login.live.com
Open in
urlscan Pro
20.190.160.17
Public Scan
Effective URL: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=156&ct=1721879686&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=http...
Submission: On July 25 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 13.107.42.12 13.107.42.12 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 5 | 13.107.139.11 13.107.139.11 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
59 | 2a02:26f0:350... 2a02:26f0:3500:c::5c7b:683e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a02:26f0:480... 2a02:26f0:480:9a5::33e7 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2620:1ec:42::132 2620:1ec:42::132 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.160.17 20.190.160.17 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 20.50.73.9 20.50.73.9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
84 | 9 |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: 1drv.ms
1drv.ms | |
api.onedrive.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onedrive.live.com |
ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net |
ASN20940 (AKAMAI-ASN1, NL)
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
59 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 606 |
1 MB |
6 |
msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 6694 |
286 KB |
6 |
live.com
2 redirects
onedrive.live.com — Cisco Umbrella Rank: 947 login.live.com — Cisco Umbrella Rank: 37 Failed |
174 KB |
4 |
onedrive.com
api.onedrive.com — Cisco Umbrella Rank: 2246 |
2 KB |
2 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 144 Failed |
760 B |
2 |
sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 4344 |
67 KB |
1 |
office.com
ecs.office.com — Cisco Umbrella Rank: 21 |
978 B |
1 |
1drv.ms
1 redirects
1drv.ms — Cisco Umbrella Rank: 34644 |
337 B |
84 | 8 |
Domain | Requested by | |
---|---|---|
59 | res-1.cdn.office.net |
onedrive.live.com
res-1.cdn.office.net |
6 | logincdn.msauth.net |
login.live.com
logincdn.msauth.net |
5 | onedrive.live.com | 2 redirects |
4 | api.onedrive.com |
res-1.cdn.office.net
|
2 | browser.events.data.microsoft.com |
logincdn.msauth.net
|
2 | static2.sharepointonline.com |
res-1.cdn.office.net
|
1 | login.live.com |
res-1.cdn.office.net
|
1 | ecs.office.com |
res-1.cdn.office.net
|
1 | 1drv.ms | 1 redirects |
84 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
onedrive.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-03-29 - 2025-03-24 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2024-02-20 - 2025-02-20 |
a year | crt.sh |
storage.live.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-01-04 - 2024-12-29 |
a year | crt.sh |
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA |
2024-07-01 - 2025-07-01 |
a year | crt.sh |
ecs.office.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-25 - 2025-06-20 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-07 - 2025-06-02 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-03-30 - 2025-03-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=156&ct=1721879686&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1031&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1
Frame ID: 249C85D2965EE5E166DD2434B925163E
Requests: 81 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Microsoft-Konto anmeldenPage URL History Show full URLs
-
https://1drv.ms/u/s!AkrJ7qHxfJavc3CdXT3fqEmEmzM?e=6IBZxj
HTTP 301
https://onedrive.live.com/redir?resid=AF967CF1A1EEC94A!115&authkey=!AHCdXT3fqEmEmzM&e=6IBZxj HTTP 302
https://onedrive.live.com/?id=AF967CF1A1EEC94A!115&resid=AF967CF1A1EEC94A!115&authkey=!AHCdXT3fqEmEmzM... Page URL
-
https://onedrive.live.com/_forms/default.aspx?ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3DAF967CF...
