login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:150::6
Public Scan
Submitted URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Effective URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1o...
Submission: On February 05 via api from IL — Scanned from DE
Effective URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1o...
Submission: On February 05 via api from IL — Scanned from DE
Summary
This website contacted 9 IPs
in 4 countries
across 9 domains to perform 53 HTTP transactions.
The main IP is 2603:1026:3000:150::6, located in
Amsterdam, Netherlands and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 33 | 207.54.66.120 207.54.66.120 | 30238 (AS-IRONP-...) (AS-IRONP-VEGA) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:812::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 2600:9000:225... 2600:9000:2250:7800:19:a7d3:e1c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 2603:1026:300... 2603:1026:3000:150::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 3 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 11 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 40.126.31.73 40.126.31.73 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2603:1026:300... 2603:1026:3000:150::a | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 53 | 9 |
1
2a00:1450:4001:812::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2600:9000:2250:7800:19:a7d3:e1c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| cdn.security.cisco.com |
3
2603:1026:3000:150::6
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
3
2620:1ec:bdf::45
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| aadcdn.msauth.net | |
| aadcdn.msftauthimages.net |
11
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msftauth.net |
1
2603:1026:3000:150::a
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autologon.microsoftazuread-sso.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 33 |
iphmx.com
1 redirects
dh578-euq1.eu.iphmx.com |
8 MB |
| 11 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943 |
242 KB |
| 3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
29 KB |
| 2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3382 |
286 KB |
| 2 |
cisco.com
1 redirects
cdn.security.cisco.com — Cisco Umbrella Rank: 286625 |
1 MB |
| 1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1290 |
1 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 63 |
|
| 1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 921 |
49 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
44 KB |
| 53 | 9 |
| Domain | Requested by | |
|---|---|---|
| 33 | dh578-euq1.eu.iphmx.com |
1 redirects
dh578-euq1.eu.iphmx.com
|
| 11 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
| 3 | login.microsoftonline.com |
dh578-euq1.eu.iphmx.com
aadcdn.msauth.net aadcdn.msftauth.net |
| 2 | aadcdn.msftauthimages.net | |
| 2 | cdn.security.cisco.com |
1 redirects
dh578-euq1.eu.iphmx.com
|
| 1 | autologon.microsoftazuread-sso.com | |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | aadcdn.msauth.net |
login.microsoftonline.com
|
| 1 | www.googletagmanager.com |
dh578-euq1.eu.iphmx.com
|
| 53 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.eu.iphmx.com HydrantID Server CA O1 |
2023-10-16 - 2024-10-15 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-23 - 2024-11-23 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-01-29 - 2025-01-29 |
a year | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2023-11-10 - 2024-11-10 |
a year | crt.sh |
| aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03 |
2023-11-25 - 2024-11-19 |
a year | crt.sh |
| autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2023-11-11 - 2024-11-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Frame ID: 86113306DE144D48CEE39FDF7D0119E5
Requests: 54 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
- https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com Page URL
-
https://dh578-euq1.eu.iphmx.com/?ngui=True
HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2M... Page URL
- https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2M... Page URL
Detected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz und Cookies
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com Page URL
-
https://dh578-euq1.eu.iphmx.com/?ngui=True
HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D Page URL
- https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js HTTP 302
- https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
- https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
- https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D
53 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
quarantine
dh578-euq1.eu.iphmx.com/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
