![](/screenshots/588a623b-511a-46f7-80a5-4d92b7a7e6e7.png)
login.microsoftonline.com
Open in
urlscan Pro
20.190.159.2
Public Scan
Effective URL: https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df49395-2fa4-4b2e-a92c-5b2...
Submission: On January 02 via manual from BR — Scanned from NL
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
admin.insitessquare.com | |
auth.insitessquare.com |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
iscsquare.b2clogin.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
Domain | Requested by | |
---|---|---|
12 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
11 | admin.insitessquare.com |
admin.insitessquare.com
|
6 | auth.insitessquare.com |
admin.insitessquare.com
auth.insitessquare.com |
3 | login.microsoftonline.com |
auth.insitessquare.com
login.microsoftonline.com aadcdn.msftauth.net |
2 | aadcdn.msftauthimages.net | |
2 | iscsquare.b2clogin.com |
1 redirects
auth.insitessquare.com
|
2 | translate.googleapis.com | |
2 | www.youtube.com |
admin.insitessquare.com
www.youtube.com |
2 | amp.azure.net |
admin.insitessquare.com
|
2 | insitessquare.com | 2 redirects |
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | az416426.vo.msecnd.net |
admin.insitessquare.com
|
1 | ten-life-on-mars.insitessquare.com |
admin.insitessquare.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | maxcdn.bootstrapcdn.com |
admin.insitessquare.com
|
1 | translate.google.com |
admin.insitessquare.com
|
1 | fonts.googleapis.com |
admin.insitessquare.com
|
0 | truncated Failed |
admin.insitessquare.com
|
53 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
insitessquare.com Cloudflare Inc ECC CA-3 |
2022-07-26 - 2023-07-25 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
ten-life-on-mars.insitessquare.com R3 |
2022-12-16 - 2023-03-16 |
3 months | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-11-17 - 2023-11-17 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-12-01 - 2023-12-01 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2022-10-03 - 2023-10-03 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 05 |
2022-12-23 - 2023-12-18 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2022-10-04 - 2023-10-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df49395-2fa4-4b2e-a92c-5b20308484c3&redirect_uri=https%3a%2f%2fiscsquare.b2clogin.com%2fiscsquare.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile&response_mode=form_post&nonce=VQLzVTR%2btrfjnEF1pNHfmQ%3d%3d&prompt=select_account&ui_locales=en-US&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmVlYmUyNTctMzllNS00ZmMyLThkMmEtZDE1MjcwYTM2NjRkIiwiVElEIjoiMDk5MTY2MzYtMDQzNi00NjRlLWI3YmUtNDFhNDI5ODA5OTk2IiwiVE9JRCI6IjM2NTFiZmYwLTgyOGItNDc4Yy1iZGUyLWUzY2Q5ZTM0MjNhZSJ9&sso_reload=true
Frame ID: CA9039CB1A74908D9406D87E980CAAC6
Requests: 54 HTTP requests in this frame
Screenshot
![](/screenshots/588a623b-511a-46f7-80a5-4d92b7a7e6e7.png)
Page Title
Aanmelden bij uw accountPage URL History Show full URLs
-
http://insitessquare.com/
HTTP 301
https://insitessquare.com/ HTTP 301
https://admin.insitessquare.com/ Page URL
- https://auth.insitessquare.com/?return_uri=https%3A%2F%2Fadmin.insitessquare.com%2F Page URL
-
https://iscsquare.b2clogin.com/iscsquare.onmicrosoft.com/b2c_1_signupandin/oauth2/v2.0/authorize?response_t...
