onedrive.live.com
Open in
urlscan Pro
13.107.42.13
Public Scan
Effective URL: https://onedrive.live.com/?authkey=*21AMnVox*2Ds*5F*2DDeUKI&id=3B8A3AEED20C30BC*21172&cid=3B8A3AEED20C30BC__;JSUlJSU!!P110...
Submission: On June 20 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.
This is the only time onedrive.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.107.42.13 13.107.42.13 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 2600:141b:f00... 2600:141b:f000:c089::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
30 | 2600:141b:13:... 2600:141b:13::17d7:82a8 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 20.50.73.9 20.50.73.9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 9 | 157.55.109.232 157.55.109.232 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2600:141b:f00... 2600:141b:f000:c0a7::38f3 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 104.127.184.80 104.127.184.80 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 152.199.4.33 152.199.4.33 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2620:1ec:46::40 2620:1ec:46::40 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 23.96.225.71 23.96.225.71 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 20.110.81.91 20.110.81.91 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 40.126.24.148 40.126.24.148 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 35.166.150.193 35.166.150.193 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 142.251.40.134 142.251.40.134 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2607:f8b0:400... 2607:f8b0:4006:80e::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80d::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 20.42.73.26 20.42.73.26 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
64 | 16 |
ASN20940 (AKAMAI-ASN1, NL)
modernb.akamai.odsp.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
skyapi.onedrive.live.com | |
storage.live.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-127-184-80.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-150-193.us-west-2.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net
ad.doubleclick.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 543 modernb.akamai.odsp.cdn.office.net — Cisco Umbrella Rank: 8128 |
2 MB |
11 |
live.com
1 redirects
onedrive.live.com — Cisco Umbrella Rank: 2375 skyapi.onedrive.live.com — Cisco Umbrella Rank: 32734 storage.live.com — Cisco Umbrella Rank: 146 login.live.com — Cisco Umbrella Rank: 72 |
26 KB |
8 |
microsoft.com
1 redirects
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 141 web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1417 c1.microsoft.com — Cisco Umbrella Rank: 5779 browser.events.data.microsoft.com — Cisco Umbrella Rank: 263 |
4 KB |
2 |
doubleclick.net
2 redirects
ad.doubleclick.net — Cisco Umbrella Rank: 203 |
1 KB |
2 |
sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2761 |
68 KB |
1 |
google.ca
adservice.google.ca — Cisco Umbrella Rank: 12424 |
737 B |
1 |
google.com
1 redirects
adservice.google.com — Cisco Umbrella Rank: 92 |
650 B |
1 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212 |
3 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 229 |
859 B |
1 |
msftauth.net
amcdn.msftauth.net — Cisco Umbrella Rank: 1329 |
10 KB |
1 |
msecnd.net
az725175.vo.msecnd.net — Cisco Umbrella Rank: 6385 |
18 KB |
1 |
msocdn.com
shellprod.msocdn.com — Cisco Umbrella Rank: 11235 |
36 KB |
64 | 12 |
Domain | Requested by | |
---|---|---|
30 | modernb.akamai.odsp.cdn.office.net |
onedrive.live.com
modernb.akamai.odsp.cdn.office.net |
10 | res-1.cdn.office.net |
onedrive.live.com
modernb.akamai.odsp.cdn.office.net shellprod.msocdn.com res-1.cdn.office.net |