114 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6fe2d8eff3060566fcd8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
172 KB 173 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
551d61d85642806b1eb4.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
175 KB 176 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a353775e8ccc7c92df5d.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
180 KB 182 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
d2eff700e3825a7b4eb8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
175 KB 176 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1fce311df2cf4fad51ee.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
177 KB 178 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
391432e2abfd51718112.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
179 KB 180 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
27452bd0217dbb3492f6.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
186 KB 187 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2a9b7bb7f260f878eea3.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
186 KB 187 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
10ade40df398d7a1dc9c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
198 KB 199 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a6a6b7a83a7327418ee1.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
198 KB 199 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8996201684ac43ebf0dc.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
240 KB 241 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0a1d77c4b69c3c66302a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
242 KB 243 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
40970c37c6c54d4d573b.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
196 KB 197 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e452ead4c517f686176f.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
196 KB 197 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f2dabe0b8066eb875f95.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
214 KB 215 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7312133e39aa2d7211fe.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
212 KB 214 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
98ece92e76784330efb9.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
213 KB 214 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5cccf33da32d5f62079c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
209 KB 210 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
263c9cd0726b2528ac4a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
265 KB 267 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4631fbf9149dfa65af13.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ |
272 KB 273 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/ |
243 B 1 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
locale-en.json
dh578-euq1.eu.iphmx.com/quarantine/i18n/ |
41 KB 41 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
env_head.d2bf2eaba9fb584b6010.js
dh578-euq1.eu.iphmx.com/quarantine/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.e10747a5e17a6be14a33.css
dh578-euq1.eu.iphmx.com/quarantine/css/ |
358 KB 359 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.84346936698c6e417592.css
dh578-euq1.eu.iphmx.com/quarantine/css/ |
744 KB 747 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.0e554207647b8b5f5607.js
dh578-euq1.eu.iphmx.com/quarantine/ |
2 MB 2 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
commons.4a5b68aeb88279c7c4c8.js
dh578-euq1.eu.iphmx.com/quarantine/ |
188 KB 189 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.8c02ed63691d729daeaa.js
dh578-euq1.eu.iphmx.com/quarantine/ |
480 KB 482 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/ |
243 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ats-ribbon.js
cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ Redirect Chain
|
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
euq_url_details
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/ |
90 B 748 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
euq_authentication_method
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/ |
43 B 701 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saml2
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/ Redirect Chain
|
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
136 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
110 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
422 KB 116 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
58 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_d513b6f0c9182bbf1e0f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msftauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/ |
