adfs.senate.qov.info
Open in
urlscan Pro
185.94.191.41
Public Scan
URL:
https://adfs.senate.qov.info/adfs/ls/changepassword.aspx?BrandContextID=65&ruO365=n&ok=vwe3v9jklsertv8wgbccegnivaisjcnemu6jgk...
Submission: On September 26 via manual from US
Submission: On September 26 via manual from US
Summary
This website contacted 8 IPs
in 4 countries
across 8 domains to perform 73 HTTP transactions.
The main IP is 185.94.191.41, located in
Manchester, United Kingdom and
belongs to M247, GB.
The main domain is adfs.senate.qov.info.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 25th 2017. Valid for: a year.
This is the only time adfs.senate.qov.info was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 25th 2017. Valid for: a year.
This is the only time adfs.senate.qov.info was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 55 | 185.94.191.41 185.94.191.41 | 9009 (M247) (M247) | |
| 6 | 2a02:26f0:122... 2a02:26f0:122:381::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2a02:26f0:122... 2a02:26f0:122:396::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 2a01:111:f100... 2a01:111:f100:a004::bfeb:8872 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 4 | 2a01:111:f100... 2a01:111:f100:a000::5ef5:581c | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 2 | 40.68.244.24 40.68.244.24 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 1 | 40.115.1.44 40.115.1.44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 73 | 8 |
1
2a01:111:f100:a004::bfeb:8872
(United Kingdom)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| suite.office.net |
4
2a01:111:f100:a000::5ef5:581c
(United Kingdom)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| clientlog.portal.office.com |
2
40.68.244.24
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| account.activedirectory.windowsazure.com |
1
40.115.1.44
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| browser.pipe.aria.microsoft.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 55 |
qov.info
adfs.senate.qov.info |
943 KB |
| 7 |
office365.com
r1.res.office365.com |
235 KB |
| 4 |
office.com
clientlog.portal.office.com |
3 KB |
| 2 |
windowsazure.com
account.activedirectory.windowsazure.com |
|
| 1 |
microsoft.com
browser.pipe.aria.microsoft.com |
|
| 1 |
office.net
suite.office.net |
2 KB |
| 0 |
microsoftonline.com
Failed
login.microsoftonline.com Failed |
|
| 0 |
webtrends.com
Failed
m.webtrends.com Failed |
|
| 73 | 8 |
| Domain | Requested by | |
|---|---|---|
| 55 | adfs.senate.qov.info |
adfs.senate.qov.info
|
| 7 | r1.res.office365.com |
adfs.senate.qov.info
r1.res.office365.com |
| 4 | clientlog.portal.office.com |
adfs.senate.qov.info
|
| 2 | account.activedirectory.windowsazure.com |
adfs.senate.qov.info
|
| 1 | browser.pipe.aria.microsoft.com |
r1.res.office365.com
|
| 1 | suite.office.net |
r1.res.office365.com
|
| 0 | login.microsoftonline.com Failed |
adfs.senate.qov.info
|
| 0 | m.webtrends.com Failed |
adfs.senate.qov.info
|
| 73 | 8 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.office.com |
| g.microsoftonline.com |
| portal.office.com |
| answers.microsoft.com |
| www.microsoft.com |
| rferl-my.sharepoint.com |
| login.microsoftonline.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| adfs.senate.qov.info COMODO RSA Domain Validation Secure Server CA |
2017-09-25 - 2018-09-25 |
a year | crt.sh |
| *.res.outlook.com Microsoft IT SSL SHA2 |
2016-12-19 - 2018-04-19 |
a year | crt.sh |
| suite.office.net Microsoft IT SSL SHA2 |
2016-08-09 - 2018-04-09 |
2 years | crt.sh |
| clientlog.portal.office.com Microsoft IT SSL SHA2 |
2016-03-02 - 2018-03-02 |
2 years | crt.sh |
| *.activedirectory.windowsazure.com Microsoft IT TLS CA 5 |
2017-09-14 - 2019-09-14 |
2 years | crt.sh |
| *.pipe.aria.microsoft.com Microsoft IT TLS CA 1 |
2017-09-06 - 2019-09-06 |
