urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-verify.dev-ely-delva.workers.dev Open in urlscan Pro
2606:4700:3031::ac43:a019  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://microsoft-verify.dev-ely-delva.workers.dev/
Effective URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Submission: On February 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::ac43:a019, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoft-verify.dev-ely-delva.workers.dev.
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.
This is the only time microsoft-verify.dev-ely-delva.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:303... 13335 (CLOUDFLAR...)
3 104.16.169.131 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 104.16.168.131 13335 (CLOUDFLAR...)
27 6
13    2606:4700:3031::ac43:a019 (United States)

ASN13335 (CLOUDFLARENET, US)
microsoft-verify.dev-ely-delva.workers.dev
3    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
hcaptcha.com
Apex Domain
Subdomains		 Transfer
13 workers.dev
microsoft-verify.dev-ely-delva.workers.dev
143 KB
8 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 24175
newassets.hcaptcha.com — Cisco Umbrella Rank: 10830
hcaptcha.com — Cisco Umbrella Rank: 7981
484 KB
4 gstatic.com
fonts.gstatic.com
57 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
27 4
Domain Requested by
13 microsoft-verify.dev-ely-delva.workers.dev microsoft-verify.dev-ely-delva.workers.dev
5 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
4 fonts.gstatic.com fonts.googleapis.com
2 hcaptcha.com newassets.hcaptcha.com
2 fonts.googleapis.com microsoft-verify.dev-ely-delva.workers.dev
1 js.hcaptcha.com microsoft-verify.dev-ely-delva.workers.dev
27 6

This site contains no links.

Subject Issuer Validity Valid
*.dev-ely-delva.workers.dev
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://microsoft-verify.dev-ely-delva.workers.dev/
Frame ID: 70B54CBBC1F0619F96C1A1A5484DB04A
Requests: 20 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Frame ID: 33D3796D0F7142DEBFEC80A1A7C46570
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Frame ID: C4B716179C274B5488057E6D8FEE31F2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Astro Client | Login

Page URL History Show full URLs

  1. http://microsoft-verify.dev-ely-delva.workers.dev/ HTTP 307
    https://microsoft-verify.dev-ely-delva.workers.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

