onedrive.live.com
Open in
urlscan Pro
13.107.42.13
Public Scan
Effective URL: https://onedrive.live.com/?v=validatepermission&id=AE080A805B4EAEDE!301441&challengeToken=!AFxU0uCYq6amARs
Submission: On September 24 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 25th 2019. Valid for: 2 years.
This is the only time onedrive.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 162.241.203.185 162.241.203.185 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
1 1 | 13.107.42.12 13.107.42.12 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 13.107.42.13 13.107.42.13 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
27 | 2.16.186.40 2.16.186.40 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 104.103.74.164 104.103.74.164 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
3 | 40.90.142.224 40.90.142.224 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
3 | 52.114.76.35 52.114.76.35 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
9 | 2a02:26f0:6c0... 2a02:26f0:6c00:28e::38f3 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 40.74.236.186 40.74.236.186 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 104.103.83.219 104.103.83.219 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
2 | 2620:1ec:21::11 2620:1ec:21::11 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 1 | 40.77.224.11 40.77.224.11 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 40.90.23.153 40.90.23.153 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00:299::2b57 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
25 | 2a02:26f0:6c0... 2a02:26f0:6c00:288::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
78 | 12 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 162-241-203-185.unifiedlayer.com
www.fluxocaixa.ktprime.com.br |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: 1drv.ms
1drv.ms |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
onedrive.live.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
spoprod-a.akamaihd.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-74-164.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: i-am3p-cor003.api.p001.1drv.com
skyapi.onedrive.live.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
badgerprod.cloudapp.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-83-219.deploy.static.akamaitechnologies.com
r3.res.outlook.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.live.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: i-ch1-cor002.api.p001.1drv.com
storage.live.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.live.com |
ASN20940 (AKAMAI-ASN1, US)
ow2.res.office365.com | |
r4.res.office365.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
akamaihd.net
spoprod-a.akamaihd.net |
1019 KB |
25 |
office365.com
ow2.res.office365.com r4.res.office365.com |
2 MB |
9 |
msocdn.com
shellprod.msocdn.com |
231 KB |
9 |
live.com
1 redirects
onedrive.live.com skyapi.onedrive.live.com outlook.live.com storage.live.com login.live.com |
69 KB |
5 |
microsoft.com
browser.pipe.aria.microsoft.com uhf.microsoft.com |
3 KB |
2 |
sharepointonline.com
static2.sharepointonline.com |
37 KB |
1 |
outlook.com
r3.res.outlook.com |
23 KB |
1 |
cloudapp.net
badgerprod.cloudapp.net |
1 KB |
1 |
1drv.ms
1 redirects
1drv.ms |
319 B |
1 |
ktprime.com.br
1 redirects
www.fluxocaixa.ktprime.com.br |
126 B |
78 | 10 |
Domain | Requested by | |
---|---|---|
27 | spoprod-a.akamaihd.net |
onedrive.live.com
spoprod-a.akamaihd.net |
18 | ow2.res.office365.com |
outlook.live.com
ow2.res.office365.com |
9 | shellprod.msocdn.com |
spoprod-a.akamaihd.net
shellprod.msocdn.com |
7 | r4.res.office365.com |
outlook.live.com
|
3 | browser.pipe.aria.microsoft.com |
spoprod-a.akamaihd.net
shellprod.msocdn.com |
3 | skyapi.onedrive.live.com |
spoprod-a.akamaihd.net
skyapi.onedrive.live.com |
2 | uhf.microsoft.com |
outlook.live.com
|
2 | outlook.live.com |
shellprod.msocdn.com
outlook.live.com |
2 | static2.sharepointonline.com |
onedrive.live.com
|
2 | onedrive.live.com |
onedrive.live.com
|
1 | login.live.com | |
1 | storage.live.com | 1 redirects |
1 | r3.res.outlook.com |
spoprod-a.akamaihd.net
|
1 | badgerprod.cloudapp.net |
spoprod-a.akamaihd.net
|
1 | 1drv.ms | 1 redirects |
1 | www.fluxocaixa.ktprime.com.br | 1 redirects |
78 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.live.com |
g.live.com |
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
onedrive.com Microsoft IT TLS CA 2 |
2019-06-25 - 2021-06-25 |
2 years | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2019-08-13 - 2020-08-12 |
a year | crt.sh |
*.sharepointonline.com Microsoft IT TLS CA 2 |
2017-11-03 - 2019-11-03 |
2 years | crt.sh |