2 years | crt.sh |
This page contains 15 frames:
Primary Page:
https://adfs.senate.qov.info/adfs/ls/changepassword.aspx?BrandContextID=65&ruO365=n&ok=vwe3v9jklsertv8wgbccegnivaisjcnemu6jgks34&changpass&formdir=1
Frame ID: 18005.1
Requests: 55 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource.html
Frame ID: 18005.2
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(1).html
Frame ID: 18005.3
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(2).html
Frame ID: 18005.4
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(3).html
Frame ID: 18005.5
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(4).html
Frame ID: 18005.6
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(5).html
Frame ID: 18005.7
Requests: 2 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(6).html
Frame ID: 18005.8
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(7).html
Frame ID: 18005.9
Requests: 2 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/saved_resource(8).html
Frame ID: 18005.10
Requests: 1 HTTP requests in this frame
Frame:
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=2462ea2c-a5cf-44d0-946f-ffc63c0e4092&protectedtoken=true&prompt=none&login_hint=kyle_simpson%40mccaskill.senate.gov&nonce=636420325438334698.daf90abd-be1a-427e-bdc6-c3448e47a10d&state=1U5BbsIwEAzlLeGWEGJjwgFVbRFSL21VxLna2Jtgktip7Tjw1b6mpmolvlBpd3Z2pNmdSRRF09B3oSdZgGjFCKN5RvIlJQUhlK2LVEC1zqAUSYkLSGi-wqQUnCWcUFogXcEiE5Pg_ZrO9Qjz_SAd7tF4yfHN6PMlBduf7-2NfLBoXqDDTXNp8cPKrrdaxTTrOAfbyLZNLSpwmNbaz26N7-gGow6m3Ryd621MHuJ8FwpEZf88n9qnUlX6Vw6jvQI_gqqxB2tHbcRPppjsHg0o8aSVw7N73sZky5ZxzszwSgIhWxUW3QTiRyR-fWrakNz5YqxLzrFW0oO0J66wG9ipbiyhwfDz6foo8EqbTkgTLixm5h-H_wY
Frame ID: 18005.11
Requests: 1 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/SuiteServiceProxy.html
Frame ID: 18005.12
Requests: 2 HTTP requests in this frame
Frame:
https://adfs.senate.qov.info/adfs/ls/Changepassword_files/SuiteServiceProxy(1).html
Frame ID: 18005.13
Requests: 2 HTTP requests in this frame
Frame:
https://account.activedirectory.windowsazure.com/1.0.0.1922/Chrome/en-US/css/O365NavbarStyleOverrides.css
Frame ID: 18005.19
Requests: 1 HTTP requests in this frame
Frame:
https://account.activedirectory.windowsazure.com/1.0.0.1922/Chrome/en-US/css/ChangePassword.css
Frame ID: 18005.21
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
- url /\.aspx(?:$|\?)/i
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
- url /\.aspx(?:$|\?)/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://www.office.com/?auth=2&home=1&from=ShellLogo
Title: Office 365
Title: Office 365
Search URL Search Domain Scan URL
URL: https://g.microsoftonline.com/0AX00en/111
Title: Help
Title: Help
Search URL Search Domain Scan URL
URL: https://portal.office.com/SendSmile?wid=9
Title: Feedback
Title: Feedback
Search URL Search Domain Scan URL
URL: https://answers.microsoft.com/en-US/msoffice
Title: Community
Title: Community
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/online/legal/v2/?docid=13&langid=en-US
Title: Legal
Title: Legal
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/online/legal/v2/?docid=18&langid=en-US
Title: Privacy & cookies
Title: Privacy & cookies
Search URL Search Domain Scan URL
URL: https://rferl-my.sharepoint.com/person.aspx
Title: My profile
Title: My profile
Search URL Search Domain Scan URL
URL: https://portal.office.com/account/
Title: My account
Title: My account
Search URL Search Domain Scan URL
URL: https://login.microsoftonline.com/logout.srf?ct=1506061617&rver=64.4.6456.0&lc=1033&id=501392
Title: Sign out
Title: Sign out