HTTP 302
https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df4939... Page URL
- https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df4939... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Gebruiksvoorwaarden
Search URL Search Domain Scan URL
Title: Privacy en cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://insitessquare.com/
HTTP 301
https://insitessquare.com/ HTTP 301
https://admin.insitessquare.com/ Page URL
- https://auth.insitessquare.com/?return_uri=https%3A%2F%2Fadmin.insitessquare.com%2F Page URL
-
https://iscsquare.b2clogin.com/iscsquare.onmicrosoft.com/b2c_1_signupandin/oauth2/v2.0/authorize?response_type=id_token&scope=openid%20profile&client_id=e032675d-8689-4fe4-94cf-07d8b0d18243&redirect_uri=https%3A%2F%2Fauth.insitessquare.com%2F&state=f817b0e9-3171-4b04-b4b6-f13f3b42bca6&nonce=0825ba3c-0c97-4514-bd3e-8406fdb86c13&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=0.2.1&client-request-id=ca365bd5-0957-4f52-b3d9-f039d65b88ed&prompt=select_account&response_mode=fragment
HTTP 302
https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df49395-2fa4-4b2e-a92c-5b20308484c3&redirect_uri=https%3a%2f%2fiscsquare.b2clogin.com%2fiscsquare.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile&response_mode=form_post&nonce=VQLzVTR%2btrfjnEF1pNHfmQ%3d%3d&prompt=select_account&ui_locales=en-US&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmVlYmUyNTctMzllNS00ZmMyLThkMmEtZDE1MjcwYTM2NjRkIiwiVElEIjoiMDk5MTY2MzYtMDQzNi00NjRlLWI3YmUtNDFhNDI5ODA5OTk2IiwiVE9JRCI6IjM2NTFiZmYwLTgyOGItNDc4Yy1iZGUyLWUzY2Q5ZTM0MjNhZSJ9 Page URL
- https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df49395-2fa4-4b2e-a92c-5b20308484c3&redirect_uri=https%3a%2f%2fiscsquare.b2clogin.com%2fiscsquare.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile&response_mode=form_post&nonce=VQLzVTR%2btrfjnEF1pNHfmQ%3d%3d&prompt=select_account&ui_locales=en-US&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmVlYmUyNTctMzllNS00ZmMyLThkMmEtZDE1MjcwYTM2NjRkIiwiVElEIjoiMDk5MTY2MzYtMDQzNi00NjRlLWI3YmUtNDFhNDI5ODA5OTk2IiwiVE9JRCI6IjM2NTFiZmYwLTgyOGItNDc4Yy1iZGUyLWUzY2Q5ZTM0MjNhZSJ9&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://insitessquare.com/ HTTP 301
- https://insitessquare.com/ HTTP 301
- https://admin.insitessquare.com/
- https://iscsquare.b2clogin.com/iscsquare.onmicrosoft.com/b2c_1_signupandin/oauth2/v2.0/authorize?response_type=id_token&scope=openid%20profile&client_id=e032675d-8689-4fe4-94cf-07d8b0d18243&redirect_uri=https%3A%2F%2Fauth.insitessquare.com%2F&state=f817b0e9-3171-4b04-b4b6-f13f3b42bca6&nonce=0825ba3c-0c97-4514-bd3e-8406fdb86c13&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=0.2.1&client-request-id=ca365bd5-0957-4f52-b3d9-f039d65b88ed&prompt=select_account&response_mode=fragment HTTP 302
- https://login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/authorize?client_id=0df49395-2fa4-4b2e-a92c-5b20308484c3&redirect_uri=https%3a%2f%2fiscsquare.b2clogin.com%2fiscsquare.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile&response_mode=form_post&nonce=VQLzVTR%2btrfjnEF1pNHfmQ%3d%3d&prompt=select_account&ui_locales=en-US&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmVlYmUyNTctMzllNS00ZmMyLThkMmEtZDE1MjcwYTM2NjRkIiwiVElEIjoiMDk5MTY2MzYtMDQzNi00NjRlLWI3YmUtNDFhNDI5ODA5OTk2IiwiVE9JRCI6IjM2NTFiZmYwLTgyOGItNDc4Yy1iZGUyLWUzY2Q5ZTM0MjNhZSJ9
