urlscan.io logo urlscan.io
SecurityTrails logo

auth.pekininsurance.us Open in urlscan Pro
12.32.176.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.pekininsurance.us/cics/CLI1805?DL0H1209600F211013
Effective URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Submission Tags: falconsandbox
Submission: On November 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 12.32.176.49, located in United States and belongs to ATT-INTERNET4, US. The main domain is auth.pekininsurance.us.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 16th 2019. Valid for: 2 years.
This is the only time auth.pekininsurance.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 12.32.176.50 7018 (ATT-INTER...)
1 21 12.32.176.49 7018 (ATT-INTER...)
1 23.96.209.155 8075 (MICROSOFT...)
21 2
Domain Requested by
21 auth.pekininsurance.us 1 redirects auth.pekininsurance.us
1 picc-marketing-branding-web-ws-01.azurewebsites.net auth.pekininsurance.us
1 www.pekininsurance.us 1 redirects
21 3
Subject Issuer Validity Valid
auth.pekininsurance.us
DigiCert SHA2 Secure Server CA		 2019-10-16 -
2021-10-19		 2 years crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Frame ID: 3A1420A19D8F5150F50902FA3E872362
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.pekininsurance.us/cics/CLI1805?DL0H1209600F211013 HTTP 302
    https://auth.pekininsurance.us/identity/connect/authorize?client_id=29701e83-62e3-4bcc-8422-b7df62abe387&re... HTTP 302
    https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /angular[.-]([\d.]*\d)[^/]*\.js/i
  • script /angular.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

519 kB
Transfer

513 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.pekininsurance.us/cics/CLI1805?DL0H1209600F211013 HTTP 302
    https://auth.pekininsurance.us/identity/connect/authorize?client_id=29701e83-62e3-4bcc-8422-b7df62abe387&redirect_uri=https%3a%2f%2fwww.pekininsurance.us&response_mode=form_post&response_type=code+id_token+token&scope=openid+profile+email+permissions+agencyinfo+offline_access+legacy_access&state=OpenIdConnect.AuthenticationProperties%3dwvQzI2Jo4bUeqq3FqaGR5w-ir8ed1ApYdA30RySKOpIziy3gMGcr33lJDBTebGl8osMHwHCKGpiLZMTQFPlXdHlDD0FCuz1I-CIImQjns4AwXCQcjoOqQd3UPDIhS7aeqwn3fYfKk7f7xW77HFeIBm6td1UP9Twd-WF3TCBSf2i7DLMulTgGBjxdcPUR7YbisoTO4BNMsd8LduhOBRHkhl27NNt0eTeiKV1e444t471-1LqfDxS6YusoJXzeHx7VNr9XrZ5wJYOm29TT9E4vw3PS0iVHF3iL4I5Yq1g7WnmXqaH-&nonce=637416297741609388.ODJlNGVkYTUtYjQxMS00NzQ2LTk1NGItYWI4OTY4ZmUyMzczMDA4YTI1YTEtNTBjOC00MzkzLTkxZGUtMDRhMzEwNGU4NjYz HTTP 302
    https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
auth.pekininsurance.us/identity/
Redirect Chain
  • https://www.pekininsurance.us/cics/CLI1805?DL0H1209600F211013
  • https://auth.pekininsurance.us/identity/connect/authorize?client_id=29701e83-62e3-4bcc-8422-b7df62abe387&redirect_uri=https%3a%2f%2fwww.pekininsurance.us&response_mode=form_post&response_type=code+...
