg3QKil4%2F5jGTShYaLaWAYoGwz2IJRU0JJ0daH9%2Fwuv%2FgI%3D&RelayState=https%3A%2F%2Flegacy-itsupport.kestrelcoal.com%2Fkestrel&sso_reload=true
Frame ID: D795553290B253E47099F06462D85B51
Requests: 73 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://legacy-itsupport.kestrelcoal.com/
HTTP 302
https://legacy-itsupport.kestrelcoal.com/kestrel Page URL
-
https://legacy-itsupport.kestrelcoal.com/login_with_sso.do?glide_sso_id=d025aded87255d1080b82025dabb352f
HTTP 302
https://legacy-itsupport.kestrelcoal.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.microsofto... Page URL
- https://login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/saml2?SAMLRequest=lVJNb%2BIwEP0rke9JcBI... Page URL
- https://login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/saml2?SAMLRequest=lVJNb%2BIwEP0rke9JcBI... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://legacy-itsupport.kestrelcoal.com/
HTTP 302
https://legacy-itsupport.kestrelcoal.com/kestrel Page URL
-
https://legacy-itsupport.kestrelcoal.com/login_with_sso.do?glide_sso_id=d025aded87255d1080b82025dabb352f
HTTP 302
https://legacy-itsupport.kestrelcoal.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.microsoftonline.com%2Ff7ea418f-1b26-4de4-ae99-6e913b5ee82b%2Fsaml2%3FSAMLRequest%3DlVJNb%252BIwEP0rke9JcBICWASJBVVF6najwu6hN8cZU2sdO%252BtxaPvvN7hUyx5aqdfxm3lfXiLvdNaz9eCfzAP8GQB99NJpg%252BztpSKDM8xyVMgM7wCZF2y%252F%252Fn7HsmTCeme9FVaTaI0IzitrNtbg0IHbgzspAT8f7iry5H2PLE01HLl4jZXHoe%252Bt88nvkc6BFpbrRNiORNtxoAw%252FH7pas0dlkk4JZ9FKb41WBs74VM6AF3QuY9pkZVy0UMQcFou4hAXNmynAPGvSYIREN9YJCD4rIrlGINFuW5H9%252FYaLNp83DS1l0U6mUub5jAoKrZgL2RTtbARizRHVCf6tIg6wM%252Bi58RXJJlkRT8qY5geaMZqz6TQpZ%252FkjiepLQt%252BUaZU5fh5n8wZCdns41HH9Y38IB06qBXc%252For%252BS5C9wGFIcD5PVMoTAgmp3XfDngvh7q2T1zvwh5TK95rgw9uyse7etrVbiNVprbZ83DrgfvXg3QKil4%252F5jGTShYaLaWAYoGwz2IJRU0JJ0daH9%252Fwuv%252FgI%253D%26RelayState%3Dhttps%253A%252F%252Flegacy-itsupport.kestrelcoal.com%252Fkestrel Page URL
- https://login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/saml2?SAMLRequest=lVJNb%2BIwEP0rke9JcBICWASJBVVF6najwu6hN8cZU2sdO%2BtxaPvvN7hUyx5aqdfxm3lfXiLvdNaz9eCfzAP8GQB99NJpg%2BztpSKDM8xyVMgM7wCZF2y%2F%2Fn7HsmTCeme9FVaTaI0IzitrNtbg0IHbgzspAT8f7iry5H2PLE01HLl4jZXHoe%2Bt88nvkc6BFpbrRNiORNtxoAw%2FH7pas0dlkk4JZ9FKb41WBs74VM6AF3QuY9pkZVy0UMQcFou4hAXNmynAPGvSYIREN9YJCD4rIrlGINFuW5H9%2FYaLNp83DS1l0U6mUub5jAoKrZgL2RTtbARizRHVCf6tIg6wM%2Bi58RXJJlkRT8qY5geaMZqz6TQpZ%2FkjiepLQt%2BUaZU5fh5n8wZCdns41HH9Y38IB06qBXc%2For%2BS5C9wGFIcD5PVMoTAgmp3XfDngvh7q2T1zvwh5TK95rgw9uyse7etrVbiNVprbZ83DrgfvXg3QKil4%2F5jGTShYaLaWAYoGwz2IJRU0JJ0daH9%2Fwuv%2FgI%3D&RelayState=https%3A%2F%2Flegacy-itsupport.kestrelcoal.com%2Fkestrel Page URL
- https://login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/saml2?SAMLRequest=lVJNb%2BIwEP0rke9JcBICWASJBVVF6najwu6hN8cZU2sdO%2BtxaPvvN7hUyx5aqdfxm3lfXiLvdNaz9eCfzAP8GQB99NJpg%2BztpSKDM8xyVMgM7wCZF2y%2F%2Fn7HsmTCeme9FVaTaI0IzitrNtbg0IHbgzspAT8f7iry5H2PLE01HLl4jZXHoe%2Bt88nvkc6BFpbrRNiORNtxoAw%2FH7pas0dlkk4JZ9FKb41WBs74VM6AF3QuY9pkZVy0UMQcFou4hAXNmynAPGvSYIREN9YJCD4rIrlGINFuW5H9%2FYaLNp83DS1l0U6mUub5jAoKrZgL2RTtbARizRHVCf6tIg6wM%2Bi58RXJJlkRT8qY5geaMZqz6TQpZ%2FkjiepLQt%2BUaZU5fh5n8wZCdns41HH9Y38IB06qBXc%2For%2BS5C9wGFIcD5PVMoTAgmp3XfDngvh7q2T1zvwh5TK95rgw9uyse7etrVbiNVprbZ83DrgfvXg3QKil4%2F5jGTShYaLaWAYoGwz2IJRU0JJ0daH9%2Fwuv%2FgI%3D&RelayState=https%3A%2F%2Flegacy-itsupport.kestrelcoal.com%2Fkestrel&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://legacy-itsupport.kestrelcoal.com/ HTTP 302
- https://legacy-itsupport.kestrelcoal.com/kestrel