53 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
admin.insitessquare.com/ Redirect Chain
|
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27NVfgqrux_10255221104040649.js
admin.insitessquare.com/client_insites/ |
239 KB 91 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
env.js
admin.insitessquare.com/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
azuremediaplayer.min.css
amp.azure.net/libs/amp/1.8.0/skins/amp-default/ |
45 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-94fe9a679b73a1465bb2.css
admin.insitessquare.com/ |
1 MB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-94fe9a679b73a1465bb2.css
admin.insitessquare.com/ |
860 KB 107 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
992 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
azuremediaplayer.min.js
amp.azure.net/libs/amp/1.8.0/ |
606 KB 208 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
75 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runtime-ac46034e67894cc6c591.js
admin.insitessquare.com/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles-435fbd6fd89829222279.js
admin.insitessquare.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-11896aa12f58d396bc95.js
admin.insitessquare.com/ |
18 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib-202742775fd70df14ccf.js
admin.insitessquare.com/ |
9 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-widgetapi.js
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/ |
184 KB 62 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
truncated
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.vdhk0GhArrQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfosN9kI5IWqIj6K48tfhRK64wmPDA/ |
207 KB 74 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
186ea896-ac5e-4251-9ab0-d9c55a70006e
https://admin.insitessquare.com/ |
963 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b4fb2f09-0a53-4626-aaf4-687fdf862627
https://admin.insitessquare.com/ |
13 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
ten-life-on-mars.insitessquare.com/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GetTokenInfo
admin.insitessquare.com/serviceapi/query/AuthorizationService/ |
61 B 508 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
auth.insitessquare.com/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
rb_bf97660kle
admin.insitessquare.com/client_insites/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
LogoutOnAllSquares
admin.insitessquare.com/serviceapi/command/ParticipantService/ |
108 B 462 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
ten-life-on-mars.insitessquare.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ruxitagentjs_ICA27NVfgjqrux_10255221104040649.js
auth.insitessquare.com/client_authentication/ |
246 KB 95 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
env.js
auth.insitessquare.com/ |
769 B 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-435e857b98763f9a3310.js
auth.insitessquare.com/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib-e1cb85bbae0b4d4405fb.js
auth.insitessquare.com/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
iscsquare.b2clogin.com/iscsquare.onmicrosoft.com/b2c_1_signupandin/v2.0/.well-known/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rb_bf97660kle
auth.insitessquare.com/client_authentication/ |
121 B 1 KB |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/ Redirect Chain
|