HTTP 302
https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=156&ct=1721879686&rver=7%2E5%2E2146%2E0&wp=M... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Impressum
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://1drv.ms/u/s!AkrJ7qHxfJavc3CdXT3fqEmEmzM?e=6IBZxj
HTTP 301
https://onedrive.live.com/redir?resid=AF967CF1A1EEC94A!115&authkey=!AHCdXT3fqEmEmzM&e=6IBZxj HTTP 302
https://onedrive.live.com/?id=AF967CF1A1EEC94A!115&resid=AF967CF1A1EEC94A!115&authkey=!AHCdXT3fqEmEmzM&cid=af967cf1a1eec94a Page URL
-
https://onedrive.live.com/_forms/default.aspx?ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3DAF967CF1A1EEC94A%2521115%26cid%3Daf967cf1a1eec94a%26authkey%3D%2521AHCdXT3fqEmEmzM&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3DAF967CF1A1EEC94A%2521115%26cid%3Daf967cf1a1eec94a%26authkey%3D%2521AHCdXT3fqEmEmzM&ReturnUrl=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3DAF967CF1A1EEC94A%2521115%26cid%3Daf967cf1a1eec94a%26authkey%3D%2521AHCdXT3fqEmEmzM
HTTP 302
https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=156&ct=1721879686&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1031&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://1drv.ms/u/s!AkrJ7qHxfJavc3CdXT3fqEmEmzM?e=6IBZxj HTTP 301
- https://onedrive.live.com/redir?resid=AF967CF1A1EEC94A!115&authkey=!AHCdXT3fqEmEmzM&e=6IBZxj HTTP 302
- https://onedrive.live.com/?id=AF967CF1A1EEC94A!115&resid=AF967CF1A1EEC94A!115&authkey=!AHCdXT3fqEmEmzM&cid=af967cf1a1eec94a
- https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1721879686068 HTTP 302
- https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=156&ct=1721879686&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
84 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
onedrive.live.com/ Redirect Chain
|
227 KB 157 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
30f81ea6-3749-43ac-bdc9-3e29ffcc9cef
https://onedrive.live.com/ |
549 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odbfavicon.ico
onedrive.live.com/_layouts/15/images/ |
8 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.listviewdataprefetch.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
271 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initial.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/de/ |
86 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
25.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
70.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
113.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
35.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
127.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
37 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
86.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
164.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
68.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
426 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
484 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
303 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
115 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
177.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
55 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
192.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
173.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
324.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
497 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odclightspeed-b10aaea8.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
371 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
children
api.onedrive.com/v1.0/drives/af967cf1a1eec94a/items/AF967CF1A1EEC94A!115/ |
259 B 736 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
AF967CF1A1EEC94A!115
api.onedrive.com/v1.0/drives/af967cf1a1eec94a/items/ |
259 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
deferred.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/de/ |
99 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
28.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