storage.live.com Microsoft IT TLS CA 2 |
2018-08-29 - 2020-08-29 |
2 years | crt.sh |
*.events.data.microsoft.com Microsoft IT TLS CA 1 |
2019-03-26 - 2021-03-26 |
2 years | crt.sh |
*.msocdn.com Microsoft IT TLS CA 4 |
2018-01-02 - 2020-01-02 |
2 years | crt.sh |
badgerprod.cloudapp.net Microsoft IT TLS CA 2 |
2018-01-22 - 2020-01-22 |
2 years | crt.sh |
*.res.outlook.com Microsoft IT TLS CA 5 |
2017-11-27 - 2019-11-27 |
2 years | crt.sh |
Outlook.live.com DigiCert Cloud Services CA-1 |
2019-07-12 - 2021-07-12 |
2 years | crt.sh |
*.login.live.com Microsoft IT TLS CA 2 |
2018-06-29 - 2020-06-29 |
2 years | crt.sh |
unistore.www.microsoft.com Microsoft IT TLS CA 5 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://onedrive.live.com/?v=validatepermission&id=AE080A805B4EAEDE!301441&challengeToken=!AFxU0uCYq6amARs
Frame ID: 77C32BF1247A1F8D5F5916EC1F45F016
Requests: 46 HTTP requests in this frame
Frame:
https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Frame ID: AA7E9FB588B565D4BF8B953A339D57F6
Requests: 3 HTTP requests in this frame
Frame:
https://outlook.live.com/owa/SuiteServiceProxy.aspx?suiteServiceReturnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fv%3Dvalidatepermission%26id%3DAE080A805B4EAEDE!301441%26challengeToken%3D!AFxU0uCYq6amARs&returnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fv%3Dvalidatepermission%26id%3DAE080A805B4EAEDE!301441%26challengeToken%3D!AFxU0uCYq6amARs&apiver=1
Frame ID: 3416403F8BDD809FF3341967362360E5
Requests: 21 HTTP requests in this frame
Frame:
https://outlook.live.com/owa/prefetch.aspx
Frame ID: ED8B97CE02D3908A1031F0AB6FFAF2BB
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.fluxocaixa.ktprime.com.br/
HTTP 301
https://1drv.ms/x/s!At6uTluACgiukrMBXFTS4JirpqYBGw?e=64S2VN HTTP 301
https://onedrive.live.com/redir?resid=AE080A805B4EAEDE!301441&authkey=!AFxU0uCYq6amARs&ithint=file%2cx... Page URL
- https://onedrive.live.com/?v=validatepermission&id=AE080A805B4EAEDE!301441&challengeToken=!AFxU0uCYq6a... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Sign in
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.fluxocaixa.ktprime.com.br/
HTTP 301
https://1drv.ms/x/s!At6uTluACgiukrMBXFTS4JirpqYBGw?e=64S2VN HTTP 301
https://onedrive.live.com/redir?resid=AE080A805B4EAEDE!301441&authkey=!AFxU0uCYq6amARs&ithint=file%2cxlsx&e=64S2VN Page URL
- https://onedrive.live.com/?v=validatepermission&id=AE080A805B4EAEDE!301441&challengeToken=!AFxU0uCYq6amARs Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.fluxocaixa.ktprime.com.br/ HTTP 301
- https://1drv.ms/x/s!At6uTluACgiukrMBXFTS4JirpqYBGw?e=64S2VN HTTP 301
- https://onedrive.live.com/redir?resid=AE080A805B4EAEDE!301441&authkey=!AFxU0uCYq6amARs&ithint=file%2cxlsx&e=64S2VN
- https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1569365552267 HTTP 302
- https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1569365552&rver=7.1.6819.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
redir
onedrive.live.com/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
onedrive.live.com/ |
307 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require-e7952e6f.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onedrive-font-face-definitions.css
static2.sharepointonline.com/files/fabric/onedrive-assets/ |
15 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconedriveprefetch-416c6895.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
313 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reactandknockout-8d4d8b4e.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
182 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconedrive-84b7bdea.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
846 KB 191 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconedriveapp-00cc2d8b.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
327 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcfiles-e53f8601.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
457 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconedriveprefetch.resx-60223457.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconedriveapp.resx-232ab1b1.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcfiles.resx-b6a106c9.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconedrive.resx-a42edf4e.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcbasepage-cfcd10f7.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
146 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcbasepage.resx-8e87db1e.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
1 KB 907 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aria-051933ee.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
