urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.159.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.royal-caribbean-cruises.mkt5894.com/ctt?ms=MzQ0ODU0MDIS1&kn=6&r=NTI4MTA3NTM3NDYyS0&b=0&j=MjI2MzUwMTIyOAS2&mt=1&rt=0
Effective URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-25...
Submission Tags: falconsandbox
Submission: On March 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 20.190.159.4, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 19.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 2nd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.65.39.110 16509 (AMAZON-02)
1 3 2.17.183.173 16625 (AKAMAI-AS)
3 20.190.159.4 8075 (MICROSOFT...)
1 20.190.159.73 8075 (MICROSOFT...)
13 152.199.23.37 15133 (EDGECAST)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2603:1026:300... 8075 (MICROSOFT...)
22 6
1    18.65.39.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-110.ams1.r.cloudfront.net
links.royal-caribbean-cruises.mkt5894.com
3    2.17.183.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-183-173.deploy.static.akamaitechnologies.com
homeport.rccl.com
3    20.190.159.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    20.190.159.73 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
13    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
2    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
1    2603:1026:3000:d0::9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
13 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1166
267 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 19
109 KB
3 rccl.com
homeport.rccl.com
9 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3162
185 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1452
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 79
1 mkt5894.com
links.royal-caribbean-cruises.mkt5894.com
379 B
22 7
Domain Requested by
13 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
3 login.microsoftonline.com login.microsoftonline.com
aadcdn.msftauth.net
3 homeport.rccl.com 1 redirects homeport.rccl.com
2 aadcdn.msftauthimages.net
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
1 links.royal-caribbean-cruises.mkt5894.com 1 redirects
22 7

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
secure.royalcaribbean.com
GeoTrust RSA CA 2018		 2023-01-09 -
2023-09-09		 8 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-03-02 -
2024-03-02		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-12-30 -
2023-12-30		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2022-04-01 -
2023-04-01		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure TLS Issuing CA 05		 2022-12-23 -
2023-12-18		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Frame ID: 27A77B429499FAE5C325B769686C6747
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://links.royal-caribbean-cruises.mkt5894.com/ctt?ms=MzQ0ODU0MDIS1&kn=6&r=NTI4MTA3NTM3NDYyS0&b=0&j=MjI2MzUwMTIyOAS2&mt=1&rt=0 HTTP 302
    https://homeport.rccl.com/myhr-app-by-successfactors/ Page URL
  2. https://homeport.rccl.com/myhr-app-by-successfactors/?cb=31841742-dc48-46f4-b832-567b59e56841 HTTP 302
    https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537ed... Page URL
  3. https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537ed... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns

Page Statistics

22
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

570 kB
Transfer

1368 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.royal-caribbean-cruises.mkt5894.com/ctt?ms=MzQ0ODU0MDIS1&kn=6&r=NTI4MTA3NTM3NDYyS0&b=0&j=MjI2MzUwMTIyOAS2&mt=1&rt=0 HTTP 302
    https://homeport.rccl.com/myhr-app-by-successfactors/ Page URL
  2. https://homeport.rccl.com/myhr-app-by-successfactors/?cb=31841742-dc48-46f4-b832-567b59e56841 HTTP 302
    https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com Page URL
  3. https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.royal-caribbean-cruises.mkt5894.com/ctt?ms=MzQ0ODU0MDIS1&kn=6&r=NTI4MTA3NTM3NDYyS0&b=0&j=MjI2MzUwMTIyOAS2&mt=1&rt=0 HTTP 302
  • https://homeport.rccl.com/myhr-app-by-successfactors/
Request Chain 2
  • https://homeport.rccl.com/myhr-app-by-successfactors/?cb=31841742-dc48-46f4-b832-567b59e56841 HTTP 302
  • https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
homeport.rccl.com/myhr-app-by-successfactors/
Redirect Chain
  • https://links.royal-caribbean-cruises.mkt5894.com/ctt?ms=MzQ0ODU0MDIS1&kn=6&r=NTI4MTA3NTM3NDYyS0&b=0&j=MjI2MzUwMTIyOAS2&mt=1&rt=0
  • https://homeport.rccl.com/myhr-app-by-successfactors/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://homeport.rccl.com/myhr-app-by-successfactors/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.183.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-173.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.29 / PHP/7.4.29
Resource Hash
335600335e4a8b9f5819fd34536a153f9fd9ad900dc92b1bbb2173f612bc04a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
818
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 17:46:59 GMT
expires
Thu, 09 Mar 2023 17:46:59 GMT
pragma
no-cache
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.29
vary
Accept-Encoding
x-powered-by
PHP/7.4.29