  • https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
4b6fe24a490e0ccf4660c6182b6e1b3412ad04836012a05adf110f5576c2a98e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
auth.pekininsurance.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SignInMessage.80c87eaf472baaf13cb92ca872ecc2d4=McIUsebr9JJPkwHEulA_p3-R6VYcV2VMRPsgc5UfWYI9NFo60lRLO4d2HhYAAPypOobpdrvuC4evBeYvO0szkPfy0HdOEgYcTXgEz_iV-p4wnK7Hl5YGRbPJZomfL2o7KSezYJhmSEaRVW8YXFGAIAjGhBDUCVk_j47PYGY8RIQ_GtY7F7K6e2V4GrWhFSziXtyHNb-islycZ4X_LMvHkDU8_tI2Y8GuNAT2KsGqgtz04DpHLngP_WWlOqALxgrbQEtN7_Dj2GqmyDnzkAEQGEghT3jCAuQDYp2HNcuTqT81xNZ4riozRXacmBvDK7XkFG6N_HCLECRlhcwZKOuYGJdDOT9tZaZUpj1mCAEg5smsr9yYMCqigFhCVSI4fWT3GrcJz45SeVaudeKvta0miOzUmNbkxbRq-fkm8Ay-q0rtbN51le51EELjescX2tO5MMXJO9JNDgyGLHAmrBMRze07bE0zk-UCC6VYTNOOVpznZaJBb0j94we4afaBf9IzRNz3fR2VINZloRdxTZI8QjpVB-cedvRcf0lidPzV0BcXPaJoL-yD7lvmW1w-_BfXRuGEyXQX_vsMZdEQbaG5GsrPnNo2Q8kXQJfBJgjK83GYyeLniPJD8jjNKRF4UtnUH8ZxWPwQnrrKraRcQyxqGHDyMozOSq89yzEhYoardfGocDNqTIbA0p32G1lAdIjKp58yS6kiadqbpqIN5Agu4D9HRUupu_zc_7BRFQHhxO2eQfxUNZMr8A9ZVP3IaUOsN8-rfr9-yL_lM1J-wJNOOMh0z2pPCbgAk_OQmQ4n7vopxKIrSNzxcUJJ0LIRk_WEqobvxj5LMFm7qumtTZOQPo9-PDaOr_B2eDJvC68mQNQzWMnrJ7AwYfDC1suZepQ9fj9Xf0PIS_VY8VwX1qpif9HapFAQpkDf5GUW-NaO7GCWtt5I1Qa3ciqDfYXqaHGjaJC30FHV1hzunYvcz0f9bY5DfO-FzGuQgYTaUFGCKBypGoFFwaC_8F02nvb99BjAeyMoj_uV49Vj2H57sV1VvwaXZ-h3a0TO39bYbayWZWGFXPv0rqWgecPpwRA4OARUdO-ay2BWF_5GHcuM8ufhwn4MdgsqMY76JwsX18-18HvdxkYH8GfBylG8NcqpNlLeiqHvd2kZC2Y9Jn5kSaOvxtta8fu6Xc9Oc_Fu01E3ewCby5BIY5x3rWfvrDQ7QuLPLfIgMhGWTrytvkMYL1vIHIvlsd0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, max-age=0, private
Pragma
no-cache
Content-Length
9596
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
Set-Cookie
idsvr.username=.; path=/identity; expires=Fri, 22-Nov-2019 08:16:15 GMT; secure; HttpOnly idsrv.xsrf=zEyVGrNrDL21ac7E46cv7a-V4uIBn7YGkC9lZbMbQbrC09UzLhY7pCMMqJc03st_WeAdyIEftwIFINI3Kh7jHqTBX5o; path=/identity; secure; HttpOnly
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Date
Sun, 22 Nov 2020 08:16:15 GMT

Redirect headers

Location
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Set-Cookie
SignInMessage.80c87eaf472baaf13cb92ca872ecc2d4=McIUsebr9JJPkwHEulA_p3-R6VYcV2VMRPsgc5UfWYI9NFo60lRLO4d2HhYAAPypOobpdrvuC4evBeYvO0szkPfy0HdOEgYcTXgEz_iV-p4wnK7Hl5YGRbPJZomfL2o7KSezYJhmSEaRVW8YXFGAIAjGhBDUCVk_j47PYGY8RIQ_GtY7F7K6e2V4GrWhFSziXtyHNb-islycZ4X_LMvHkDU8_tI2Y8GuNAT2KsGqgtz04DpHLngP_WWlOqALxgrbQEtN7_Dj2GqmyDnzkAEQGEghT3jCAuQDYp2HNcuTqT81xNZ4riozRXacmBvDK7XkFG6N_HCLECRlhcwZKOuYGJdDOT9tZaZUpj1mCAEg5smsr9yYMCqigFhCVSI4fWT3GrcJz45SeVaudeKvta0miOzUmNbkxbRq-fkm8Ay-q0rtbN51le51EELjescX2tO5MMXJO9JNDgyGLHAmrBMRze07bE0zk-UCC6VYTNOOVpznZaJBb0j94we4afaBf9IzRNz3fR2VINZloRdxTZI8QjpVB-cedvRcf0lidPzV0BcXPaJoL-yD7lvmW1w-_BfXRuGEyXQX_vsMZdEQbaG5GsrPnNo2Q8kXQJfBJgjK83GYyeLniPJD8jjNKRF4UtnUH8ZxWPwQnrrKraRcQyxqGHDyMozOSq89yzEhYoardfGocDNqTIbA0p32G1lAdIjKp58yS6kiadqbpqIN5Agu4D9HRUupu_zc_7BRFQHhxO2eQfxUNZMr8A9ZVP3IaUOsN8-rfr9-yL_lM1J-wJNOOMh0z2pPCbgAk_OQmQ4n7vopxKIrSNzxcUJJ0LIRk_WEqobvxj5LMFm7qumtTZOQPo9-PDaOr_B2eDJvC68mQNQzWMnrJ7AwYfDC1suZepQ9fj9Xf0PIS_VY8VwX1qpif9HapFAQpkDf5GUW-NaO7GCWtt5I1Qa3ciqDfYXqaHGjaJC30FHV1hzunYvcz0f9bY5DfO-FzGuQgYTaUFGCKBypGoFFwaC_8F02nvb99BjAeyMoj_uV49Vj2H57sV1VvwaXZ-h3a0TO39bYbayWZWGFXPv0rqWgecPpwRA4OARUdO-ay2BWF_5GHcuM8ufhwn4MdgsqMY76JwsX18-18HvdxkYH8GfBylG8NcqpNlLeiqHvd2kZC2Y9Jn5kSaOvxtta8fu6Xc9Oc_Fu01E3ewCby5BIY5x3rWfvrDQ7QuLPLfIgMhGWTrytvkMYL1vIHIvlsd0; path=/identity; secure; HttpOnly
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Date
Sun, 22 Nov 2020 08:16:15 GMT
Content-Length
0
bootstrap.min.css
auth.pekininsurance.us/content/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/content/bootstrap.min.css
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"77576fcc4c8dd61:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
121265
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
font-awesome.min.css
auth.pekininsurance.us/Content/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/Content/font-awesome.min.css