8 | skyapi.onedrive.live.com |
modernb.akamai.odsp.cdn.office.net
|
4 | browser.pipe.aria.microsoft.com |
modernb.akamai.odsp.cdn.office.net
|
2 | ad.doubleclick.net | 2 redirects |
2 | c1.microsoft.com | 1 redirects |
2 | static2.sharepointonline.com |
res-1.cdn.office.net
|
1 | browser.events.data.microsoft.com |
modernb.akamai.odsp.cdn.office.net
|
1 | adservice.google.ca | |
1 | adservice.google.com | 1 redirects |
1 | dpm.demdex.net |
modernb.akamai.odsp.cdn.office.net
|
1 | login.live.com | |
1 | storage.live.com | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
1 | amcdn.msftauth.net |
res-1.cdn.office.net
|
1 | az725175.vo.msecnd.net |
onedrive.live.com
|
1 | shellprod.msocdn.com |
onedrive.live.com
|
1 | onedrive.live.com | |
64 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
onedrive.com Microsoft RSA TLS CA 02 |
2022-02-01 - 2023-02-01 |
a year | crt.sh |
*.res.outlook.com Microsoft RSA TLS CA 01 |
2022-06-02 - 2023-06-02 |
a year | crt.sh |
wildcard.akamai.odsp.cdn.office.net Microsoft RSA TLS CA 01 |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2022-05-21 - 2023-05-16 |
a year | crt.sh |
storage.live.com Microsoft RSA TLS CA 01 |
2021-08-19 - 2022-08-19 |
a year | crt.sh |
*.msocdn.com Microsoft RSA TLS CA 01 |
2021-09-08 - 2022-09-08 |
a year | crt.sh |
*.sharepointonline.com Microsoft RSA TLS CA 01 |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2021-08-06 - 2022-08-06 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02 |
2022-05-11 - 2023-05-06 |
a year | crt.sh |
*.vortex.data.microsoft.com Microsoft RSA TLS CA 01 |
2022-04-03 - 2023-04-03 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://onedrive.live.com/?authkey=*21AMnVox*2Ds*5F*2DDeUKI&id=3B8A3AEED20C30BC*21172&cid=3B8A3AEED20C30BC__;JSUlJSU!!P110LumUDw!8adWKmhWoMvGAmIp9rhvX0w-6F2kXKbck9_BryqehOeDvv9JIK2jhYRt1jxcU04c2mbVDfgIBVWAJOFNNS3v-A$
Frame ID: 26C4C2235CEDBB3486C1A7AB61AAC6C6
Requests: 62 HTTP requests in this frame
Screenshot
Page Title
OneDrivePage URL History Show full URLs
-
http://onedrive.live.com/?authkey=*21AMnVox*2Ds*5F*2DDeUKI&id=3B8A3AEED20C30BC*21172&cid=3B8A3AEED20C...
HTTP 307
https://onedrive.live.com/?authkey=*21AMnVox*2Ds*5F*2DDeUKI&id=3B8A3AEED20C30BC*21172&cid=3B8A3AEED20C... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Sign in
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://onedrive.live.com/?authkey=*21AMnVox*2Ds*5F*2DDeUKI&id=3B8A3AEED20C30BC*21172&cid=3B8A3AEED20C30BC__;JSUlJSU!!P110LumUDw!8adWKmhWoMvGAmIp9rhvX0w-6F2kXKbck9_BryqehOeDvv9JIK2jhYRt1jxcU04c2mbVDfgIBVWAJOFNNS3v-A$
HTTP 307
https://onedrive.live.com/?authkey=*21AMnVox*2Ds*5F*2DDeUKI&id=3B8A3AEED20C30BC*21172&cid=3B8A3AEED20C30BC__;JSUlJSU!!P110LumUDw!8adWKmhWoMvGAmIp9rhvX0w-6F2kXKbck9_BryqehOeDvv9JIK2jhYRt1jxcU04c2mbVDfgIBVWAJOFNNS3v-A$ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
- https://c.bing.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=B191CC0986BE4095958A2BD0D7449C9E&RedC=c1.microsoft.com&MXFR=151F563C2B5F61192EBD47F52F5F6792 HTTP 302
- https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=B191CC0986BE4095958A2BD0D7449C9E&MUID=151F563C2B5F61192EBD47F52F5F6792
- https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1655736534480 HTTP 302
- https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1655736534&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