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 61- https://outlook.office365.com/owa/SuiteServiceProxy.aspx?suiteServiceUserName=kyle_simpson%40mccaskill.senate.gov&suiteServiceReturnUrl=https%3A%2F%2Fadfs.senate.qov.info%2Fadfs%2Fls%2Fchangepassword.aspx%3FBrandContextID%3D65%26ruO365%3Dn%26ok%3Dvwe3v9jklsertv8wgbccegnivaisjcnemu6jgks34%26changpass%26formdir%3D1&returnUrl=https%3A%2F%2Fadfs.senate.qov.info%2Fadfs%2Fls%2Fchangepassword.aspx%3FBrandContextID%3D65%26ruO365%3Dn%26ok%3Dvwe3v9jklsertv8wgbccegnivaisjcnemu6jgks34%26changpass%26formdir%3D1 HTTP 302
- https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=2462ea2c-a5cf-44d0-946f-ffc63c0e4092&protectedtoken=true&prompt=none&login_hint=kyle_simpson%40mccaskill.senate.gov&nonce=636420325438334698.daf90abd-be1a-427e-bdc6-c3448e47a10d&state=1U5BbsIwEAzlLeGWEGJjwgFVbRFSL21VxLna2Jtgktip7Tjw1b6mpmolvlBpd3Z2pNmdSRRF09B3oSdZgGjFCKN5RvIlJQUhlK2LVEC1zqAUSYkLSGi-wqQUnCWcUFogXcEiE5Pg_ZrO9Qjz_SAd7tF4yfHN6PMlBduf7-2NfLBoXqDDTXNp8cPKrrdaxTTrOAfbyLZNLSpwmNbaz26N7-gGow6m3Ryd621MHuJ8FwpEZf88n9qnUlX6Vw6jvQI_gqqxB2tHbcRPppjsHg0o8aSVw7N73sZky5ZxzszwSgIhWxUW3QTiRyR-fWrakNz5YqxLzrFW0oO0J66wG9ipbiyhwfDz6foo8EqbTkgTLixm5h-H_wY
73 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
changepassword.aspx
adfs.senate.qov.info/adfs/ls/ |
161 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Shared.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ClientLogService.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
2 KB 631 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PerformanceTracking.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
XmlHttpRequestService.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AjaxService.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
18 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
MasterStyles.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
70 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebResource.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
5 KB 945 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellbootstrapperg2css_2712f627.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
46 B 158 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2coremincss_d05c95b0.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
70 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2corecss_259bd69f.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
100 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
data.themew
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2pluscss_8eba6f8e.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
163 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
o365shellarialogger_3cefa9b2.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
53 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebResource(1).js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
MicrosoftAjaxCombined.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
224 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Button.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PageLayout.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
2 KB 857 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Shell.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
1018 B 588 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1_7_2_min.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
93 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
JSPublicKey.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
804 B 852 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PPRSAEnc.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
16 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellbootstrapperg2_2108f99.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ScriptResource.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DialogManager.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
47 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sscompat.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ImageButton.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