59.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
52 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
62.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
82.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
60.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
91.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
64 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
63.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
67.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
92.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
95.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
100.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
668 KB 133 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
onedrive-font-face-definitions.css
res-1.cdn.office.net/files/fabric-cdn-prod_20240610.001/onedrive-assets/ |
14 KB 798 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ondemand.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/de/ |
461 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
98.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
360.js
res-1.cdn.office.net/files/odsp-web-prod_2024-07-05.008/odclightspeedwebpack.manifest/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneshell
res-1.cdn.office.net/shellux/api/shellbootstrapper/consumer/ |
142 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
odsp-next-icons-ca40a04c.woff
res-1.cdn.office.net/files/sp-client/odsp-media-f1f8c08f/fluenthybridfont/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
31 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odbfavicon.ico
onedrive.live.com/_layouts/15/images/ |
8 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
de-de
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ |
30 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
shellstrings.27af03e96b92839403e8ab12bc63b188.json
res-1.cdn.office.net/shellux/de/ |
18 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suiteux.shell.responsive.a71dc6c18716fd3c4d2b.js
res-1.cdn.office.net/shellux/ |
50 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suiteux.shell.consappdata.703c8138bf4124ed0030.js
res-1.cdn.office.net/shellux/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suiteux.shell.core.ced8e362dc43580ea9be.js
res-1.cdn.office.net/shellux/ |
266 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.0.0.0
ecs.office.com/config/v1/OneShell/ |
347 B 978 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suiteux.shell.plus.9e804d0c24ada17c977c.js
res-1.cdn.office.net/shellux/ |
206 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
children
api.onedrive.com/v1.0/drives/af967cf1a1eec94a/items/AF967CF1A1EEC94A!115/ |
259 B 379 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
AF967CF1A1EEC94A!115
api.onedrive.com/v1.0/drives/af967cf1a1eec94a/items/ |
259 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suiteux.shell.otellogging.c0bad8778d2f46e94272.js
res-1.cdn.office.net/shellux/ |
103 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suiteux.shell.mast.94adc5cffc7832893ab0.js
res-1.cdn.office.net/shellux/ |
136 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login.srf
login.live.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.srf
login.live.com/ Redirect Chain
|
28 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_de_soh7uksZLPMiY9SFIXnNkA2.js
logincdn.msauth.net/shared/5/js/ |
911 KB 231 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneds-analytics-js_4ecfccb39394ecbf4380_de.js
logincdn.msauth.net/shared/5/chunks/ |
89 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msauth.net/shared/5/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19d.svg
logincdn.msauth.net/shared/5/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
logincdn.msauth.net/16.000.30275.14/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin_options_4e48046ce74f4b89d450.svg
logincdn.msauth.net/shared/5/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 760 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.live.com