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"cc1a70cc4c8dd61:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
27470
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Branding.css
auth.pekininsurance.us/Content/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/Content/Branding.css
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
2c5c14d00e1a8cad028ae88004d5e6289b6c1a836f997ed08366ec3a496889f1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"ac386bcc4c8dd61:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1564
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
jquery-1.12.0.min.js
auth.pekininsurance.us/Scripts/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/Scripts/jquery-1.12.0.min.js
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"be6a82cc4c8dd61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
97367
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
bootstrap.min.js
auth.pekininsurance.us/Scripts/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/Scripts/bootstrap.min.js
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"f29580cc4c8dd61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
36874
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
angular.1.2.13.min.js
auth.pekininsurance.us/scripts/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/scripts/angular.1.2.13.min.js
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
267eb7e0909151f98e1cb6934383c661a3a6dd257b8dfaee6e260c3571252f27
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"6a5d7fcc4c8dd61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
101279
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
encoder.min.js
auth.pekininsurance.us/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/scripts/encoder.min.js
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
0ec7b130286d124d6670f66a2dc939f3c52a403a829c48e95bf9a4e9198c2272
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"25b81cc4c8dd61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
6820
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
app.js
auth.pekininsurance.us/scripts/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/scripts/app.js
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
2455ab1a28279f84181c3707dcc0619b5604f167cd02b08f9ee665ff3577c79d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:15 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"9dd27fcc4c8dd61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3567
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
pekin_logo_white.png
picc-marketing-branding-web-ws-01.azurewebsites.net/Content/Themes/Maroon/Images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://picc-marketing-branding-web-ws-01.azurewebsites.net/Content/Themes/Maroon/Images/pekin_logo_white.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.209.155 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-ch1-005.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9819d637349a476351c63c9a8d88d802164c915befaaf6a4141fa01f5d63a534

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Fri, 12 Sep 2014 13:59:39 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"24f3afcb91cecf1:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
7741
Icon_FB.png
auth.pekininsurance.us/Content/Images/ 		647 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/Icon_FB.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
82e79255576bf64484c1c4947657d53a3161defea684aef25182d463488d5ab5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"f0d46bcc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
647
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Icon_TWR.png
auth.pekininsurance.us/Content/Images/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/Icon_TWR.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