151 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/aa3c372d-0013-4bdc-b272-204afc0088b6/oauth2/v2.0/ |
201 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
391 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-nl.min_7nevftcgjw_sznuc3yablq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-pnonk-hvnriontek-jzczxxgifi8cmftgqlgszin15a/logintenantbranding/0/ |
242 KB 242 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-pnonk-hvnriontek-jzczxxgifi8cmftgqlgszin15a/logintenantbranding/0/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/aa3c372d-0013-4bdc-b272-204afc0088b6/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
264 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 783 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
108 KB 20 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-nl.min_7nevftcgjw_sznuc3yablq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
49 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- truncated
- URL
- data:truncated
- Domain
- admin.insitessquare.com
- URL
- https://admin.insitessquare.com/client_insites/rb_bf97660kle?type=js3&sn=v_4_srv_7_sn_71AFE829984EC229E156E8671C028B82_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_app-3A3af4386a7a3c101a_0&svrid=7&flavor=post&vi=RLVFAFHRAHFJHIFLOPRDUEMKALFHKFAC-0&modifiedSince=1672635368866&rf=https%3A%2F%2Fadmin.insitessquare.com%2F&bp=3&app=3af4386a7a3c101a&crc=3583144993&en=d5gnxrvc&end=1
- Domain
- ten-life-on-mars.insitessquare.com
- URL
- https://ten-life-on-mars.insitessquare.com/?h=https%3A%2F%2Fadmin.insitessquare.com&p=%2F&r=&sid=SQOUNZNP&qs=%7B%7D&cid=10748138
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pfetchsessionsprogress_85acbcb9234972130506 boolean| __convergedlogin_pcustomizationloader_442ad4dbc9101c033d3326 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.insitessquare.com/ | Name: dtCookie Value: v_4_srv_7_sn_71AFE829984EC229E156E8671C028B82_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_app-3A3af4386a7a3c101a_0 |
|
.youtube.com/ | Name: YSC Value: 3G2g6XZrCcA |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: 0Zr7wT4QmRE |
|
.insitessquare.com/ | Name: rxVisitor Value: 1672661083531CU79C7TGVGE4R6S6ILSLPFTM848JPIGH |
|
admin.insitessquare.com/ | Name: ai_user Value: bnuLU|2023-01-02T12:04:45.643Z |
|
.insitessquare.com/ | Name: dtLatC Value: 1 |
|
.insitessquare.com/ | Name: rxvt Value: 1672662886276|1672661083532 |
|
.insitessquare.com/ | Name: dtPC Value: 7$461085894_876h-vRLVFAFHRAHFJHIFLOPRDUEMKALFHKFAC-0e0 |
|
.insitessquare.com/ | Name: dtSa Value: false%7C_load_%7C3%7C_onload_%7C-%7C1672661086277%7C461085894_876%7Chttps%3A%2F%2Fauth.insitessquare.com%2F%3Freturn_5Furi%3Dhttps%3A_252F_252Fadmin.insitessquare.com_252F%7C%7C%7C%7C |
|
.iscsquare.b2clogin.com/ | Name: x-ms-cpim-sso:iscsquare.onmicrosoft.com_0 Value: m1.4qDsJvJORCuFZ/2L.8fMlDF4O104BJ1XvH9nDlg==.0.TTG/4Io80dtcQ6yUmYUFiQF3KYIn2wV48RrCUxPCFeqwYJabH8nBZzFD4Kd25C6/ZRweXJqEPO05s99UltBdhFwDFLjl5KkxLwgR1cOkbd11/rqqLJyT+kalGERA5zanuEe3CXBO34RQTdWu7/sC3nIN/n0IxzqS9/B6VJCcNWLRigCVesPTk6J7gmrzUPF2tpqmI7fwebCyqkw0+V4XKEahv1rMplW1U0iHgI7w/0d3wCf5+2Gw6UUSyTH1vRI2SBboxXtHYBhEHp9PkXhZZZEw/trHhgP7eYECZxaIKU/W0FSBjOChIHgJBBvnmyVFoMAI8rX92y7Em9ZPBggoaY6uU7GtO+W5RhxIX6q25ju5hs+Elvyl7MaqsbbDp2id+Nlv/aGEZUI5Oocr |
|