685 kB
Transfer

2055 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://microsoft-verify.dev-ely-delva.workers.dev/ HTTP 307
    https://microsoft-verify.dev-ely-delva.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-verify.dev-ely-delva.workers.dev/
Redirect Chain
  • http://microsoft-verify.dev-ely-delva.workers.dev/
  • https://microsoft-verify.dev-ely-delva.workers.dev/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3713678131f8f248f9970269d7e4ba76d3301af460d504875974e39fd72c27ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-type
text/html; charset=utf-8
cf-ray
6dddb12beb893759-MXP
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1PahsC%2BgUq%2BTk%2FsdZiMsuHZ6VCCpsRt85nEP3odcEdt9v1WgQVkPKKo4pyDKV23p%2BWhD8d8Z9U498RBqmAR3qFfuBj3R%2BnPWCAz5STHCptdApYSPfuc68QXKgk5twKZlrBkIlNOoHSKShq4%2F%2Fu9vVIXUXIiElnSpv0E%2F6cU48x7rGzmNXTH8Vk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location
https://microsoft-verify.dev-ely-delva.workers.dev/
Non-Authoritative-Reason
HSTS
bootstrap.min.css
microsoft-verify.dev-ely-delva.workers.dev/css/vendor/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/css/vendor/bootstrap.min.css
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:54 GMT
server
cloudflare
etag
W/"26f1b-17dddf5cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8xaoPRlZLw1EDcMmUGoMTz92hzttGj9%2BccBuBMjdG42eUcVyV80fN7%2FJNR9kH0bF485DqUrfNLDFx%2FmiOi88hoFtCVqihujF2LDXjfIot8VbSYXD5pMDaza1XTpqNitTPbJ%2BJAjeVf4E9z6W2YM5bOgvZ%2FFXQaQeOug0e2dGKCWW%2BAynF6VR6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb12dbf923759-MXP
styles.min.css
microsoft-verify.dev-ely-delva.workers.dev/css/ 		241 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:54 GMT
server
cloudflare
etag
W/"3c456-17dddf5cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THNcqobyBAf1SsL1PJc3hNScfwuI8BaviEiIJxf2YTg0N5wl01S3jEGLxM1ZG7td1di9SOKKjgpOaDJrkhohkcaFcaxp5xyhULigs1Zz44zlhwkAJcSvOUY7d87F7H3%2FZOMWWbGxErbhvHh1m8nKsEDlyhWGjOZlOyC26ed%2BNXeicnzI9NnQWSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb12dbf963759-MXP
rocket.png
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/rocket.png
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9328
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"2470-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPH5zxHmLD8zqIvMhL%2FKBhgLRv49y%2F%2FAisQdHIKKaVSeUxdAeeegMil7%2BleV23Ll0KvgIcs1XQt0rSJye5nF0BghAZ1KHNh6N64cgIDUMC3cWYNXzfNyqANn1vcBMnn2ad6NdFU%2BF4jXgTvvsX%2BGrabUwiaY8LRpMj3oj49a6Z1MO4EGZFtfD7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dddb12dbf983759-MXP
rocket-loader.min.js
microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Feb 2022 20:14:10 GMT
server
cloudflare
etag
W/"6206c392-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfRA5B9xJFTukdC4qFN7rROuLT0TdCBSFHxBWzii49RyIfN4Cp1SHCkWOvnxEoSGYgSsdJ5qOwK1aLq%2FCMoWBPrVcX6mTYL9zH8b8Z3qYj%2FbZuI8TIYrg12Cc%2BXNNhpcDqUd9CSYEnzXjShYRWRoNZX0KZZxZD5%2FD0u%2Be0VgO162noO2sWzaYv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dddb12dbf993759-MXP
vary
Accept-Encoding
expires
Thu, 17 Feb 2022 10:00:57 GMT
api.js
js.hcaptcha.com/1/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
W/"3db78dddb0e62e1c5a4e475fcf6ccf9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
FRA56-P4
cf-ray
6dddb12e69a69130-FRA
x-amz-cf-id
Z8cSbe75VIMXQ1H4yxH_YVVljfF6pAXjNVmZ88Gr0Czjx9reCOtaXA==
jquery-3.6.0.min.js
microsoft-verify.dev-ely-delva.workers.dev/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/jquery-3.6.0.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"15d9d-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQ6C7DuqWWGDrOBkXlhAX2b%2FaW65PAzWHbg9g0D2FkTP%2BNBF9RKTzz2MGkG1Q49RKza%2ByYqW%2FTAfK1YSGNRxliCUzy%2BTUGAN8tzvxRYs9gzVTGNcc7qlP0NTc2Q7FSKktskT4fb%2FJEm4aE1wKnKHrPGsu57ZcXF9vbJeGz1jC1fyWYABCreKvo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb12e080a3743-MXP
svg-loader.js
microsoft-verify.dev-ely-delva.workers.dev/js/utils/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/utils/svg-loader.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b90ecd50e870eacf729fd6568698aec69e29cc2eacf0cc516748a5afcb834b35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"e96f-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBWu8UbHaUcpvItU5fv30wPNQg%2FQEGcie%2FehF%2B9F47uCUrOXkohJwgalPESYZuDAZFEotKn3wZUxWzCG4BN%2B6qRMIXPSbtFbQw0lTLM2DUkXseLHmrkQFvBnvsELwjyCxkd4X3uaSmI1AviaHYQiMZQ7U%2FrpDmMWSS0SbJvl9FxStbC%2FmAnKgIw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=59759
cf-ray
6dddb12e28583743-MXP
cf-bgj
minify
landing.tabs.js
microsoft-verify.dev-ely-delva.workers.dev/js/landing/ 		242 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/landing/landing.tabs.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
250bd44879f26738fcc4ef59fa613c27020d8fd511c13ec54bf1c5557e003894