53 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xmlproxy.htm
skyapi.onedrive.live.com/ Frame AA7E |
215 B 579 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcpushchannel-23d482b0.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
86 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcrestore-9adb7073.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcrestore.resx-007401df.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
141 B 616 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcransomwaredetection-cd2c5676.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
268 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcdeferredcontrols-78c5472c.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
216 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcquota-f42a5a66.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
108 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcvalidatepermission-df9d849d.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcstorageoptions.resx-ce48c18d.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcitemvideoplayer-03c7ece2.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
183 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcvalidatepermission.resx-2ed214eb.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneshell
shellprod.msocdn.com/api/shellbootstrapper/consumer/ |
38 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
token
badgerprod.cloudapp.net/v1.0/ |
835 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo.svg
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/odsp-media/images/signindialog/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcdeferredcontrols.resx-ab11a453.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/en-us/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odconeup-33cf050e.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
169 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcitemsscope-c17393a4.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-09-13_20190923.005/ |
732 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shellg2coremincss_1ece715e.css
r3.res.outlook.com/o365/versionless/ |
70 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xmlproxy.js
skyapi.onedrive.live.com/ Frame AA7E |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ Frame AA7E |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us
shellprod.msocdn.com/api/ShellBootInfo/consumer/OneShell/ |
38 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shellstrings.98f7f762004de5629d0fdc3ba9fc54be.json
shellprod.msocdn.com/shellux/o365/versionless/en/ |
18 KB 5 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.header.ae5abd88d139cfd0c715.js
shellprod.msocdn.com/shellux/o365/versionless/ |
101 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.core.b6da95e7e04c82ba1c40.js
shellprod.msocdn.com/shellux/o365/versionless/ |
254 KB 67 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.legacyheader.b053b1e07c5d3fc47c63.js
shellprod.msocdn.com/shellux/o365/versionless/ |
22 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.responsive.3c1859af15e62ba90e04.js
shellprod.msocdn.com/shellux/o365/versionless/ |
47 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.plus.adde7b483104cb46f6e6.js
shellprod.msocdn.com/shellux/o365/versionless/ |
286 KB 63 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SuiteServiceProxy.aspx
outlook.live.com/owa/ Frame 3416 |
36 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.notifications.9b981f0174ac1257ffbf.js
shellprod.msocdn.com/shellux/o365/versionless/ |
146 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.srf
login.live.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mscc-0.4.1.min.js
uhf.microsoft.com/mscc/statics/ Frame 3416 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vh-check.min.js
ow2.res.office365.com/owalanding/2019.9.10.02/javascripts/ Frame 3416 |
899 B 675 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
ow2.res.office365.com/owalanding/2019.9.10.02/javascripts/ Frame 3416 |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazyload.min.js
ow2.res.office365.com/owalanding/2019.9.10.02/javascripts/ Frame 3416 |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.onscreen.js
ow2.res.office365.com/owalanding/2019.9.10.02/javascripts/ Frame 3416 |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detect-os.js
ow2.res.office365.com/owalanding/2019.9.10.02/javascripts/ Frame 3416 |
129 B 387 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dom-scripts.js
ow2.res.office365.com/owalanding/2019.9.10.02/javascripts/ Frame 3416 |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compiled.css