.iscsquare.b2clogin.com/ | Name: x-ms-cpim-rc:beebe257-39e5-4fc2-8d2a-d15270a3664d Value: VE00RURXWnJsdVp3N0lrdTFPUURtNjJnMVNuc0s3K0JtRElUTVBXclFsNlJnUk5waXdsd05naDl5UVhvS0pYaDRBRXFDaG1ueGgxYjQ4MVBFNU1aZUE9PTsyMDIzLTAxLTAyVDEyOjA0OjQ2Ljc2NjM1MzlaO0pENjQ4QUVzZm9aSnVydlZvWlZOeWc9PTt7IlRhcmdldEVudGl0eSI6IklTQ0FEIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjJ9 |
|
.iscsquare.b2clogin.com/ | Name: x-ms-cpim-cache|nmarctyetka3vkgkkyczlg_0 Value: m1.tyVnVHbNowtVUvWU.O66njOf31HMWy1/+blz+LQ==.0.rCZCttfD7ixO8/nLvRVpa+HByc8jghvsGL8JssTem5zwiwaylZqzsztkj/EAnUEaEm2TqzgiuoXGTRbPjytb5Z8l1xIX/+olIvlyHLH4wdFjWRY2KwTLMVsDokcmgDQPcokL75n/cwGSONKpQ/fvh3f6Olbf5s0uN++pVL0n+pfaP9ZR2dApkOvgbY0TBGng7sdOTfcOJApUY8/8UWbVwCZunFiR7ppWkV4EsMoDqs7JGHYUnmMrVpcPpNieNFosj9xXmWsWGIjcDPUHQ6yaW6viTavBblrL8zJ7SVFcWUqeOc9CrsVlVa2zcf/1nmMwNXCsZ6IWZ4jfzHbRZm3TKDhMl8VXwgjOmRGJtW7w0mWELMrJR9DD3z91WyoDbVOnx0y11xdKoKuQla49ZVEC7wFdJMfpJjbzJ6Z5tA9c6odHS6PiCSMOh8BJrhUgWfhV9T1XJu27FvILq9PJmiN5k0luHNVcv9XfWCuAjk2/ICDU2O9MQtZ7CofSkBRlNx03L3HMcKl2/GdUJ0LKG5Q688LYMVoEkjz+oqw3s067i32O5z9fgUBmO6yL1NBEQ+EF7oSBjxnriznFRsKnU8Uo1DVKpbYSOW0sh4dnQbCjd98I+2C9Vguxw/+nqrL8fgLKl1EZlAZtJebfOl7ysKWx0RzbybfLqCNZ85KRnpBaVway9W8Ojgn1T2mj2S6J9qIzZLYCB4fszdzF8pGDXEIkVxgz+AWhFOV4Zev93jHLXewjTpuRmPzOkbcWsjp024UEIrYCelp94rHFtYNLZZf/pXPZHRN617C0YADD7K6XKdFs3OJdL6muhok= |
|
.iscsquare.b2clogin.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjA5OTE2NjM2LTA0MzYtNDY0ZS1iN2JlLTQxYTQyOTgwOTk5NiIsIlQiOiJpc2NzcXVhcmUub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xX3NpZ251cGFuZGluIiwiQyI6ImUwMzI2NzVkLTg2ODktNGZlNC05NGNmLTA3ZDhiMGQxODI0MyIsIlMiOjEsIk0iOnt9LCJEIjowfV0sIkNfSUQiOiIwOTkxNjYzNi0wNDM2LTQ2NGUtYjdiZS00MWE0Mjk4MDk5OTYifQ== |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQwALTc8qhMA3EuyciBK_ACItpWT9A2kLy5LqSxbIDCEhMOWAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrHYzjOasE4IYpYrwGeW4dXHRmAg0SNC4rM8s8m5fQdrXOe25j40ZDN3vFj9a283-u02Dy-g6JY8xRYtpHEJ6kuDH_H5C1IZY5aRF5Y2bRBDIgAA |
|
login.microsoftonline.com/ | Name: fpc Value: Ahenu5_djaFLvMb_81GABJHxKpdfAQAAAF6_RNsOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevrtp2AjcBV59X5Mj6Dz5OtxJgTQPwhmsYKjBcwIowkdxfLOEVCkSCVX06hT4mIcpknfDc2SgaamdGiM24OEiB6CZHYKw1Xs132KDdV9DKL8iD2XdmTNHVwMhLg9_JZJnAve57QCGU4rFpFaNgArah1zLc8PJ6iZX7ffLxkgRbnXscgAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: 17448dec94ec47739e6e31dd5e802471 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1672661087&co=1 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: Ao5lr4Lv-RFHqRFkxk2HxpU |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' blob:; connect-src 'self' https://iscsquare.b2clogin.com https://*.mux.com https://*.fastly.net https://*.hwcdn.net https://cdn.jsdelivr.net/npm/emoji-picker-element-data@%5E1/en/emojibase/data.json https://translate.googleapis.com/ https://storage.googleapis.com/ https://*.vimeo.com/ https://vimeo.com/api/ https://insitesecoprodmedia.streaming.mediaservices.windows.net https://insitessquare.com wss://admin.insitessquare.com https://*.service.signalr.net wss://*.service.signalr.net https://*.signalr.azure.cn wss://*.signalr.azure.cn https://dc.services.visualstudio.com https://*.blob.core.windows.net https://*.blob.core.chinacloudapi.cn https://*.streaming.media.chinacloudapi.cn https://staticblob.insitessquare.com/ https://*.insitessquare.com https://*.insitessquare.com.au https://*.insitessquare.cn blob:; worker-src blob:; img-src * data: blob:; media-src * mediastream: data: blob:; frame-src 