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 09 Mar 2023 17:46:58 GMT
Location
https://homeport.rccl.com/myhr-app-by-successfactors/
Server
Apache
Via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
X-Amz-Cf-Id
0fP1-6stEA5oI_PP5pNmXD9o_D1sHOWg2hiQdUOAwVKjX_ACNT6eHg==
X-Amz-Cf-Pop
AMS1-P1
X-Cache
Miss from cloudfront
pintra-redirect.js
homeport.rccl.com/wp-content/plugins/wpo365-login-intranet//apps/dist/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://homeport.rccl.com/wp-content/plugins/wpo365-login-intranet//apps/dist/pintra-redirect.js?v=9.5
Requested by
Host: homeport.rccl.com
URL: https://homeport.rccl.com/myhr-app-by-successfactors/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.183.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-173.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.26 /
Resource Hash
9f2fee4b3811e884bd9258a59b96bc6b22bf857b28dcb462925fc0aecb4e33b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://homeport.rccl.com/myhr-app-by-successfactors/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:46:59 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 01:23:34 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.26
etag
"3bd0-5d2ac747c6f4d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2940
accept-ranges
bytes
content-length
5734
expires
Thu, 09 Mar 2023 18:35:59 GMT
/
login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/
Redirect Chain
  • https://homeport.rccl.com/myhr-app-by-successfactors/?cb=31841742-dc48-46f4-b832-567b59e56841
  • https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fh...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://homeport.rccl.com
Referer
https://homeport.rccl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55302
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Mar 2023 17:47:00 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14711.7 - NCUS ProdSlices
x-ms-request-id
12a3731c-a668-4f54-b764-f08c58bdd000

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
1
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 17:47:00 GMT
expires
Thu, 09 Mar 2023 17:47:00 GMT
location
https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com
pragma
no-cache
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.29
x-powered-by
PHP/7.4.29
x-redirect-by
WordPress
Primary Request /
login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/ 		201 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3a6bdde05bae9bf7b586bb5d729472ee334ea3b2eb1c11eed359a53815c3637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
51723
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Mar 2023 17:47:00 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14711.7 - WUS2 ProdSlices
x-ms-request-id
9fb6f4b1-1395-414e-a5ed-85e3ab5dbb00
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		401 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BE) /
Resource Hash
eaf3c71b1eecb542a9849e8ce2df652273e88bd5a4775d7ad1334ee552dca7f6