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"11e-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMn0BBlyvK7ia6hiRnzWuvDosb5wHxUJ%2B1dynH0thXd2BIje6yxsWCLeilb4AfziEFUjhtOJ63Gx1Ji%2BQ%2ByMLCpZwsM0P8Z9xZfpYQ6TjIA%2BQL6QzwW6llZ69wFymrucvc%2BaP9B3%2FU%2BNnLhV9VWa%2BJa3UoTioRT9H0%2FFAX1hCuHZTn4fxvtnshA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=286
cf-ray
6dddb12e285b3743-MXP
cf-bgj
minify
form.utils.js
microsoft-verify.dev-ely-delva.workers.dev/js/form/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/form/form.utils.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fc135dfe0c35466d0e02984d73ab7f840d5a85ad0eccdfed227432666f531a82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"121a-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMQvTy6%2F7w70CANSmoyOTrDJ48Dnft83xhbsPCLIaFpnEXZT9zzJlc%2B7R8HDrhSB%2B5ONHC6pLWKJkl%2Fd9ny0paUNV8pUysyPQbzCPZPkHwCzTMyVLjmdqfLVqecGxAkPh8E2S9L4j%2FHz0MKPRDhcA1CzVxnskR2aalt7Zf1D43%2Fk02%2FNtb8eC2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=4634
cf-ray
6dddb12e288b3743-MXP
cf-bgj
minify
xm_plugins.min.js
microsoft-verify.dev-ely-delva.workers.dev/js/vendor/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/vendor/xm_plugins.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"b62b-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpyy6vVhdQHkMAt1NHKxBT%2Ba5MPFeMrcM%2FPFyYflBaIYKbApWkZyzsdBwa9g88y99pf3k3Rhr%2FhvuuzzUkr%2BAZH3pwsIkTy93J7fe2z3neS6OYcz1BvR%2FEXWJAPQR4A7Um8kjEZxzRQLG%2FvSQUsPOTBZLcBbpFyPkSbDAkTQ5MIuhk0%2FQybRaH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb12e288d3743-MXP
app.js
microsoft-verify.dev-ely-delva.workers.dev/js/utils/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/utils/app.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fd02a1115bdf257c412a376bdfec5e879dd0fa30a6f845b8aeb6cdb3a2ac7e90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"14a5-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fih%2B1iOQ7P1A5HvcK9a8sxUheGHbnOo%2BEGggpcPDtXMqCYKsRxxdaO4yIB0nlLtxdzNTfJMAk%2BmQuYRNwlnTYqSFpDHnSs5y8e3RnJxICQTuT3KJFoGB8HWOIhWGFEcOilboSHpWX461Hr%2B%2Fjs7mpAJh2k%2B05z9LC2eH5HFDJHZRhWlFaxIb87M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=5285
cf-ray
6dddb12e288e3743-MXP
cf-bgj
minify
css
fonts.googleapis.com/ 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 10:00:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 10:00:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 10:00:57 GMT
css
fonts.googleapis.com/ 		4 KB
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 09:50:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 10:00:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 10:00:57 GMT
landing-background.jpg
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		173 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/landing-background.jpg
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
953130555e0724070d3cc0654d30bc64a00fada3831d9b0626386907cad9c438
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPjCqNsMKsAf0yOneuAOJVVdOaZL7UbfPkJfuUmW91DhxQcRV%2B0WKFTVpmGBB4UthPTHuKiTSeqf%2FK0wDykWuNAqL5NtZy5hLGITNOfdQvbETNShcWZXMCDfBMYVrvwpmMtmJ5H7MA2%2F%2Fe%2Bvw%2BK5ueEWoAomeRcYTvdshWrE7EqyO%2BRwMyI4VO8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
content-security-policy
default-src 'none'
cf-ray
6dddb12efa863743-MXP
dot-texture.png
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/dot-texture.png
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2830
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"b0e-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOzfdLx7P%2F20a%2FS46d2vi%2BplzTQZ6bBvW2nzksdclwDbjfAsRS9OyM55nlUiQHhw1elL1VtM79VQKqoDLgeXmi5ych5lq0eQl9oOZga%2Bjtd4KLESwJj9b%2FYktsaVUPF3zb62rjjQcJodbyfR3LPdDwgq10WFyX%2F%2BAbDXlhNTKypLJkSH66dNSvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dddb12efa8a3743-MXP
LDI2apCSOBg7S-QT7pb0EPOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pb0EPOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:02:12 GMT
x-content-type-options
nosniff
age
482325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15084
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 20:02:12 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:47:37 GMT
x-content-type-options
nosniff
age
483200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10444
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:03:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:47:37 GMT
LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pa8FvOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:02:11 GMT
x-content-type-options
nosniff
age
482326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:00:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 20:02:11 GMT
LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:55:26 GMT
x-content-type-options
nosniff
age
482731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:55:26 GMT
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame 33D3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-type
text/html
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 d04699b52d8873377c4b5f4e7dcf7068.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
rqb9xYAB56X9KHOJXUyJzzSIiwjKGzkPgvPNXgxjgbMMx_IaJpF0ug==
age
7575
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb1300da09130-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame C4B7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-type
text/html
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
5h9u2wbWQ88jaOs6E_W60UY_DxdeS_dWohSpc-H2nKQMLaC8ljWwow==
age
7575
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb1300d9d9130-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame C4B7 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7571
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47886
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
"b88aa12fdb3081df3c3188598478f007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
cf-ray
6dddb130b961918f-FRA
x-amz-cf-id
fWzD4D8HZdNml-7RP6X4_z1xZVeNn2aD6YW752vb8XKtN6MV_KfHJA==
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame 33D3 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7571
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60785
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
"3f5cf3f58a9b58a4506ae9dd004186ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
cf-ray
6dddb130b95e918f-FRA
x-amz-cf-id
jF9RJwSh2NxMWcbrkRXz0oXW9OIr8trZRVcB3vLY_nFVwm6KgTmUtg==
truncated
/ Frame C4B7 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame C4B7 		508 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209d11c81189e9c3a7ecaa8750733cecaba0ab5daeb45b9d42ccab3a88beeec1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 15 Feb 2022 10:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6dddb13379d7918f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Feb 2022 10:00:58 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb1332d1b906a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/919a3f58/ Frame 33D3 		919 KB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/919a3f58/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:58 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
62016
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 16:35:39 GMT
server
cloudflare
etag
W/"777d618166357c7ea8c00b987c3ad278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-C1
cf-ray
6dddb1340c19918f-FRA
x-amz-cf-id
v9fNxBiI2in0zHlr8vIu0czdcg-AquQv9rJet8zccp-wqa1Wt6sprw==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| __cfQR function| _typeof function| XM_Accordion function| XM_Dropdown function| XM_Hexagon function| XM_Popup function| XM_ProgressBar function| XM_Tab function| XM_Tooltip function| $ function| jQuery function| submitForm boolean| __cfRLUnblockHandlers object| hcaptcha object| grecaptcha

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/landing-background.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
js.hcaptcha.com
microsoft-verify.dev-ely-delva.workers.dev
newassets.hcaptcha.com
104.16.168.131
104.16.169.131
2606:4700:3031::ac43:a019
2a00:1450:4001:802::200a
2a00:1450:4001:812::2003
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
209d11c81189e9c3a7ecaa8750733cecaba0ab5daeb45b9d42ccab3a88beeec1
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
250bd44879f26738fcc4ef59fa613c27020d8fd511c13ec54bf1c5557e003894
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3713678131f8f248f9970269d7e4ba76d3301af460d504875974e39fd72c27ed
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
953130555e0724070d3cc0654d30bc64a00fada3831d9b0626386907cad9c438
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
b90ecd50e870eacf729fd6568698aec69e29cc2eacf0cc516748a5afcb834b35
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
fc135dfe0c35466d0e02984d73ab7f840d5a85ad0eccdfed227432666f531a82
fd02a1115bdf257c412a376bdfec5e879dd0fa30a6f845b8aeb6cdb3a2ac7e90
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e