- URL
- https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=156&ct=1721879686&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| PROOF object| ServerData function| $Loader object| g_dtFirstByte function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime object| __dynProto$Gbl17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.live.com/ | Name: E Value: P:yDanhF2s3Ig=:ZgBCeY/34wZXzHUsLfT/3x+bMfRf0UBj6TYbL7ZaHmo=:F |
|
.live.com/ | Name: xid Value: 7c3be7b7-aa69-4732-a820-60aa4278158f&&ODSP-ODWEB-ODCF&249 |
|
.live.com/ | Name: xidseq Value: 1 |
|
.live.com/ | Name: wla42 Value: |
|
onedrive.live.com/ | Name: FeatureOverrides_experiments Value: [] |
|
onedrive.live.com/ | Name: ShCLSessionID Value: 1721879685810_0.23357799544626512 |
|
.login.live.com/ | Name: MSCC Value: 45.141.152.74-DE |
|
onedrive.live.com/ | Name: RpsContextCookie Value: UHJldmlvdXNSZXF1ZXN0Q29ycmVsYXRpb25JZD0zY2EzM2ZhMSUyRGIwNzAlMkQ5MDAwJTJEYTJhNSUyRDcwN2U4YzRkNDcxYyZSZXR1cm5Vcmw9aHR0cHMlM0ElMkYlMkZvbmVkcml2ZSUyRWxpdmUlMkVjb20lMkYlM0ZpZCUzREFGOTY3Q0YxQTFFRUM5NEElMjUyMTExNSUyNmNpZCUzRGFmOTY3Y2YxYTFlZWM5NGElMjZhdXRoa2V5JTNEJTI1MjFBSENkWFQzZnFFbUVtek0= |
|
.login.live.com/ | Name: uaid Value: 49d82993045046b3ae444a982178dc4f |
|
.login.live.com/ | Name: MSPRequ Value: id=250206<=1721879687&co=0 |
|
.login.live.com/ | Name: MSPOK Value: $uuid-2a3b07ea-606f-4ae5-8e44-30fd97927c62$uuid-77c4453d-fe19-4663-8b61-44afc2a428a5 |
|
.login.live.com/ | Name: OParams Value: 11O.Dln8TEufZfugWhI0DWWN5vSpnvtsNSX!QiO*ddlv9TcnBAtuouJzyWFbWlqks6VZp8T5FX6yBJ2ko55VL82afXBdNJUQ5AH0QmTxQI2EQ1QRJdPieDDrJICxRVoFmFDeo5kv1H*wj1UzppMJKmQTtSDZ72y3GafGPIw7EdXY0Pn0ovwYX6N3dWac6r*35BCVTOLu3*wUW!QiNtUIdmgBp1VYzQc6ZAjFAIID66y9nfC*oIxv2q2WTYK4O9lLonhP*tttaJKhOlFRjRpfamnYiTlfZ8oZS1cK7F2LBGRyHTG737hJBOaCHZUAnRc8N6I4xxAFaJifylEkgkV5cpBIv8!f90n47chJ*7ThSYsy41lGwRZ!VS01X9uc9kM3A3pKBy0H46CapnXZ7lyRLSJgkmq8!x4VALs8UTJZ6gFWvE0AJJAPJZY0MtQkwDbshxanUD9gt7CmvjppoFEciaNc4lsqbnb4tAsvxROTfQBVn!ZUepIf9ko!LzkQ23EulAsOStUVM4H6hehi33yjWBE!2AGivNfrDJgGdjlq*VtqNDa6MIA54O4dYW9sGh6!ToShKIdAhmayFMVXwdOWsOkSJa8$ |
|
login.live.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: a1350e94-5842-43f8-9046-6c90a9a5f278 |
|
login.live.com/ | Name: ai_session Value: GCh1mUxSgw1aViKIKpO/+Y|1721879687580|1721879687580 |
|
.microsoft.com/ | Name: MC1 Value: GUID=c3c83e556e79430eb01f3a5e3320363a&HASH=c3c8&LV=202407&V=4&LU=1721879690016 |
|
.microsoft.com/ | Name: MS0 Value: 8c220c0898744cc4a4c6d5a806df1607 |
|
login.live.com/ | Name: MSFPC Value: GUID=c3c83e556e79430eb01f3a5e3320363a&HASH=c3c8&LV=202407&V=4&LU=1721879690016 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' sentry.contentvalidation.com sentry.ppe.contentvalidation.com sentry.int.contentvalidation.com frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com; |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1drv.ms
api.onedrive.com
browser.events.data.microsoft.com
ecs.office.com
login.live.com
logincdn.msauth.net
onedrive.live.com
res-1.cdn.office.net
static2.sharepointonline.com
browser.events.data.microsoft.com
login.live.com
13.107.139.11
13.107.42.12
20.190.160.17
20.50.73.9
2620:1ec:42::132
2620:1ec:bdf::45
2a02:26f0:3500:c::5c7b:683e
2a02:26f0:480:9a5::33e7
02e937d87940ea734a8f521fcf70f9af9f94725cf0176ea65e025bc9bb3d0b0a
0376802dce294d65710457f0a1c5ca79cde4cb621ada60bc24784cf759e9ff2f
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
052a4690d7b87c14e25867964d02fd58d8a0df3d81b1f4b47b76b3104092a698
086a5e715c8d5e88d94afc6486ee172305e73ce37d4a5678be43cfcc19a69b30
0af30557de5741f85e2203acff00229a27a0af9457da8170c06170bf606811b7
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0ecf1f615fee9bf1518141743beba04642916fe7e5937b6ac22be5da0f30df33
11010e5a207c6516427803ba127b9c3b0777d48adf36f1283e5f6790f70293d8
11f533e1ba13acc6cf21884c08dd99389d57bddd36257fb0366f75639933da70
121f5a84a33681580ef511e96cad3e8ffbdba3f832bef18549f33ee4379cd89a
1694551e6f852ec531d8b074a95beb404044f257d25e53fdfcd362ca3887926f