- https://ad.doubleclick.net/ddm/activity/src=6952136;type=store0;cat=jsll;u58=e445ad66606b4aa2b4638ff829773c49;match_id=e445ad66606b4aa2b4638ff829773c49;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=6952136;dc_pre=CLit9Z-jvPgCFYfcYgodRFwOZA;type=store0;cat=jsll;u58=e445ad66606b4aa2b4638ff829773c49;match_id=e445ad66606b4aa2b4638ff829773c49;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://adservice.google.com/ddm/fls/p/src=6952136;dc_pre=CLit9Z-jvPgCFYfcYgodRFwOZA;type=store0;cat=jsll;u58=e445ad66606b4aa2b4638ff829773c49;match_id=e445ad66606b4aa2b4638ff829773c49;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;~oref=https://onedrive.live.com/ HTTP 302
- https://adservice.google.ca/ddm/fls/p/src=6952136;dc_pre=CLit9Z-jvPgCFYfcYgodRFwOZA;type=store0;cat=jsll;u58=e445ad66606b4aa2b4638ff829773c49;match_id=e445ad66606b4aa2b4638ff829773c49;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;~oref=https://onedrive.live.com/
64 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
onedrive.live.com/ Redirect Chain
|
56 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onedrive-font-face-definitions.css
res-1.cdn.office.net/files/fabric-cdn-prod_20211207.001/onedrive-assets/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.listviewdataprefetch.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
247 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.resx-plt.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/en-us/ |
54 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
120 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.office-ui-fabric-react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
492 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.items-view.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
557 KB 154 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.odsp-common.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
271 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odclightspeed.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
891 KB 252 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
364.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
50 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
505.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
354.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
357.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
426.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deferred.resx-deferred.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/en-us/ |
59 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deferred.office-ui-fabric-react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deferred.odsp-common.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
134 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deferred.items-view.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deferred.odsp-datasources.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deferred.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
1001 KB 239 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ondemand.resx-ondemand.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/en-us/ |
208 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
173.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
326 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneshell
shellprod.msocdn.com/api/shellbootstrapper/consumer/ |
137 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetItems
skyapi.onedrive.live.com/API/2/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
GetItems
skyapi.onedrive.live.com/API/2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetUpgradeOptions
skyapi.onedrive.live.com/API/2/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-ca
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ |
25 KB 25 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.bootstrapper.3f07d063abc36b1490b0.js
res-1.cdn.office.net/shellux/ |