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
6UgQXIgpbkFh1Jukb6baFQ==
age
3273675
x-cache
HIT
content-length
114017
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 18:23:07 GMT
server
ECAcc (ama/48BE)
etag
0x8DAFFCA5F26C549
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
044bff61-601e-0097-70e9-348124000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
5f5fbee72883732799d75f6c08679ed8a6e769ae4f3afdcd3721103a481afa80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
todPgSbCBNAfnMYQ5LVdvw==
age
3623848
x-cache
HIT
content-length
32188
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 00:32:12 GMT
server
ECAcc (ama/48F4)
etag
0x8DAFF34C449D50E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b325944c-b01e-0016-36b9-31876c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
7834582
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (ama/48D6)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a8ff09ea-801e-0082-326d-0b2bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4896) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
o1/rFbsTFiIvaHxjFATcuQ==
age
4075954
x-cache
HIT
content-length
15221
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 23:28:28 GMT
server
ECAcc (ama/4896)
etag
0x8DAF9ABB3FCF196
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fd679b7e-501e-0061-6d9d-2da27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48EE) /
Resource Hash
2db2f2ea915f4423171358be6337a68b5b3ed82c63bf3d02433ad4a5046c566a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
9GQ+Rbv+K66xwlL4OWRpYA==
age
3547440
x-cache
HIT
content-length
5527
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 00:32:12 GMT
server
ECAcc (ama/48EE)
etag
0x8DAFF34C498105D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d9b4b29e-601e-003c-6f6b-32d37f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
7834579
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/48B2)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7f4aa7f7-d01e-0006-336d-0b3844000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4894) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
7834579
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/4894)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
996a1b1c-501e-008f-5d6d-0b1923000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/dbd5a2dd-ggh2thna6skjyntf2-8wdenijgsv7p3iqbp-fgv6jp4/logintenantbranding/0/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-ggh2thna6skjyntf2-8wdenijgsv7p3iqbp-fgv6jp4/logintenantbranding/0/illustration?ts=637590177723987157
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8813c157b7b42bbdb02ecd3eb81cd0d2c838e884db3f0829be0ea1fb3e64301d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
last-modified
Fri, 11 Jun 2021 14:16:12 GMT
x-azure-ref-originshield
0J6cJZAAAAADQ/O8XSl9dTpYk8fXz4cr5RlJBMjMxMDUwNDE4MDI5ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5
XcOoiSJjgEDWQ2RpD6MiNA==
etag
0x8D92CE377C37E95
vary
Origin
x-cache
TCP_HIT
content-type
image/*
x-azure-ref
0lRsKZAAAAAB9mrGS18JpToBSLVSsk6P7RlJBMzFFREdFMDMyMAA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id
7dae13b7-f01e-0047-3b01-523b8f000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
184524
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-ggh2thna6skjyntf2-8wdenijgsv7p3iqbp-fgv6jp4/logintenantbranding/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-ggh2thna6skjyntf2-8wdenijgsv7p3iqbp-fgv6jp4/logintenantbranding/0/bannerlogo?ts=637590177744853380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
289c69017f7eeac0f3c41bed0ede8c2e8317b571f3bee9bfadd37d85b4ada48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
last-modified
Fri, 11 Jun 2021 14:16:14 GMT
x-azure-ref-originshield
0Ul0JZAAAAAAGOSEyISpDQZkKghZnp/a1RlJBMjMxMDUwNDE4MDI5ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5
1cx3qjAluYn6Chk+xZSkKQ==
etag
0x8D92CE378ECDDBB
vary
Origin
x-cache
TCP_HIT
content-type
image/*
x-azure-ref
0lRsKZAAAAAAgbaCUlRl8RoL/SBpkZqWhRlJBMzFFREdFMDMyMAA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id
ed124783-801e-0061-2429-52a03b000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
3640
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
7834579
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/48B2)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7f4aa7f7-d01e-0006-336d-0b3844000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4894) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
7834579
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/4894)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
996a1b1c-501e-008f-5d6d-0b1923000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/rccl.com/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/rccl.com/winauth/ssoprobe?client-request-id=ea3b9dd3-4a63-48a6-99a9-6da96dde3796&_=1678384021387
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:d0::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:47:01 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
42193ff6-4279-4d51-a1c5-1921458bb700
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14711.7 - SCUS ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
42d0818e6de57a0f68740fea9316d4b778a55b957a59148e5e2b1dea4f592311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
9fb6f4b1-1395-414e-a5ed-85e3ab5dbb00
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
client-request-id
ea3b9dd3-4a63-48a6-99a9-6da96dde3796
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevrMhCLn2JKGoJGhexQdZ_-FmdbeNc7e_KKnrJfS4B2tFrffYbJKUqXB956xFDmRK20g326J2ixdpyCPmrUhnRPFEAFmdnpbSI9tajIwEqjWzvGmIHpFT6Hv8L16vTbAlJC5qkv8zlzTQe57O7iopuvp3Y7JA47it4CmTrdb8AXjgzw0s3s86bWwkm8SoaBapeG7S7CnYODupeo92Rl0TRP4yAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
hpgact
1800