1 KB 515 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebResource(2).js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
3 KB 978 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
GetPersonaPhoto.img
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spinner_24x24.gif
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
738 B 738 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
webcontrols.png
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
76 KB 76 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebTrends.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellcoreming2m_a42712a7.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
72 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2strings_72d74595.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
32 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellcoreprimeg2m_6bed6c50.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
492 KB 150 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellplusg2m_bee5af9e.js
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
1 MB 291 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
data.themew
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
GetPersonaPhoto.img
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellwofficons_2b9c022e.woff
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2coremincss_d05c95b0.css
r1.res.office365.com/o365/versionless/ |
70 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellcoreming2m_a42712a7.js
r1.res.office365.com/o365/versionless/ |
72 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
wtid.js
m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellttficons_3f027954.ttf
adfs.senate.qov.info/adfs/ls/Changepassword_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
dcs.gif
m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource.html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
441 B 448 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(1).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
445 B 451 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(2).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
455 B 455 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(3).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
446 B 448 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(4).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
447 B 453 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(5).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
357 B 400 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(6).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
447 B 453 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(7).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
347 B 383 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource(8).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
449 B 453 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2strings_72d74595.js
r1.res.office365.com/o365/versionless/ |
32 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellwofficons_2b9c022e.woff
r1.res.office365.com/o365/versionless/ |
33 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellg2corecss_259bd69f.css
r1.res.office365.com/o365/versionless/ |
100 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shellcoreprimeg2m_6bed6c50.js
r1.res.office365.com/o365/versionless/ |
492 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
data.theme
suite.office.net/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
O365NavbarStyleOverrides.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
322 B 318 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
/
clientlog.portal.office.com/l.l/ |
826 B 826 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ChangePassword.css