137 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error2.svg
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odsp-media/images/error/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shellstrings.dab29af03e102a07bd3854f25cd3baf1.json
res-1.cdn.office.net/shellux/en/ |
14 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.responsive.96957feb5000701d7fe1.js
res-1.cdn.office.net/shellux/ |
53 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.consappdata.cb8dedf13a78c2c8f603.js
res-1.cdn.office.net/shellux/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
158.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
99 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
311.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
34 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
472.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
78 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
55 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
323.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
66 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.core.26c6fa90b39c6eacfe32.js
res-1.cdn.office.net/shellux/ |
259 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odclightspeedwebpack.manifest/ |
492 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odsp-next-icons-21-e60df922.woff
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odsp-media/fonts/ |
16 KB 16 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odsp-next-icons-85704c99.woff
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/odsp-media/fonts/ |
17 KB 18 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
amcdn.msftauth.net/ |
28 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.plus.0471f8f78f7c02f1a3f1.js
res-1.cdn.office.net/shellux/ |
215 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c1.microsoft.com/ Redirect Chain
|
42 B 441 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
officebrowserfeedback.css
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/@ms-ofb/officebrowserfeedback/styles/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
officebrowserfeedbackstrings.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2022-06-03.006/@ms-ofb/officebrowserfeedback/intl/en/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.otellogging.32457f5d132e3ae97ce2.js
res-1.cdn.office.net/shellux/ |
75 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suiteux.shell.mast.d96a5727f8d041394816.js
res-1.cdn.office.net/shellux/ |
104 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.srf
login.live.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.ca/ddm/fls/p/src=6952136;dc_pre=CLit9Z-jvPgCFYfcYgodRFwOZA;type=store0;cat=jsll;u58=e445ad66606b4aa2b4638ff829773c49;match_id=e445ad66606b4aa2b4638ff829773c49;dc_lat=;dc_rdid=;tag_... Redirect Chain
|
42 B 737 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 547 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| $B object| $CJ object| Flight function| requirejs function| require function| define function| RequireDeps object| __tti function| es6-symbol function| ES6Promise object| cookieToss object| $Config object| FilesConfig object| InviteConfig string| __odsp_culture number| g_responseEnd string| backupBaseUrl object| failOverState object| corsMatch function| processConfigToSupportFailOver object| __cdnFailOverState object| odspNextWebpackJsonp function| __debugSetKillSwitch object| ODSP_TELEMETRY_MANAGER function| __onbeforeunload object| _perfMarks object| __globalSettings__ object| __stylesheet__ object| __testHooks object| __ko object| __themeState__ object| __packages__ number| __currentId__ object| CUSTOMERPROMISE_MANAGER object| React object| ReactDOM object| __events__ object| $ic boolean| __ODSP_DEV_TOOLS_ENABLED__ function| getRumOneForTAB boolean| __RUMOneAPITrackerInstrumented function| __integrityViolationCallBack boolean| __isReactDndBackendSetUp object| odstore object| shellPerformance boolean| HighResolutionTimingSupported object| suiteux_shell_webpackJsonp_bootstrapper string| O365ShellVerStr object| O365ShellContext object| O365Shell object| O365Shell_Shim object| O365ShellBootInfo object| tabperf boolean| __hasInitializeFocusRects__ boolean| __hasInitializedDir__ object| suiteux_shell_webpackJsonp_main object| awa string| behaviorKey object| OfficeBrowserFeedback object| LoadMastPromptJs function| __assign function| __extends object| MastInteraction object| MSA object| MeControl function| MeControlDefine function| MeControlImport27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.live.com/ | Name: xid Value: d01a0a5b-8071-42b5-8819-fccda836a0a0&&RDE42AAC88D3EB&212 |
|
.live.com/ | Name: wla42 Value: |
|
.live.com/ | Name: SAToken0 Value: |
|
.live.com/ | Name: SAToken1 Value: |
|
onedrive.live.com/ | Name: KillSwitchOverrides_enableKillSwitches Value: |
|
onedrive.live.com/ | Name: KillSwitchOverrides_disableKillSwitches Value: |
|
.live.com/ | Name: xidseq Value: 2 |
|
.live.com/ | Name: E Value: P:Ip82/8tS2og=:lH6wEb0iozpJVeu6p7B+tdB47+a7anzMNIY4kR9THc8=:F |
|
onedrive.live.com/ | Name: ShCLSessionID Value: 1655736534078_0.9440901086117379 |
|
.microsoft.com/ | Name: MUID Value: 151F563C2B5F61192EBD47F52F5F6792 |
|
.microsoft.com/ | Name: MC1 Value: GUID=e445ad66606b4aa2b4638ff829773c49&HASH=e445&LV=202206&V=4&LU=1655736534524 |
|
.microsoft.com/ | Name: MS0 Value: b9fa4c7841c34d2c8af9bf063d896f08 |
|
onedrive.live.com/ | Name: MSFPC Value: GUID=e445ad66606b4aa2b4638ff829773c49&HASH=e445&LV=202206&V=4&LU=1655736534524 |
|
.bing.com/ | Name: MUID Value: 151F563C2B5F61192EBD47F52F5F6792 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 151F563C2B5F61192EBD47F52F5F6792 |
|
.c.bing.com/ | Name: SRM_I Value: 151F563C2B5F61192EBD47F52F5F6792 |
|
.c1.microsoft.com/ | Name: SM Value: C |
|
.c1.microsoft.com/ | Name: SRM_I Value: 151F563C2B5F61192EBD47F52F5F6792 |
|
.c1.microsoft.com/ | Name: MR Value: 0 |
|
.c1.microsoft.com/ | Name: ANONCHK Value: 0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.login.live.com/ | Name: uaid Value: 7e1b0ab4319049f4897f9d2f17f66546 |
|
.login.live.com/ | Name: MSPRequ Value: id=63539<=1655736534&co=1 |
|
.login.live.com/ | Name: MSCC Value: 149.56.153.181-MY |
|
.login.live.com/ | Name: OParams Value: 11O.DdeM35NWvWo5yA4r7piq*EfWTk1EammCliYfIkky5TGF7qrXccm*04ccoGF!c9vuX7K*K0d6bt0RRz*MeVvvIkpkzec1kJ8pVY5smyD6v3S9pTManY1hixDmLnnOVancEj!NAgif4htYefsDT3tgnu55nKXmCtQtvctoHYR8dtFD8mboBECyPPH59kd18uRghJP5RfZeFxEGmMoqy5hMWN96SMJ4vDW60ceB2tbWnD4hTc5AyC8pTkyHOBaqWb6JL6hnsp*AUzrZ12pm1YDDxIItihM4ViKUMDPyc0GgQxKAqPoBNTbhGR*RucAwjG11pD2fgK*KIj4x!wcuKhA61TD5qYSbRQ8OetNDaBi2qtSxdGMuSc41AqEiFRredEqBXcnyGBJNmYR1krT7R*89bOIUT*zrlXrJxPpP4jWkPiOM6F9O3TjEwFauZsjoenxuksA!nBe1vLV5saz4MpHr3FxwHaewKLX8DaIWg2z1PO!H |
|
.login.live.com/ | Name: MSPOK Value: $uuid-db3303f1-afd0-4492-bebd-80f8f5e32752 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.ca
adservice.google.com
amcdn.msftauth.net
az725175.vo.msecnd.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c1.microsoft.com
dpm.demdex.net
login.live.com
modernb.akamai.odsp.cdn.office.net
onedrive.live.com
res-1.cdn.office.net
shellprod.msocdn.com
skyapi.onedrive.live.com
static2.sharepointonline.com
storage.live.com
web.vortex.data.microsoft.com
104.127.184.80
13.107.42.13
142.251.40.134
152.199.4.33
157.55.109.232