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 09 Mar 2023 17:47:01 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
ea3b9dd3-4a63-48a6-99a9-6da96dde3796
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
9d38f742-c690-4240-97ca-b26d8088bf00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14711.7 - WUS2 ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E4) /
Resource Hash
2516ef9d75f7088bea081c0b2cf357d4e0055ca3a508972247346e5ee5828400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
SxsaXa39nTRc5WmIHM+/cw==
age
3623847
x-cache
HIT
content-length
35791
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 00:32:14 GMT
server
ECAcc (ama/48E4)
etag
0x8DAFF34C5641B4D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9caeac8c-901e-0088-2bb9-3101ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:01 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
7834581
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (ama/48C2)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fbad164b-e01e-0092-046d-0b9485000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D6) /
Resource Hash
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:06 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
7834587
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (ama/48D6)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a8ff09ea-801e-0082-326d-0b2bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		52 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1caa43b8-bf09-48b6-9b3c-bd5a56fec019/oauth2/v2.0/authorize/?client_id=3537edaa-8ec8-4344-befe-2574ef198396&response_type=id_token+code&redirect_uri=https%3A%2F%2Fhomeport.rccl.com%2F&response_mode=form_post&scope=openid+email+profile&state=https%3A%2F%2Fhomeport.rccl.com%2Fmyhr-app-by-successfactors%2F&nonce=eyJub25jZSI6IjY0MGExYjk0MmI0NDI5LjQzNzQ1MjgyIiwiZXhwaXJlcyI6MTY3ODQwNTYyMH0%3D&domain_hint=rccl.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4896) /
Resource Hash
547b8e0b612e421a2643c84087c2e09726ad3a846c3646e061f59493770f835a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 09 Mar 2023 17:47:06 GMT
content-encoding
gzip
content-md5
o1/rFbsTFiIvaHxjFATcuQ==
age
4075959
x-cache
HIT
content-length
15221
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 23:28:28 GMT
server
ECAcc (ama/4896)
etag
0x8DAF9ABB3FCF196
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fd679b7e-501e-0061-6d9d-2da27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_80e93b9a4cb13643afca boolean| __convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7 boolean| __convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3