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
/
clientlog.portal.office.com/l.l/ |
826 B 826 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
authorize
login.microsoftonline.com/common/oauth2/ Frame 1800 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SuiteServiceProxy.html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
47 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SuiteServiceProxy(1).html
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
O365NavbarStyleOverrides.css
account.activedirectory.windowsazure.com/1.0.0.1922/Chrome/en-US/css/ Frame 1800 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
ChangePassword.css
account.activedirectory.windowsazure.com/1.0.0.1922/Chrome/en-US/css/ Frame 1800 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
o365shellarialogger_3cefa9b2.js
r1.res.office365.com/o365/versionless/ |
53 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
clientlog.portal.office.com/l.l/ |
826 B 826 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
suiteserviceproxyiframe_f02ef74d.js.download
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 0 |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
suiteserviceproxyiframe_f02ef74d.js.download
adfs.senate.qov.info/adfs/ls/Changepassword_files/ Frame 1800 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
clientlog.portal.office.com/l.l/ |
826 B 826 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- m.webtrends.com
- URL
- https://m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/wtid.js
- Domain
- m.webtrends.com
- URL
- https://m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/dcs.gif?&dcsdat=1506435743149&dcssip=adfs.senate.qov.info&dcsuri=/changepassword.aspx:ChangePasswordPage&dcsqry=?BrandContextID=65%26ruO365=n%26ok=vwe3v9jklsertv8wgbccegnivaisjcnemu6jgks34%26formdir=1&WT.tz=0&WT.bh=14&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=ChangePasswordPage&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.le=UTF-8&WT.tv=8.6.2&WT.dl=0&WT.ssl=1&WT.es=account.activedirectory.windowsazure.com%2Fchangepassword.aspx%3AChangePasswordPage&WT.z_url=%2Fchangepassword.aspx%3AChangePasswordPage&WT.sli=Not%20Installed&WT.vt_f_a=2&WT.vt_f=2&WT.vt_nvr1=1&WT.vt_nvr2=1&WT.vt_nvr3=1&wtEvtSrc=adfs.senate.qov.info%2Fchangepassword.aspx%3AChangePasswordPage&wtDrillDir=%2Fadfs%2F%3B%2Fadfs%2Fls%2F&WT.dep=wtEvtSrc%3BwtDrillDir
- Domain
- login.microsoftonline.com
- URL
- https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=2462ea2c-a5cf-44d0-946f-ffc63c0e4092&protectedtoken=true&prompt=none&login_hint=kyle_simpson%40mccaskill.senate.gov&nonce=636420325438334698.daf90abd-be1a-427e-bdc6-c3448e47a10d&state=1U5BbsIwEAzlLeGWEGJjwgFVbRFSL21VxLna2Jtgktip7Tjw1b6mpmolvlBpd3Z2pNmdSRRF09B3oSdZgGjFCKN5RvIlJQUhlK2LVEC1zqAUSYkLSGi-wqQUnCWcUFogXcEiE5Pg_ZrO9Qjz_SAd7tF4yfHN6PMlBduf7-2NfLBoXqDDTXNp8cPKrrdaxTTrOAfbyLZNLSpwmNbaz26N7-gGow6m3Ryd621MHuJ8FwpEZf88n9qnUlX6Vw6jvQI_gqqxB2tHbcRPppjsHg0o8aSVw7N73sZky5ZxzszwSgIhWxUW3QTiRyR-fWrakNz5YqxLzrFW0oO0J66wG9ipbiyhwfDz6foo8EqbTkgTLixm5h-H_wY
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: 005 |
|
| .login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAABlDrqfEFlSaui6xnRjX5EAXumOQBxU84hoAJv4oLSRVPU8nC7MVisbKAfylukNOO13vv0er60o908Rws1zrKLQgwQHiGEpnLdhX_RrSJN-PnIIlAvj0vsMDxZwzd9728VHnZnHJo7iV3GMLvmQ6Zd_LP7i6o6qTcY2n5WB1imh4aXEh4Ypwsrwy4AMV-Vg8wgAA |
|
| login.microsoftonline.com/ | Name: buid Value: AQABAAEAAAABlDrqfEFlSaui6xnRjX5EAbf9Zgtwq1s0Q2oNpajbgLdl8966G494208dNUa5F5cIbmAUQV-BvIuRyHTHZn040-flpb4Uc_MQvnrc70gm8RfgHgIkkmZ4jOi65NU7dNsgAA |
|
| adfs.senate.qov.info/adfs/ls | Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1506435743903 |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: ests |
|
| .adfs.senate.qov.info/ | Name: WT_NVR Value: 0=/:1=adfs:2=adfs/ls |
|