1ab1a673806b8899c110b76285d2e27de7b9b5204fa5c3ebbad954b7665ec283
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
24638331466a52bb66f912090e7a9cc9e3df2236e39c187c9409104526b472b0
2d6c231e9cf799f0c2e51eeeff389a6cf412c28a30a199f78b6c8e0fbcd3aba8
302d2ee0f56df3e8b7ffc10aa5c2b51718b752f885185e26b417694d1e46c635
318832248686a7ba5465a28eea2933e6e0355d22a22cec8944480db4fb59bc99
32cc5cb37bd62449afb275ea487c35be506724d844bb6bbbbc3816cf3fe9315c
32cc92a2d94cde307dc74c6f00cdc170515a9ba28b62e341ed2a8141dd1dd9e7
345c56bab2c636bfe7b81b29b350331a6a5adb7b6fc1b603dc0f3a3bc74eedc3
37f718e064c841758a69a505a7f7b6c37c35bb4cfe00921211e7df096a8a37f0
3962fed7d3f9615a8a177a9b4208a87a7186fb0ca50843f9880483d8a3865931
3c0e6aaf58efdc499d5f948cac11adaa52d6ec409b4de33c43841ff7faddd3c6
420ab5624ef70b52f097b1bbca69821ea6fe23af88561fdf98f08c6516e989f5
43fb2566d5f6b82958ff6e57a89ede20a731a39f793bbeb784ba78d51b3895a9
4789f7e5292debb4a1d2754cd4f3803a9af0abcfce4e60f95f1708a701e2ec9f
4bef7ddd92597d7892cbbddb18b56317e7be559db8ad3256013a738505495ad9
579b241c4422cee3d53ff2f981021899859332a445879cc5ec7d23dfc6366f19
5ece76c1d483f583c0d83b7d65cc4e9cf5ddad327a2caa51ccf4c078866ae5c9
6094d110c276be0de23e84862811d77b6f8de20a234585205d09d3cf1b183b11
69f728091ff2b7536f8b89b0c52dc737d1a342d096d46bcb33ad36f5309ba9bb
78da408991653255ae3232dd351345d740884e07e5d5a18be4f07d505947333e
78e43a7910ff5e97fe6272d9344b9c75353a25bc25373e170fa6e4a2ab80684c
7a02f0ede356ecb7c23e477f2241dead85201658a2414d14df262e8afca13363
7b01cc48d2d2c2c00be5d5e909bf782a80c87fca9e0e6e16adc5bfc9bf33652f
8391bb8d595914f26a3a5a252f7361331145b8aee11c0db3694dc0cc2612ddc6
83bcc9b8c60a261c9bd5045e3b0e026349662b6a1266999a5c5689ca2093b1bd
843f8d96ba6c5883277dbf020cb8f8560fa14ee44cc846f74f27cc590a6c7365
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8ec948b2520338a7e73be2815236415d1b76c6db7f10eef37a6484f9356b1b3a
8fc9e3d95566966afd16c726defa90826dbaf2dbb17ee3275a18b6e2764b5c19
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
95f7b427c36f653c4a9193f1b97fc1be66eba7397ed8533edf6979a1baafa76f
9d7dfaf4e4b1833c444833730c757419038540694de03b2084b4414b84f35c0f
a31b3bbca69f2c69edc0d06eec2803a780de0476da25f82a9baf9fac1f684766
a4c0b2f648f717730327ef68813f0f18421d2d58108ffc722c671514899794d9
a64ba8e3b2652c6a77a5503f9cdd147eb647b2d0c05690a99ec115be5bff90bc
a79c3a687e08126c7314230e59e97c019d1e0e984049f1e8cf58528512719bf3
a8642af77410f9d023e4d118df61cbc44b15f68240a5f4e3cc828b7f9234f8e4
a9958fe609dbb7c9106c118b58db761da5f6eb8f2179c4217b6051b31ec6ffbc
b170ef3783a6605f97dd54b7e2fd51cd96ea421e9ea48945e4c7faee550f298d
b3b48475d47f609274e1af2a31bb6862295250eeb3e9a78c585d619921c3cc5a
b3ea750d2f28d820bfb2768ab7840727cb84fed1d74ace5b0e0f1ee70997f35b
b842a72f738313c315938e51f94adebf3a0522980db1ced8fdc9996c781c76ef
b8a01308828cf1c9dfb194b9b983b72689d85252206f498a0722928e6ad27810
c1ccdc8dbdbbd93f4c2ba63e868657c0efe3a69a7c4d78ac5e9a2a12d805c58a
c25d95d4b12a2e767bc1e46267e4c22790a971e2aeca4e8b8404f0713502a04a
c2c6fd1dbbbbea5688b427f38d90166aafb50b5266256c64713505179f4f3274
c30aff793ebb8bc24cdabfa270a567faffaf3ba5b8c19cd650376d7a3bfc7844
c96f0c9aaf72cbc9d054226aeafd624eb3ea437da6a7ae6b4742e59ed3d7bdf5
c971f806373a22e0edead6754744995e6d488d5fcf11e5b62b3ceda4c361b349
ca02aece55c009fdacac03a49881e626d7186e05be33a5bb162eef91c48f24c4
d08b1647684a619b7701ad8301c1ade620bd8295859cffd8630d114f14633a66
d1124c2cbcf157dea9c4b813d8bd28adfecc5f2ba484c6fca791cc266004d124
d20a320277fcd93f67c51453bb84bd38db7ef50e3ca5996c167a3c264cde3e34
dad5be84b3801b8a931d0d8ca4e2253c7abbbcb0b3e9d8cd5aa9f9a6ecf694f5
e382196f7ebafaec17fbc0c77bf3b91ac6d754176c69d77edfa778431efc3ebc
e46a8f98bdf831bbdca0057cd9f046e6454c85478bde2202a8faee6bdbf7b683
ebc94100871aa6a6064a413d9287abbc15973d686316ab885634d305aef941b2
f059829f802f1f66d7c38a3435b70b04738b4395de89e9166239e0f133adb61b
f32d774cd91eed092f974b625b55aeaac5c2277008a9a40346457410042d5608
f991130413518d9e2497fd01fa470de7bab6fa4f51724ee3e23491406f33725d
fa740c52b8a38ea50e9b28321cd5a20264a5961ca13f9e4aabf52d4229d6c44e
faa0da1d66987873a8ed101a6ba0bb219d9ff70eff355fed02b3a07191e80431