ow2.res.office365.com/owalanding/2019.9.10.02/stylesheets/ Frame 3416 |
104 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-scenario-triptych-android-01.png
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
82 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-scenario-triptych-android-02.png
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
85 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-scenario-triptych-android-03.png
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-scenario-triptych-ios-01.png
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
266 KB 267 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-scenario-triptych-ios-02.png
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
198 KB 199 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-scenario-triptych-ios-03.png
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
85 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prefetch.aspx
outlook.live.com/owa/ Frame ED8B |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_log
uhf.microsoft.com/ Frame 3416 |
0 128 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masthead-alt-06-wide-large.jpg
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
159 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security-feature-microsoft.svg
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
552 B 482 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security-feature-encryption.svg
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security-feature-attachments.svg
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
1 KB 827 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security-feature-onedrive.svg
ow2.res.office365.com/owalanding/2019.9.10.02/images/ Frame 3416 |
2 KB 1015 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.3278.2.2710622/scripts/ Frame ED8B |
648 KB 176 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.3278.2.2710622/scripts/ Frame ED8B |
644 KB 160 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.3278.2.2710622/scripts/ Frame ED8B |
647 KB 167 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.3278.2.2710622/scripts/ Frame ED8B |
645 KB 143 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.png
r4.res.office365.com/owa/prem/16.3278.2.2710622/resources/images/0/ Frame ED8B |
16 KB 16 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.css
r4.res.office365.com/owa/prem/16.3278.2.2710622/resources/images/0/ Frame ED8B |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/16.3278.2.2710622/resources/styles/0/ Frame ED8B |
227 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| $B object| $CJ object| Flight function| __extends function| RequireDeps object| InlineBootLoader function| requirejs function| require function| define function| es6-symbol function| ES6Promise object| cookieToss object| $Config object| FilesConfig object| InviteConfig function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| __packages__ number| __currentId__ object| __stylesheet__ object| __globalSettings__ object| ODSP_TELEMETRY_MANAGER object| _perfMarks object| __themeState__ object| __events__ function| __loadTheme object| FabricConfig function| __onbeforeunload function| __loadTests object| odstore object| $Network function| NextNetworkRegisterProxy object| __ko boolean| __hasInitializeFocusRects__ boolean| __hasInitializedDir__ object| shellPerformance boolean| HighResolutionTimingSupported object| suiteux_shell_webpackJsonp object| O365Shell object| O365Shell_Shim string| O365ShellVerStr object| React object| ReactDOM6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.live.com/ | Name: xidseq Value: 2 |
|
.live.com/ | Name: E Value: P:Miff4UFB14g=:ZLH70YaXre8hZncnhMc9UmggVE/+9qPQm7s65r+tWwg=:F |
|
.live.com/ | Name: SAToken1 Value: |
|
.live.com/ | Name: wla42 Value: |
|
.live.com/ | Name: SAToken0 Value: |
|
.live.com/ | Name: xid Value: 36b2725f-c860-47c5-b764-11dedaf92e2a&&RD0003FF119C34&312 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1drv.ms
badgerprod.cloudapp.net
browser.pipe.aria.microsoft.com
login.live.com
onedrive.live.com
outlook.live.com
ow2.res.office365.com
r3.res.outlook.com
r4.res.office365.com
shellprod.msocdn.com
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
static2.sharepointonline.com
storage.live.com
uhf.microsoft.com
www.fluxocaixa.ktprime.com.br
104.103.74.164
104.103.83.219
13.107.42.12
13.107.42.13
162.241.203.185
2.16.186.40
2620:1ec:21::11
2a02:26f0:6c00:288::753
2a02:26f0:6c00:28e::38f3
2a02:26f0:6c00:299::2b57
40.74.236.186
40.77.224.11
40.90.142.224
40.90.23.153
52.114.76.35
0a578abe8f72ec3b12545c88589b6f5977cec529d8a3b019268368e71cf1cc4e