| adfs.senate.qov.info/adfs/ls | Name: MicrosoftApplicationsTelemetryDeviceId Value: 76e31558-9d5d-6c14-0e0d-47fff6f95411 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.activedirectory.windowsazure.com
adfs.senate.qov.info
browser.pipe.aria.microsoft.com
clientlog.portal.office.com
login.microsoftonline.com
m.webtrends.com
r1.res.office365.com
suite.office.net
login.microsoftonline.com
m.webtrends.com
185.94.191.41
2a01:111:f100:a000::5ef5:581c
2a01:111:f100:a004::bfeb:8872
2a02:26f0:122:381::753
2a02:26f0:122:396::753
40.115.1.44
40.68.244.24
0478d0db1a0c0c32f1ae9dcbb1ba4f19382a61965731db28e32ca4c3a2f36693
09ce4d75f05ae988dc3f8c58723fc9c85c5cc00ef2deef8935afeb671bfab6be
0a57958dac14aea8ed09167919bdfcf06654870e44aca5b4a8eae2b1bc8ea4cf
0bbde145328d7fdf77a20c921627e1d46a49e70fa0d79590ba160dd7a3d1b3ad
0d461db07a077483ab373dd5aaedd2af71fa9e8d420d84ccea51b537a77255fe
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
1e8f3607bb4041ec4dd2273c6b9938ed4c9b754e9e0188a14a8e0d80dccefb03
207728faca597b0aa85fa40f92287e9f692a73e684cd9e4bb387b5688d7dcadf
25aeee189bb7c86ceb89372311107cfc3424d67f2063db1699673447067a5d7a
295b179d93907f6aa011418544cc7269afebf65769fe95260e0f5a6a40a27bae
2f3f0edc1266584c5dc0406673def93c8e8306abfd964d4cf4f5e9e43b253724
2f932a46e57edd7e47818d28dd3e5f6e26ee473fb00a8b987e5f650b29957b82
3fa171e7375996a40f503c4155b485c18f73f3db8be5a9611f1cfece40965e12
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4163911163fe0de9063400fafcc1683df13bfd808e32fad5bde6033080de9839
4598b2ffb98d047057df3bca4279b414541f1da5c2549102c1394c880d181a85
4c400fe56658ce804b7a4cd37d68f8550cb5a1fd39598553f11b083436e0a5be
4edd5be97010980a0e8a5d1d38fafd27fbd5bcfb7daf5326c8d0c749ec5f0c4b
4f560fb39ff0a6c482826e8255a419cd68e93cf3b660da1bc9bbf1798d0cd447
4f8dd51d409f9b5c12b951b8e70466ad7061a29ed827ece4eed3df26abcd103b
4fa3973f8904ad39fc833e05d7107dc969be66f438357c16071ccea849201767
547b38406f436cedbc048a1758f73f371e5e17cc641ab170c205ca8e3ceb2df4
54cdab7046aac6c817f330d46551671727f0f762b279d71af82876f3e4079cc2
55ddbcfa5f4975e696f273e82b4105a77cb6632d0d0633b9194579e0494d0c0c
59dde4989463e4e3ede03141e7cb72897b08ef6c965907709111d3ee2d8b19fc
5fc53f1e52294ee0c4917d43e23d41ce34ad978abb4eb48f8dd437400ed64b81
600f0f691fb8595a8d1953e1fdf41781d107816c3d018e2b5aa74fb7b652c5f9
64f69949f20639e8295c9425a4b81055503b3d6c30db88b89534675d8eaa43d9
6f8253cf74ab0a5630a46ccb30631a38bbb19c17ed122144519bb49a8ad0f91a
7bdbee86d53fd062aa25634ef97f8cbde3caf40defb8c7aa1d64fe95576cdc10
871765d8bb2ad022f7a18f80e0e95d75bbc584450b2ba89d3a858dec7fb08643
8ab5267ebfe8fccd10ef1ba02d882da8340f4b25a875543d39db0bd32fbb47eb
8d807f134ba61e97310de906d45014d64b3db85cbe117e80e673d6a14faa1604
8fd5631c1056aab09c135e5e673b0b67c4a23adaef6456d9bb97f7c65dd493e3
9089daf47980606a7602dc08f53fc4d94f373d336bf0ffcfe597e6ec43c2a9a0
90e6ebe649cf36267113ead77f424dd6ff44b18fb60e0ee3d36282601c989e9e
96f3066ebda01ad15c329540c4b6c9021a9835fbd92b076f41c9d6b20fe7a37c
a095210486a9b82502127e804d3fad8301d61bd2dfad55223b5c54dbb99a6caf
a96346887199cadb56c119702da1801d96ccb75ff1343db0ddec93b1123e4d67
abcb61d0b7908be4a3f7f191f031d52c054dafde30b32f76f2c5105409e955f3
ace3ef0de78078bbd74d2335aa9024472dcb1ea816c2159de568b8a9801cbc95
c06593549a4378fcbb4fc9898d50da964c1bc251580237c95614b26c841d75ba
c6a2b648e50de9d1013a671c1314754fa25dfc787d85661711b9a9ce4b7740c9
d25bdb637eba2613d50d4b9723d7f91bebd78f0bb38c05860f68d96dfc8694b4
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5906eac65ae1da759c59caaad38ff80c205c2fa768daaded76c41bfb7868896
e77334b97c5c0358d51568970334d36e318b3a0ad111f1b69aa4ebe1850670f7
e98cb659bd765767bbbbfba44c44ece4fcbf0ed1dcace87777410e7c51240e08
ebe0758e019428782de4907d0c0be11b30849e67628a8022e17f4a98bc4aac8b
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
ff36e2543d484f012c6ea9699b527e6d41f221fc0056eb54f7ee6f416b8c830e