d8b00cf207ee532ede043c3800c85b59f2c7df119fbcd2cf3c29562045c8c1f4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"234a6ccc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
952
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Icon_IN.png
auth.pekininsurance.us/Content/Images/ 		833 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/Icon_IN.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
b13306ca2292715b2c14821e138d1b30bddd43108575524072cd1f810cf87964
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"1fc6bcc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
833
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Icon_YT.png
auth.pekininsurance.us/Content/Images/ 		677 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/Icon_YT.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
d244dfa8814e5229d7f067f6f9ca557ffd860c43d5fcc9f006aad9a2507b21b5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"34716ccc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
677
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Icon_ITUNES.png
auth.pekininsurance.us/Content/Images/ 		729 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/Icon_ITUNES.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
da82ee722ec158972275974f15b724e73479cffcf4aec4ceb71d2661c05d08dc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"12236ccc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
729
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Icon_AND.png
auth.pekininsurance.us/Content/Images/ 		617 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/Icon_AND.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
d8d2e9910e0a42a05f7f0d452887529cab4bfa6590e892294fd98a69028d62fc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"dfad6bcc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
617
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
AmericanRedCross.png
auth.pekininsurance.us/Content/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/AmericanRedCross.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
3c6b545919a7248d40cd75dd2ebaac4ce8274141af50fb9939e6209d6fa0c63c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"ce866bcc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3821
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
jsonsettings
auth.pekininsurance.us/account/ 		154 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/account/jsonsettings
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/scripts/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
f29667686b9cc8c01781dd5a41ef0c2fe4cdeda69b3b06357c0139cd7b594d91
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/identity/login?signin=80c87eaf472baaf13cb92ca872ecc2d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Cache-Control
private
X-UA-Compatible
IE=edge
Content-Length
154
X-XSS-Protection
1; mode=block
Content-Type
application/json; charset=utf-8
PekinLogo_Faded.png
auth.pekininsurance.us/Content/Images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/PekinLogo_Faded.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/Content/Branding.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
099e65e032cc2ebb6a377ea931cdd180b4fd27bf8065ab4defb736773d19f9a5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/Content/Branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"45986ccc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
36166
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
bg.png
auth.pekininsurance.us/Content/Images/ 		452 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.pekininsurance.us/Content/Images/bg.png
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/Content/Branding.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
a94e44600cc7f2dd9138a953aef9d7a85ff458a12ff3c59863f25a75a66fcb56
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.pekininsurance.us/Content/Branding.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"67e66ccc4c8dd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
452