20.110.81.91
20.42.73.26
20.50.73.9
23.96.225.71
2600:141b:13::17d7:82a8
2600:141b:f000:c089::753
2600:141b:f000:c0a7::38f3
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2620:1ec:46::40
2620:1ec:c11::200
35.166.150.193
40.126.24.148
036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88
082618bc6e7278be2ab236eea950a3a643d9d8180e32baa8d4f64c217850ceaf
0a15acfbc66a7cd42b56dd4dbfcaef1ec7fb60d52772579368245ace30fb3f91
1222b6bbc0da8630a0c26163691c378a4c15ef1ea76d04dc23a731900c1cdf8a
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
265c9dae13477f070181272e87af3d98707c7ee1c1920a0d839111c4f753aadb
280540f34e2374751b6610c6c6dbd8f4a378bc29828c5902d1a126131d552418
2878108a8b0ffd1f8a9fa29269d42469cae1938cc8a52c56ce9739e7bdb24c11
4b49adc998183270d0435ac1cfb4aef96c2c836f9e7ac7a5425cdcf5672bb144
58f1fbe6d6968e40792927b867df8b776b6e5a12f1ecd8ebaa9844691758cc6e
59d5f7253a6ab855da1b602808970e41a6df2193be6ff911d3d7d552a7fefdb7
5a2265cfd9500daf107c9ff97f5ae202776a88343eb39ed4f9e88b8b524ce5a5
5aa8b654dae0db593148bc4beea71adfe4f42166e864fb2a9687ed2e8ea67a34
66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b
6a72f33c252aa634cdfb2cea3f1eb0834ce5e02f31ac1c9900086dd2e8007b2c
6d32170cc0e64958fda38c59de3daa84d23d7bd6353cd9ec806350561f16d323
6d9424ac8d77d7a52ac2a6268ef0c6b958c20c14955afbe6d4f42dcd5f308e5e
7265b576f2160082db77fd0dd0ec5972d694ee095fa52aff3d62a2f59d550483
7c77ed4e9a071fc288d37ff966018fd4cac483f0636c42121d02076091a7b21b
80f008ea8c90c156739709864ee2b905d96d95dae3c15a3df1acfc6ad3520755
82023925d7ec87955c48a844db2f6441a4e139e91ed388a364bb4feaca73c0e5
82f6f4a3d7cfb9114f9a9a11f9a623595671d83fa5232d50b7551e9f0d8bde1b
851ae27659ff1778cbc500fffb6058946ed9091802ef72e9151a0a6a231e4da3
8af80f76d9bc96f5d4695cba1ac88098ecf89a30628337a215b472f9229c300a
8d8a88af2e72a4b2a2b97dc5708671753ccb7e131c9297084a500a0a213c8174
91ee252566e692e031b27a9c64b8866b8dc26a4d093f21c007ebb45fbfc7d62c
942e04ab08be2bb0d820588739e68b6e947deb9a0cc9da2b48ab4388cf048526
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a64c012ce670547375f27bfb32c205ebdd9e2b187d9783f7349718a347d803c
9f87207e252f29bb83d41ed6677564687be92f2b169b14d64b198a61e23c19c4
a73dd69da0b07271d2f745d7658f832d2bbe07c67577248d53013574dfe4fd35
ab8c296cd46f50b60d7ac0aa3ac23fdad852c46ee938a948fb0874ee31049b99
ac3013f3a4a3bb138f560b70f3a4c8b9248cd9a342a04a721c0180e583507a5b
ad6b2f45c1246a9ab08273281093a247bc571c1370c4144a2508edfbfd74e54e
aee882cb6c774630b74e700f660274995b9307b0f1f18a89236041b6d53d7ef2
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b25c4ba730dd61f23a4321cc92fb0a3a32d33af51e784394984532da078e3735
bdd7d088f9d04629047e9e19d32c6f459b08bd3f05a8632c754c1da04fc316fa
c1a3bef90fe224d9ff4341b2ba4eaecaa065009523e33d9ce5f6655bba67d9ca
c25c66399ca8e1fc1f14288dd4e23b7f2f829be54be29afe75937577277edd06
c4d4e049231608807ed7ab4f86ab620bfb59a2cf5c903f695ed79199d3d3e26b
cb941d10f21c943f643d0ed9df51ff891577be5f263c7f0ca9f2d1d05a6af5c2
ce449d0295fd80330414f078cacbff5373da499f8a5523b93385e0b9ccf34243
dbff536f3d00dc1a22096d16a480143895a361f8101e842229d257dbe6d8d74c
e0a6dd8b0e1d82cf89f0123bd2a747e5fee6170264e905b408ec2fcb5f91baab
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a8f98bdf831bbdca0057cd9f046e6454c85478bde2202a8faee6bdbf7b683
e93a81a6dd48201c6fbdab4b575fd3a491e1b713ab4fddd50c80f60dba3e8539
ee6cb80fe16e6843bfd423056f4c2e8d28d9a3454b35f421825b60d5120f03e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef62b699dcfcd0cb36c9a138e714c386f0be6adb4459d2c8c57e844bb15f69cb
f8489e19a96cc106ceba4c5b0e4f7ac60d1234e04d66fb35bc4875bb8e4680e9
f9a8adfc567a5e612d9665fe185827bfe17c9cc2b5a68dabd7fc6f047d6df4ee
fe0ed4a198beec997fac438662d77b5588a01b9453730815e3ad0ae9f7f2f13f