- https://legacy-itsupport.kestrelcoal.com/login_with_sso.do?glide_sso_id=d025aded87255d1080b82025dabb352f HTTP 302
- https://legacy-itsupport.kestrelcoal.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.microsoftonline.com%2Ff7ea418f-1b26-4de4-ae99-6e913b5ee82b%2Fsaml2%3FSAMLRequest%3DlVJNb%252BIwEP0rke9JcBICWASJBVVF6najwu6hN8cZU2sdO%252BtxaPvvN7hUyx5aqdfxm3lfXiLvdNaz9eCfzAP8GQB99NJpg%252BztpSKDM8xyVMgM7wCZF2y%252F%252Fn7HsmTCeme9FVaTaI0IzitrNtbg0IHbgzspAT8f7iry5H2PLE01HLl4jZXHoe%252Bt88nvkc6BFpbrRNiORNtxoAw%252FH7pas0dlkk4JZ9FKb41WBs74VM6AF3QuY9pkZVy0UMQcFou4hAXNmynAPGvSYIREN9YJCD4rIrlGINFuW5H9%252FYaLNp83DS1l0U6mUub5jAoKrZgL2RTtbARizRHVCf6tIg6wM%252Bi58RXJJlkRT8qY5geaMZqz6TQpZ%252FkjiepLQt%252BUaZU5fh5n8wZCdns41HH9Y38IB06qBXc%252For%252BS5C9wGFIcD5PVMoTAgmp3XfDngvh7q2T1zvwh5TK95rgw9uyse7etrVbiNVprbZ83DrgfvXg3QKil4%252F5jGTShYaLaWAYoGwz2IJRU0JJ0daH9%252Fwuv%252FgI%253D%26RelayState%3Dhttps%253A%252F%252Flegacy-itsupport.kestrelcoal.com%252Fkestrel
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
kestrel
legacy-itsupport.kestrelcoal.com/ Redirect Chain
|
148 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular.woff2
legacy-itsupport.kestrelcoal.com/styles/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
legacy-itsupport.kestrelcoal.com/scripts/icon-fonts/font-awesome/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp-agent-chat-icon.svg
legacy-itsupport.kestrelcoal.com/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp-bootstrap-rem.scss
legacy-itsupport.kestrelcoal.com/styles/scss/ |
240 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
csm-styles.scss
legacy-itsupport.kestrelcoal.com/styles/scss/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purify.min.js
legacy-itsupport.kestrelcoal.com/scripts/thirdparty/dompurify/ |
22 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_includes_sp_libs_min.jsx
legacy-itsupport.kestrelcoal.com/scripts/ |
303 KB 106 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp_min.jsx
legacy-itsupport.kestrelcoal.com/scripts/dist/ |
1 MB 398 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ec-graph-ais.js
legacy-itsupport.kestrelcoal.com/scripts/ |
11 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-datetimepicker.js
legacy-itsupport.kestrelcoal.com/scripts/ |
53 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_com.jsdbx
legacy-itsupport.kestrelcoal.com/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_com.modelUtil.jsdbx
legacy-itsupport.kestrelcoal.com/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_com.cxs.contextual_search.jsdbx
legacy-itsupport.kestrelcoal.com/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retina_icons.css
legacy-itsupport.kestrelcoal.com/styles/retina_icons/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
source-sans-pro-latin.css
legacy-itsupport.kestrelcoal.com/styles/fonts/source-sans-pro/ |
1 KB 864 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_includes_$sp.css
legacy-itsupport.kestrelcoal.com/styles/ |
45 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_includes_$sp_later.css
legacy-itsupport.kestrelcoal.com/styles/ |
38 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page
legacy-itsupport.kestrelcoal.com/api/now/sp/ |
111 KB 24 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
angular.do
legacy-itsupport.kestrelcoal.com/ |
782 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.do
legacy-itsupport.kestrelcoal.com/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
source-sans-pro-latin.css
legacy-itsupport.kestrelcoal.com/styles/fonts/source-sans-pro/ |