'self' mediastream: data: blob: https://player.vimeo.com/ https://www.google.com https://login.microsoftonline.com https://www.youtube.com https://*.amp.azure.net https://*.ytimg.com; style-src 'self' 'unsafe-inline' https://*.insites-consulting.com https://*.googleapis.com https://www.google.com/uds/ https://maxcdn.bootstrapcdn.com https://amp.azure.net www.gstatic.com/charts/51/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.vimeo.com/ https://vimeo.com/api/ https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://*.insites-consulting.com https://www.google.com/jsapi https://*.googleapis.com https://www.google.com/uds/ https://ten-life-on-mars.insitessquare.com/script.js https://*.msecnd.net https://s.ytimg.com/ https://*.blob.core.windows.net *.visualstudio.com translate.google.com s.ytmg.com www.youtube.com amp.azure.net blob: www.gstatic.com/charts/51/ ; font-src 'self' https://*.googleapis.com https://www.google.com/uds/ https://amp.azure.net/libs/amp/ fonts.gstatic.com maxcdn.bootstrapcdn.com |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
admin.insitessquare.com
amp.azure.net
auth.insitessquare.com
autologon.microsoftazuread-sso.com
az416426.vo.msecnd.net
fonts.googleapis.com
fonts.gstatic.com
insitessquare.com
iscsquare.b2clogin.com
login.live.com
login.microsoftonline.com
maxcdn.bootstrapcdn.com
ten-life-on-mars.insitessquare.com
translate.google.com
translate.googleapis.com
truncated
www.youtube.com
admin.insitessquare.com
ten-life-on-mars.insitessquare.com
truncated
152.199.19.160
152.199.23.37
20.190.159.2
20.190.160.20
20.50.2.10
2400:52e0:1e00::874:1
2603:1026:3000:c8::6
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6812:1288
2606:4700::6812:acf
2620:1ec:4f:1::45
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:400d:80a::200e
40.126.32.76
0b1f88c80051fff2a42ef0e8250a587cb294a467f269f1e88d4e1a4ea0c27245
13e4612312190ab72a8a62e1dcc958d5f3f66aa0fff28c59cf35cfd645c2d8fc
15125e5ccd01cca87703d291d5e7f45708a6433d91ee11778fc4dd41b87ccd54
1d013d957c4604dcfe91c2d250c0222c84c01511d3b3d692b264d6328618cd8d
2414a0638148a622763358c0a04953d281dbcb97b9e3715d4daf11ecfe78635b
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1
41ff878f90ee60c849caa0a451188cfa183606eca8eed21df2c017ddf546ec88
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea
475f2def3234feae8fcdc9abbffa5c9946d57186bf7219961f8c9bc392ff56c9
528d01a92eba16e6b153a821b58bd44f49eb3ea20f77ed77eb13d5217c18a9fd
670cf3d21b3cd605661647664aca0c5022eecfdfddccb9a41dc0191b36e1f60b
68d05a45fe013b750625581aba6faefa3c5d5a039da3ec267f095c96ae285904
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
6da02a27b6cdebbf377341efa70070f4d17be760b6edcaa7f32cea91a2f4e258
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993
7a3a06aefe8de1887c940f15180f7c2d929bc6d44869ef27d85c883ea2bb1ca1
7b4c27a4976ceae364e576d0bc76e7b6a3c8682f2ff3830d7075093d037dfe90
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
af19638adb1a03a12143bbe68a3b0b21bf434a59f67e2c56f95fb754124ed7ad
bf5c9f1562b5779466ff45f4aac559f85ec2d2c9bfe95ed13857dbb32b146377
c45f7559ddbc271af8a56dc959304fb511d76a40249cab3ec31c67b79b2d2ba8
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f01184fbdd17df016f2886b0cb6ff4f39cd4409a239e108c7bbe0422030b96ae
f2fb6c605d1ef197f9bd7677f5e0c2a37a7a6a66df262ab8044b44540847be6e
f7b4910e9381a7f4639bfc62b003c0decf74ab140f54998528230bd52f23f3b7