0ae515749fc0277624d6a274f0db0670ba98849a473a1eef30794165544333c2
11fe115867ca6e26d27f22b9c947a735230a46fe1e61ee0e49f6686cf9dffa68
13e8e3a74cce3422361296647326cdbc26ec35edfba0978df2373cb5084281bc
143f9610d0e9cc834e3326d677e850f148681e81c0a7bfd2ee33c449d9d14cc3
18795b9a9b3e010241c5b2282f0060443c43f35603c6c18f8fdfb3670db0638f
1d4327acd4d0472e2744eddc9878e1d3824d366a6194320bed25cb3fea946355
2792bb191580b84f45fc11f86642dd070ced0bce36132c58d268cef0d2db6d93
2a30cefd8f3df18656e6d43fc3fba658ba2ba17ef852436db8b1329d136e71dd
2edc8c05d0d2afea59237de5580c7aa7e2f2ff07bb0a61f3baa94c5b2b215075
325e94b9f196b34035954508305ff4c368024cf9fe1a56a8f5f91ba5d9dbcadd
3d537fb9e273d85d6003624569dd8ed7db095a1ed6cf4988e4c498e112ee236b
4116b950d13be689dc3ec67317e8d6d583ba5f8540dc9e6c94deda8071552a0c
44fc0734845200c4f95472f011e39f9914cd0db5eac4b8d8560c18fa33a0d8bf
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
4fdd6e4cb2c2a3940a3425018c99115cce42bfb99e2eab44aef5ac10ab5c45aa
51f166b0e7f1880e627f1a68fdc1ba66728f77b518b86b24358b7ee2a6f3b116
528293e8731511a5a0bd46dc471892cb2693cee354522c345548142bb2d33880
52fbe9949985af900df83ddff7b742ff67a1f70210b2790e03aa255782ae184c
532aa760f7d72a34f0ac4400fe05a89d6aaacc3bc492e799778da98f0b2813ea
54718bcc49b3b5494046465f0c8c2d2c093b7ab64e66416928865da0462b2cfe
54b1b440acae4c5a694e1ccbf992eeaa7e4a6d14970ad1523767d4027869339f
558d8b7bd64db0779111105432910945d802cbe1e236341f37e5b1d1f9a6f009
5707747b4121c88eaf38ecaca02bc74495008df9dfce23a00177ffe8db4366a1
670e5c3a0d548e3327f281a4f87923928e17ca1d61317a34e4b509e1ce249903
698e2071dd2e952f489b251abf6ce19273325c2f46ccb23bc993b9938ff1625d
6baeb82bf595389bdd0338dd17ab7ee6d58a41ae1f9025e686260dcf683682d1
6d93d0fdbadb6e469a76bbf2561870c6f9fef9860af764a5886340234479a43d
747be29302c9fc38888ff7c103cb1ca16d59b9178bda2c54811548652648dccb
7648cb40b7fb2addcc91d1424047d9617999446e2a541a61957191655407a2ef
7675ff937276a1b69ca7fa830c5a55996c63afaf45f3fc751cbc4517ef3bb2a7
79881cf327d13db3a1399d82c10c95db1152733d05953d6a9529d5e9065b1d8d
7d419ef688380857088ffb7e65c92411e82a14f7eec9104c6a486a4d03d9d472
7da02228885db3ad51b9f91f0f79db63306ec1cc63fff7c75ea21e9ec623abcd
85764046aa42c63682746b7e84d2b0c0eee9bb79a29124bff96e27f528407ddc
85f209669af36d98bfa7e4f094e6359323c44c49f1cb9b8db9dfb66ec4765646
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a2f528b35f977cf0e1fca8703a182e0a5be4efde4b48e0bd84eb5beff3c0be3
8a4023eefc4801f2ca569209a6c1e830649fbe6ebe3b88c2fd1dac45ad4cc1c7
8c07b86a081e65e922020324f7be8133c7077926373b7c7e2add9cb009fc445f
8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e
8fc254cc6263d5575cc0069586625e561384e8d77dface77390abac305ba867b
9152b0fd0b1d5210eae1c406ceab203807536908898063dfb64ad3bb02b65f69
915659bc900f31a480afc4a1f60ab9b0f6e2d9940f97ac7e135bd33610bfe801
94af6134bb17c09a454534c14c7fa16005c2ffb8abad58451ffe831f915a7093
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
962215c247f928ade110cde259eaf256e8ab85480c3b5413c88de0b7e1bc089d
973e2a1facb368ec438dbb4bc879dacd7c4d825af06ff4ea8f9f0743eb4c06ba
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
9d24def73ea93b602ddc125deafb44c52b39f6bf54ae0cfefeb8a70cf05c91c5
9f49520e489af3d230d3123163d432c447adc8d2dde31443662329c5c6cc1507
9fbbe9b2ef2fee2b84f0ccafc264c0c0b74af8ef19cf22377bcd763f8a6bb110
a6f4fd32691a4a351c7f0f42a45b71b61eb790854246a283e36ae6d8bb266a1b
af558263e27172c12eceab1f0bc57548a76f9249372185b03369571e701f8491
b1e458ba65d389dab7842301df05d85f51575c397218a569184d3a41008b5373
b9d9d2b9d7f3b34b5d9a397e16b83b88a5c87aac0a27130d54dc538b0e6e144a
ba56e67cfa3f2cf381dd08cb7b85a3d3a2c3b6acf08b7cf9c17223d97d0f6b75
be4463b9512d40a04cec82eee09c3b69566842f632dcbd03cad793e614214fcc
c3bf32ab9960748430a62f0d709a13e410dddee3ac6f10950d94337b49355d6b
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
cd48c3dfb4f4bddde2cb07ad900f77a984a2ec58e5abb44b08249ca5e169bc01
ce534098acb4df3247614e036f0c24eca41b72b4bb8a407a5ad5aa1b24620a7a
d16864aa8bf520fdfc2e1f7e1c50ce15591fdab25018342de7b970be81c8a162
d2b2dd581a8ac261b8aa233f4c087e7caa2acc4e128c3f814802ca7d37123640
d389cd1998375a7d99fcd5a69699a885e0420e17e970226b33087c48e8312a12
e06dca2dc82d7489e986a37f6212c881ff5a979c322aeb886d4cf4eeb2fcf1d3
e093296e54f5f7c9d7d5c0863b63820cce1743e4addf852417ae66fac154668a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439f95877097c81c33c8ad37d9ddec0c17f572f96703738f6fd90583fc1c283
e5744a2df1adacf34414f940a8308e610d573e56a491507ca4fefea66c145dbf
e922fd086a8bf72a2ab7ec76e689b054b62d441630ccf52a761e9956e6459680
ee50b31b215b2d14d2704ef47afb8d75ee06b869829e1cca22b9602fca5940ba
f856eb7cce9a690c691e86a68f9cc1db11f98d849b24363f219dfa4a537c74ae
ff7f9d2b0bfbc3f045af507156ac0e83de442a938cd8a9bd54115ef1955623bf