1 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_includes_$sp.css
legacy-itsupport.kestrelcoal.com/styles/ |
45 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-truncate.js
legacy-itsupport.kestrelcoal.com/scripts/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
csm-unified-header-footer-styles.scss
legacy-itsupport.kestrelcoal.com/styles/scss/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auth_redirect.do
legacy-itsupport.kestrelcoal.com/ Redirect Chain
|
42 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eye.svg
legacy-itsupport.kestrelcoal.com/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_includes_$sp_later.css
legacy-itsupport.kestrelcoal.com/styles/ |
38 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d1fbf3a5db12d950005153dbd39619e2.iix
legacy-itsupport.kestrelcoal.com/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.jsdbx
legacy-itsupport.kestrelcoal.com/uxasset/externals/service-worker/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConditionalFocus.jsdbx
legacy-itsupport.kestrelcoal.com/ |
376 B 815 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xperf_timing.jsx
legacy-itsupport.kestrelcoal.com/scripts/doctype/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_includes_doctype_polaris.cssx
legacy-itsupport.kestrelcoal.com/styles/ |
138 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polaris_theme_refresh_observer.jsx
legacy-itsupport.kestrelcoal.com/scripts/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_includes_polarisberg.cssx
legacy-itsupport.kestrelcoal.com/styles/polarisberg/ |
554 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polarisberg_theme_variables.do
legacy-itsupport.kestrelcoal.com/ |
111 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
legacy_date_time_choices_processor.do
legacy-itsupport.kestrelcoal.com/ |
18 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_includes_doctype.jsx
legacy-itsupport.kestrelcoal.com/scripts/doctype/ |
2 MB 498 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_includes_customer.jsx
legacy-itsupport.kestrelcoal.com/scripts/ |
103 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
history_across_tabs.jsx
legacy-itsupport.kestrelcoal.com/scripts/doctype/ |
456 B 917 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_includes_legacy.jsx
legacy-itsupport.kestrelcoal.com/scripts/doctype/ |
71 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_guided_tours_includes.jsx
legacy-itsupport.kestrelcoal.com/scripts/app.guided_tours/ |
61 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui_page_footer.jsx
legacy-itsupport.kestrelcoal.com/scripts/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purify.jsx
legacy-itsupport.kestrelcoal.com/scripts/thirdparty/dom_purify/ |
46 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_includes_last_doctype.jsx
legacy-itsupport.kestrelcoal.com/scripts/doctype/ |
295 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
heisenberg_all.jsx
legacy-itsupport.kestrelcoal.com/scripts/heisenberg/ |
150 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_includes_list_edit_doctype.jsx
legacy-itsupport.kestrelcoal.com/scripts/ |
206 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transaction_scope_includes.jsx
legacy-itsupport.kestrelcoal.com/scripts/ |
1 KB 1020 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
z_last_include.jsx
legacy-itsupport.kestrelcoal.com/scripts/doctype/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
xmlhttp.do
legacy-itsupport.kestrelcoal.com/ |