16 Cookies

Domain/Path Name / Value
.rccl.com/ Name: ak_bmsc
Value: 0619992EEF3AEDFD75C8D18D99D63A66~000000000000000000000000000000~YAAQhF5swXjHS8aGAQAA9bh7xxOM8+rLQ39gcv0gj0xwFSsA65xx1/5I4Uv3kudxc/VniwqCAJ8kInLL4IRaMlrvwjlI0Ful+85HSOZIIZMO4sJWGuuqkV1n+lljdsdmqc1q/ufE8utttjXdRnT+THIZqhsfd69eZnlNU3dW4Wk4yA/nJ0z93z0x8CEqIaFop2IXUAEGLBeeodsYJp/Z5sKEtpvDmedF/TkPsma9ggAGBfcVqO0F3Yp8Sf18X7cngonPYjanbsEZWfWWULQInOWPH/gZ8+gks1PZV5tX/avcSKJldfae7BMrv6/RzZkbAaet9KnlHLkxX8vH5d+DRP5ad/ty0qKt7gtKSd8WtZNMGwzVyF67KRbSDce2b58LvkFwUyGIrIg=
homeport.rccl.com/ Name: ADRUM_BT
Value: R%3A53%7Cg%3Adce9c003-9572-49f4-81fc-4e78f1927636112%7Cn%3Aroyalcaribbeancruises-prod_72acb322-e294-4f38-bdc9-151a4f93a213%7Ci%3A6940536%7Cd%3A295%7Ch%3Ae%7Ce%3A662
.rccl.com/ Name: bm_sv
Value: 9A623DD6806BC9A48095B8B7CD119754~YAAQhF5swZTHS8aGAQAADLt7xxOJl2FsjlWFXrH2YZNBmDg4RzAEQ9kd80UswGRNkWO9uZUAS4lfY5czkNOeZNzkQOgKAnbH/tsH/9Yt+22wv1kL2eIBXzkVZrVVIfe0ZdM4xB/3bAFVz2upw/ZExbNyTtB90IB9bphkFOXNZYdpJx4AybJkmb7DcyskaOtOZ0NzdFziDD8iQvU02U1ffMI0IkH46YNNSY08+5ieLGFZLoox1d3BjueH7SF5yA==~1
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AS0AuEOqHAm_tkibPL1aVv7AGartNzXIjkRDvv4ldO8Zg5YtAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrOFOGeZxBimO2y9i41kdVXpBGdyGvxi2usQO1d89rTanmiBaRl6NZfzvZpyugMZVWlKJ6KEvHc63yh0LsEppdqDNm7PtggBbnjubWTvmIXSQgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrzncgTBRftjfNHVo5A0X8UBk3KvoZgyGHEEkAzkgpTQPRqxz37UpPBiY-xG_2uduA6WeWGUIIKvVPcK3lhLkCwcJGmaYLRUpdF8BNkFON55fQNMr9_RLXQ4C5mf7sPWTvHny0PxP0cU6hbpcyRiOWN3EMNrIC9KVrTwlfmTNgHhKZoEX-H1W_B7iSxnQUNV5lvVTv7jz5vDtHzoEyEFCr1pQ3CXVqqCRbT0HwNvEpSb9-HiZd-Yv-E1Gox-wIpFFR3oJVjQi3q2x7SSrS1xKYCJruY69zP5HadD2AuMoG8QEgAA
login.microsoftonline.com/ Name: fpc
Value: AjRtI0DqMiFNnwzY4qoqxr-zWKYqAQAAAJQSnNsOAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: e81f4c200a654f209a02c34d6f2de4bd
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1678384021&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AsAsDeJOZ5lMugkKn9R9OhM
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/rccl.com/winauth/ssoprobe?client-request-id=ea3b9dd3-4a63-48a6-99a9-6da96dde3796&_=1678384021387
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
homeport.rccl.com
links.royal-caribbean-cruises.mkt5894.com
login.live.com
login.microsoftonline.com
152.199.23.37
18.65.39.110
2.17.183.173
20.190.159.4
20.190.159.73
2603:1026:3000:d0::9
2620:1ec:4f:1::45
2516ef9d75f7088bea081c0b2cf357d4e0055ca3a508972247346e5ee5828400
289c69017f7eeac0f3c41bed0ede8c2e8317b571f3bee9bfadd37d85b4ada48f
2db2f2ea915f4423171358be6337a68b5b3ed82c63bf3d02433ad4a5046c566a
335600335e4a8b9f5819fd34536a153f9fd9ad900dc92b1bbb2173f612bc04a7
42d0818e6de57a0f68740fea9316d4b778a55b957a59148e5e2b1dea4f592311
547b8e0b612e421a2643c84087c2e09726ad3a846c3646e061f59493770f835a
5f5fbee72883732799d75f6c08679ed8a6e769ae4f3afdcd3721103a481afa80
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8813c157b7b42bbdb02ecd3eb81cd0d2c838e884db3f0829be0ea1fb3e64301d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492
9f2fee4b3811e884bd9258a59b96bc6b22bf857b28dcb462925fc0aecb4e33b9
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d3a6bdde05bae9bf7b586bb5d729472ee334ea3b2eb1c11eed359a53815c3637
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf3c71b1eecb542a9849e8ce2df652273e88bd5a4775d7ad1334ee552dca7f6