217 KB 218 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 771 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39 boolean| __convergedlogin_pfetchsessionsprogress_d513b6f0c9182bbf1e0f boolean| __convergedlogin_pstringcustomizationhelper_7582d7648944aa49d26116 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| dh578-euq1.eu.iphmx.com/ | Name: sid Value: 3340b7Lqb1Rtgw6feQZn |
|
| .login.microsoftonline.com/ | Name: esctx-SaRlUDVJ2Jo Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Ym9PauntLsKAc6dBI4dMnp1x2s-qWylarnNECluAkA17_QXmH6htr9MB0RbWpZovb8vROPP9vq9OPT-x4oV-pz_XveCNz8SuQxjHnBgoYEKVmDdjPZANvNQkbZghHPu3T4WMmX87IJR192payHAu1CAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AQYAQoWRPaloiU6seg90dU3bJBeqDZPoV2dMhqwnhWrbTFwGAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-zdZT1Ae-P37MZMGG1LtMadkkNopzAIHxKX70Yp9Zaipjh2kFLFLHpvFI5KWGL9c8RyMub21HOfaLHYqS69WGifs31VjO8bHOb-Bsi7ghi3IgAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Sj2jaT6S-w9lNK4yX98uAfWnARQd2ohYnaZBCUMakg1NreJ9CrHZFOCBEx_vJyJ4f9A4xYiMXZDOHNVikBkelzPUYsPiHlLGuxeVq6aM50K5fH_Sru0VPQlzN00g6dkQba1mlTLF7ptXa64gmKBfPBdo65oW0TWohZZhgtb1pJ4gAA |
|
| .login.microsoftonline.com/ | Name: esctx-Lu7hvgVSNg Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-WwomVYYeTmcU10izS0TcSnS3wCLZ8ibH5rDxuJRpa_-SaGsU_E2hjwmU3lEdOAut0zF50QSbnALx45-Ll6UKoR5gaV07kDLlhj5_otLQXp1aaxN5Ru9_wQwlYS9d0F4arkENRQEqa7UquDNXFEjx-SAA |
|
| login.microsoftonline.com/ | Name: fpc Value: Ams2agkzQ4pMqtSGvOMC-3wsyLwtAQAAACpiUt0OAAAA |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: d33de7ee206a48c5b355bd6ce78e5cf0 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1707109162&co=1 |
|
| autologon.microsoftazuread-sso.com/ | Name: fpc Value: AsWICmIoxmxBikMroT4GjmA |
|
| autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/ |
| Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
cdn.security.cisco.com
dh578-euq1.eu.iphmx.com
login.live.com
login.microsoftonline.com
www.googletagmanager.com
207.54.66.120
2600:9000:2250:7800:19:a7d3:e1c0:93a1
2603:1026:3000:150::6
2603:1026:3000:150::a
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:bdf::45
2a00:1450:4001:812::2008
40.126.31.73
00a85c1eb822be6d3bbf09bae15c37c42eb2e4fd02e6adbd732f54d30fa20901
147166480180e4aeabe038b9f4ff16b41791e80b9545f44838ea25c1bb6723e4
15e697417242d779ddec5439f81b56bdc61974ffda9a40919be81428f341296e
167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b
1b23870d8263953a6e3c786c7d964f47afd4270c40b48cfe241ab71c7e73cff4
2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b
2a97c24ee7138154c1ab45fe46d7dbb0e439a63e5b1d46167adbed0221a20729
2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9
3375dcff0a76e37bd5d6fc20d0d5a4ebca1732b48375d4ab6ee759aff6c379d5
38ebc790eb773b0460c4fcf825f36531cbb235b4f5618b09f4205d8df685e2f9
3ef2866d5cca4f75e3ea8be04ecb58d27a71e5f122a01282e0615c6c9831a0f0
42976e3f7e07d76e675a97382b7187e080fbd8ab3de382883c40c89c44becbba
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4b36d197aadae4a8e749e31f8999a4d83f82c0e6c463475d1e39c51348647e8e
4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05
51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33
555d20ddd88d77f0ced2cb48b51a181891089b6cbf9f8adeac6dc60cd78ea485
565aaa4c8a37cbb95c94bbc4e5c44e20b486d977a9ad32256eaf254b85dfbe06
5924b0fe56e02a29a3598c877af09aebc8a0e3a222d9b6532127229303b812e0
688a2d42350796280657d4bfee504616c104fc5af822938dd79425f467c3b5bc
6f4fa3cd4df8d3df00a8aa928e8ef57b7c375c28fb2f0368d3ed55743b4d15f8
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
78a1c79165972648e5450935b44a738de9edc163c329fa88b1e0c2074b01f5fa
7af82e94c56dd54d15e6cd7513c454d5ba3089f689805928a6f8b034d3b92ffc
7ed624b3ee31a0e62e123feb308836d1f259edda7e7d187bb5d599f8c4964bbc
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6
a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b069ceea552a59312ee383b78c8e1b526cf798c2d29cb95293a1feb54a4ad40a
b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af
b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16
bb7d278ab80d55e7559d54db2c79ca936313e341b19d832720b681bf97abe63d
c2735f54f9ea5b4009fb3f28e9013d3be1645466fd79d0fd06387c5c39438d0a
c34c37056ef1aaf0d8dbccbd5fd84cd064975f1613b20628c3d01cfcc114b0c0
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e
d5533e8c475630df84fcfc1d20a363719378310c1b9598d6a9819d3529188cb8
d987e276c171ba11d3fb1f4f1059f930ba2d710a576767b9664761f6748da18e
e2cdefe9680853d4d39a05ca12fa32d320896a59bef51cde4e1c0ec17b2bd686
e7478bf2dd3fcd1658bc92ac63e8946cfebb8e6f54362a4caeef95e11c0c85b3
eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1
f28d579b984fcd979d95e9f19a82a63b64027e06c8ca75c724efdc7b40bb6da3
fa1a20cdeede3a279470e67c18998b386584db7c0ab835fe956698d3f5f99cce
ffebec9dd051122236916aca90a88ce8d3d90e056f01c288fdbd74ed1592f23b