15 KB 4 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
now-icons.woff
legacy-itsupport.kestrelcoal.com/styles/now_icons/ |
44 KB 45 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lato-v17-latin-ext_latin-regular.woff2
legacy-itsupport.kestrelcoal.com/styles/polarisberg/fonts/lato/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saml2
login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
saml2
login.microsoftonline.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/ |
38 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_ICLzoUsGpmKj428t2HizvA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
437 KB 119 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_3dydi2elnbeygkwjiyb5qw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
61 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/81d6b03a-zjtu-xhrihy2scb34baa-iakpsbexe-vg6daiywb2-w/logintenantbranding/0/ |
144 KB 0 |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/81d6b03a-zjtu-xhrihy2scb34baa-iakpsbexe-vg6daiywb2-w/logintenantbranding/0/ |
6 KB 6 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/f7ea418f-1b26-4de4-ae99-6e913b5ee82b/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 651 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 784 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c819 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
legacy-itsupport.kestrelcoal.com/ | Name: BIGipServerpool_tasmanet Value: 28115058854e3a65be3bf6ca3012f652 |
|
legacy-itsupport.kestrelcoal.com/ | Name: JSESSIONID Value: F4398A531B0C175F595F0E64CDF7A087 |
|
legacy-itsupport.kestrelcoal.com/ | Name: glide_user_route Value: glide.d7525b5b17370ddd7d59cc452357adbd |
|
legacy-itsupport.kestrelcoal.com/ | Name: glide_node_id_for_js Value: 95e25b633b5c8cf2a2575f893d52a37d251427ba7878171a5e33a806efa4233b |
|
.login.microsoftonline.com/ | Name: esctx-l9XNAxetmE Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYpiVERgMSctXwZX7Ffgtf6LqTZNZuF57E0mx1DM_9pvZdYuacQZOWwT9Cu-TwIxfNaBTa3451AGSmTuDsg9cfjXRz5CifR-ZEFp2QgS1qaaPMue-C64vqPBmUaL-lTXPvEwWe0IN7l56THmXjG5GP7yAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AUIAj0Hq9yYb5E2umW6RO17oK37ui2Qvrl1FtpJcKSp5Fc3qAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYLsOutstW_wB_QK7DYBI75wpvTWz6ZTgwhGoHCi_NI_RExRwCd1IuX0WQBtIRa1X744_nhHsQz0zMMqBIZwcs7BGE-FAn10uOdGE9KU6OUzIgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYHkbQsHbDiH3CVPdYj5W_ofe4Trgmy11nykHsVEiSZlt11oaXQ_E8WGjWr93bWwGmLbdbCgC4Oa5c-ZfAhMayC5wEQreoSr40eswfOnHlo3GhwwegYv6_XfqiJX4i8pXMTFq4nOzLpEGZW0A7i3rQ93ffQBArSu61NxaT2Zw1n-EgAA |
|
.login.microsoftonline.com/ | Name: esctx-gkvxZs0L7CQ Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYcYjV6Lc05he8jI93KjpU4k_m3Wj_vVftNRinMibvNcX4Kc-ZOXfZSUR_qengfGhtEAyUbVPd6S1uf5FuWhgmIBTOBevk5xhnduADmk8EOIGgsEfDYykQfAAG0I-uW-iAVFkG0_EaDo1Uy4VklfldiiAA |
|
login.microsoftonline.com/ | Name: fpc Value: AhGEfDLKmjxCseVgu-lluZgtxN_5AQAAAIfZ_N0OAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: e4ed3a0ccbee4eb19f789ff51ba33173 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1718280841&co=1 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: Anaxlir5rxZKgIrDTaaFrWs |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
fonts.googleapis.com
fonts.gstatic.com
legacy-itsupport.kestrelcoal.com
login.live.com
login.microsoftonline.com
149.96.89.234
2603:1027:1:158::c
2603:1027:1:d8::7
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:29:1::45
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
40.126.32.74
0121fb52f232f75482c936c366ab565bdc8c9f3a194b7c0d6dc21f888f264a75