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
fontawesome-webfont.woff2
auth.pekininsurance.us/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.pekininsurance.us/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: auth.pekininsurance.us
URL: https://auth.pekininsurance.us/Content/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
12.32.176.49 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Origin
https://auth.pekininsurance.us
Referer
https://auth.pekininsurance.us/Content/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 08:16:16 GMT
Last-Modified
Thu, 17 Sep 2020 23:46:44 GMT
ETag
"e92f95cc4c8dd61:0"
Content-Type
application/font-woff2
Accept-Ranges
bytes
Content-Length
66624
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| myTrustedRe object| antiClickjack function| $ function| jQuery object| jQuery112005941814786006498 object| angular object| Encoder object| identityServer

2 Cookies

Domain/Path Name / Value
auth.pekininsurance.us/identity Name: idsrv.xsrf
Value: zEyVGrNrDL21ac7E46cv7a-V4uIBn7YGkC9lZbMbQbrC09UzLhY7pCMMqJc03st_WeAdyIEftwIFINI3Kh7jHqTBX5o
auth.pekininsurance.us/identity Name: SignInMessage.80c87eaf472baaf13cb92ca872ecc2d4
Value: McIUsebr9JJPkwHEulA_p3-R6VYcV2VMRPsgc5UfWYI9NFo60lRLO4d2HhYAAPypOobpdrvuC4evBeYvO0szkPfy0HdOEgYcTXgEz_iV-p4wnK7Hl5YGRbPJZomfL2o7KSezYJhmSEaRVW8YXFGAIAjGhBDUCVk_j47PYGY8RIQ_GtY7F7K6e2V4GrWhFSziXtyHNb-islycZ4X_LMvHkDU8_tI2Y8GuNAT2KsGqgtz04DpHLngP_WWlOqALxgrbQEtN7_Dj2GqmyDnzkAEQGEghT3jCAuQDYp2HNcuTqT81xNZ4riozRXacmBvDK7XkFG6N_HCLECRlhcwZKOuYGJdDOT9tZaZUpj1mCAEg5smsr9yYMCqigFhCVSI4fWT3GrcJz45SeVaudeKvta0miOzUmNbkxbRq-fkm8Ay-q0rtbN51le51EELjescX2tO5MMXJO9JNDgyGLHAmrBMRze07bE0zk-UCC6VYTNOOVpznZaJBb0j94we4afaBf9IzRNz3fR2VINZloRdxTZI8QjpVB-cedvRcf0lidPzV0BcXPaJoL-yD7lvmW1w-_BfXRuGEyXQX_vsMZdEQbaG5GsrPnNo2Q8kXQJfBJgjK83GYyeLniPJD8jjNKRF4UtnUH8ZxWPwQnrrKraRcQyxqGHDyMozOSq89yzEhYoardfGocDNqTIbA0p32G1lAdIjKp58yS6kiadqbpqIN5Agu4D9HRUupu_zc_7BRFQHhxO2eQfxUNZMr8A9ZVP3IaUOsN8-rfr9-yL_lM1J-wJNOOMh0z2pPCbgAk_OQmQ4n7vopxKIrSNzxcUJJ0LIRk_WEqobvxj5LMFm7qumtTZOQPo9-PDaOr_B2eDJvC68mQNQzWMnrJ7AwYfDC1suZepQ9fj9Xf0PIS_VY8VwX1qpif9HapFAQpkDf5GUW-NaO7GCWtt5I1Qa3ciqDfYXqaHGjaJC30FHV1hzunYvcz0f9bY5DfO-FzGuQgYTaUFGCKBypGoFFwaC_8F02nvb99BjAeyMoj_uV49Vj2H57sV1VvwaXZ-h3a0TO39bYbayWZWGFXPv0rqWgecPpwRA4OARUdO-ay2BWF_5GHcuM8ufhwn4MdgsqMY76JwsX18-18HvdxkYH8GfBylG8NcqpNlLeiqHvd2kZC2Y9Jn5kSaOvxtta8fu6Xc9Oc_Fu01E3ewCby5BIY5x3rWfvrDQ7QuLPLfIgMhGWTrytvkMYL1vIHIvlsd0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.pekininsurance.us
picc-marketing-branding-web-ws-01.azurewebsites.net
www.pekininsurance.us
12.32.176.49
12.32.176.50
23.96.209.155
099e65e032cc2ebb6a377ea931cdd180b4fd27bf8065ab4defb736773d19f9a5
0ec7b130286d124d6670f66a2dc939f3c52a403a829c48e95bf9a4e9198c2272
2455ab1a28279f84181c3707dcc0619b5604f167cd02b08f9ee665ff3577c79d
267eb7e0909151f98e1cb6934383c661a3a6dd257b8dfaee6e260c3571252f27
2c5c14d00e1a8cad028ae88004d5e6289b6c1a836f997ed08366ec3a496889f1
3c6b545919a7248d40cd75dd2ebaac4ce8274141af50fb9939e6209d6fa0c63c
4b6fe24a490e0ccf4660c6182b6e1b3412ad04836012a05adf110f5576c2a98e
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
82e79255576bf64484c1c4947657d53a3161defea684aef25182d463488d5ab5
880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01
9819d637349a476351c63c9a8d88d802164c915befaaf6a4141fa01f5d63a534
a94e44600cc7f2dd9138a953aef9d7a85ff458a12ff3c59863f25a75a66fcb56
b13306ca2292715b2c14821e138d1b30bddd43108575524072cd1f810cf87964
b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5
d244dfa8814e5229d7f067f6f9ca557ffd860c43d5fcc9f006aad9a2507b21b5
d8b00cf207ee532ede043c3800c85b59f2c7df119fbcd2cf3c29562045c8c1f4
d8d2e9910e0a42a05f7f0d452887529cab4bfa6590e892294fd98a69028d62fc
da82ee722ec158972275974f15b724e73479cffcf4aec4ceb71d2661c05d08dc
de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848
f29667686b9cc8c01781dd5a41ef0c2fe4cdeda69b3b06357c0139cd7b594d91
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995