01f77994be2b65a1108c763006a7eae967c0d2d4985565272bb944f606ca1f6d
0334ffd9a0ab4027e522549fd36d00bd03aa3d447c594298867296adfe9369c3
0516bebc77a4e43f4daee8a39f7df1a3c92f810aa3ae02346ecf8a8b2cf3309e
0c0165f4fbf9dd81e8e22d5cfeb2e504d8e595906390459f8983afb7dca540d2
0c6c5546e15047732cdf2667f2f2738c83741a6dcabf9ae497a29779e7fcf29e
14dc50c0b62f97c266b688ba43cb7be7681078169c48e490467a9308b4e16d59
1c04aeadcebbd13be4e905278ab289946aeb10c31a332c0499d845c313c7359c
1c7c259141b903c0b2f76cd49515cee7cb34ecea8a59c08dd2a7304da457a871
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3190e9796e3e6b7bdf421c3864f69fcdcf147379b0e3c16c73488e041f6de805
3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66
35a86319d80b941df7db498279450d00c7aaff7f890b8c0779a8536a2a51ebef
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78
370ae598184b403f44e0722b27ec765343237bedc52fc87987ddaf536e560971
3ee1076a0be4fa5143f48fed733ef95dd59646aa2e3c4dfe57fbcbc550b6fe14
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
48e6b6ce975b2e402bf51310a400e26a7a3084aa970c950a4698db34862012d6
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
4c5eb2d3f0fa094cfb7adb5528f52abc9b7111fdc884ceaf61d25c5566f0370b
53bc6e8bef3bc46274f531b75510a2f6018abc4aaf8559a3cf458ed3f60482c7
576c6f9cacbd52487b6b4d52fd1bd2d3d39e7cd6eb0361b0e019f91002fc0166
586c48109b168bcabecba73d0deac1f1b98469c5707a22b71a4a81b3da60417b
5b390b0bfd4ae73fd748eb1a44ae6fb06df78b36f183bfcff8e00dcf446b4ef6
5fa0b780d2bc9da44b3b2d48016a89ba5863d9591c2e46553c8458c2b17aa071
6180805b29832044a2fddc24e4407b972e29c369f361f6f1fabaaa6f364f66d7
71c476a9ca00081da5480986ecfc714857cfbc80c1cfc1f808c1fbb6be4db678
7610692922f995f0c102f7446bedd398f8373a2230ac0026d8a0bd12a1e6125d
771703b8eceade4afb26464b8cd3293a17379749fb7433330e158619c973b39f
7a45c763acc21b8d37fe48794510b7ace10088760ffe0b18742bffacd9574c83
7ca60976f67aaa813b7614a98f9aad9b1f02b23cb28bfc64b7e68729e780e08d
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e598a3cc612334fbf3fa788b0ca672135e350e23255f249affcbd8ad049c3a4
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90807f175c524f7a63cf596f161e02842d7b19ef2eaeb97a1db2ed22287e4ff9
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
95ec630b27b168d6354f9d94d5abdf6b2b328c76e51c6855efce4fffcd5fd702
99178d492d42163ee20758792603f1bc46f377412bd8eedf8bacfd82f697444e
9e244eec1078ef173e67155206ab145e97cecc2f3e052a84b9a8ffaf7401fa77
a04dab73a4aa2e5117492b23683cbe055aeb14d1c85a13cfcbd2d2acde88ef06
a3bc7fc614d398faa526f1753eb2d70af7314bdb6ddbc12258484f1d10ddc1d3
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a4c715f0a8fc2e3e50866fae9eccec6ed2b9f372693ffa38947e0004fb4f20e1
a936b498b35b8b7d4efb9fd9733891a9e0844787d5439405ca2a2789e044a89e
ae54590579c2a88f70b061e247b5a33a76cc9b42757c071414f53c551f010b2d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b276515cb8ba565056ffc0c55b9fb8130ed169d1bdc7225fbced902de0368a32
bfd6bfdce5133930ffece2b87c5c33670956ee5637a8b8329aea2bce65cca773
c23a6bc0a6ed9404786b1bae1af51e89a31a5c4eafc84fcbac5353dd1e003da5
c3a408dbe2c6e6b40af0681c60aed6cdd17405ec60a4f688ab7cea3b7a47875d
cda862910245bc02cba824daa41548308bae7e4b726480460a6d032cc2553484
ceacda64b33970109c1f79c28a87d78e410e5e26d8a8c341126cd075aec6dd26
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb585b6bb4e5cfb9f6b07296734766b85a00536323b532988ea3201aa5565c3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8aedf430aa7b903f7db72a4f2cee08514a79c9ac46ba1500eb01523dacb8a8e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fed3b2fab073b450be8937efa4d2d0981fab662d9b8081f3cbcee346e956f71d