urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
40.126.32.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://expense.microsoft.com/
Effective URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f3...
Submission Tags: @phishunt_io
Submission: On January 13 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 40.126.32.67, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 21.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 52.173.184.147 8075 (MICROSOFT...)
4 96.16.158.214 16625 (AKAMAI-AS)
1 52.239.160.170 8075 (MICROSOFT...)
5 10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:2800:133... 15133 (EDGECAST)
4 40.126.32.67 8075 (MICROSOFT...)
1 13.69.106.88 8075 (MICROSOFT...)
8 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 20.190.160.12 8075 (MICROSOFT...)
2 152.199.23.72 15133 (EDGECAST)
34 11
4    52.173.184.147 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
expense.microsoft.com
4    96.16.158.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-158-214.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
1    52.239.160.170 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onefinancebot.blob.core.windows.net
10    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
spoppe-b.azureedge.net
4    40.126.32.67 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
8    2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.160.12 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    152.199.23.72 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
Apex Domain
Subdomains		 Transfer
10 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
68 KB
8 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1148
321 KB
4 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 21
31 KB
4 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2340
212 KB
4 microsoft.com
expense.microsoft.com
2 MB
3 azureedge.net
spoppe-b.azureedge.net — Cisco Umbrella Rank: 2108
39 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3365
170 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 77
1 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 755 Failed
1 windows.net
onefinancebot.blob.core.windows.net
6 KB
34 10
Domain Requested by
10 unpkg.com 5 redirects expense.microsoft.com
8 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
4 login.microsoftonline.com expense.microsoft.com
aadcdn.msauth.net
4 static2.sharepointonline.com expense.microsoft.com
static2.sharepointonline.com
4 expense.microsoft.com expense.microsoft.com
3 spoppe-b.azureedge.net expense.microsoft.com
2 aadcdn.msauthimages.net
1 login.live.com login.microsoftonline.com
1 dc.services.visualstudio.com expense.microsoft.com
1 onefinancebot.blob.core.windows.net expense.microsoft.com
34 10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
expense.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-13 -
2023-07-13		 6 months crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-12-19 -
2023-12-19		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-11-23 -
2023-11-23		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 02		 2022-11-21 -
2023-11-16		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-08-23 -
2023-08-23		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-01-02 -
2024-01-02		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: DFBA3EC54EA39346EBA6D60FE1F9BDB6
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://expense.microsoft.com/ Page URL
  2. https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e... Page URL
  3. https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e... Page URL

Page Statistics

34
Requests

82 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

2441 kB
Transfer

6634 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://expense.microsoft.com/ Page URL
  2. https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
  3. https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
Request Chain 4
  • https://unpkg.com/react-is@16/umd/react-is.production.min.js HTTP 302
  • https://unpkg.com/react-is@16.13.1/umd/react-is.production.min.js
Request Chain 5
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Request Chain 6
  • https://unpkg.com/react-router-dom@5/umd/react-router-dom.min.js HTTP 302
  • https://unpkg.com/react-router-dom@5.3.4/umd/react-router-dom.min.js
Request Chain 7
  • https://unpkg.com/styled-components@5/dist/styled-components.min.js HTTP 302
  • https://unpkg.com/styled-components@5.3.6/dist/styled-components.min.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
expense.microsoft.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://expense.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.184.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e9563ccb523383f3026cdf6adbeb844c9d2b28847cbacddfbb198c2c9f22d53e
Security Headers
Name Value
Content-Security-Policy default-src self
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
657
Content-Security-Policy
default-src self
Content-Type
text/html
Date
Fri, 13 Jan 2023 15:51:51 GMT
ETag
"083f285f24d91:0"
Last-Modified
Wed, 30 Nov 2022 19:32:46 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
fabric.min.css
static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/ 		270 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.158.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-158-214.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0a4a2aef0de563eabeb4c13b672b2865b285dc2e878411e8f24c6b339ab4310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
unused62
8096267
content-encoding
gzip
date
Fri, 13 Jan 2023 15:51:51 GMT
content-length
28208
x-ms-lease-status
unlocked
last-modified
Mon, 22 Jun 2020 16:27:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C930E67096
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
565bb054-701e-003d-23bd-04a8f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=20844019
x-ms-version
2009-09-19
onefinancebot.js
onefinancebot.blob.core.windows.net/onefinancestore/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onefinancebot.blob.core.windows.net/onefinancestore/onefinancebot.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.160.170 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
61c2692a39b04e3600ea96cfb54249d4cc0bfd9baf45b03f41412a1fe5f632e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 13 Jan 2023 15:51:51 GMT
Last-Modified
Fri, 17 Jun 2022 12:42:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
sJJz0pndWX0VZCxyv1hiVQ==
ETag
0x8DA505EE27E611C
Content-Type
application/octet-stream
x-ms-request-id
0a23a522-e01e-0023-5266-278bc3000000
x-ms-version
2009-09-19
Content-Length
5893
react.production.min.js
unpkg.com/react@16.14.0/umd/
Redirect Chain
  • https://unpkg.com/react@16/umd/react.production.min.js
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.14.0/umd/react.production.min.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
27875127
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FWQ5FPE6CS1XRDTGV5GKRVAD-fra
server
cloudflare
etag
W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788f4bb55a22696a-FRA

Redirect headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GPNX7FPZ8PTW7QQ3S3R40VX2-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
52
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react@16.14.0/umd/react.production.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
788f4bb50969696a-FRA
react-is.production.min.js
unpkg.com/react-is@16.13.1/umd/
Redirect Chain
  • https://unpkg.com/react-is@16/umd/react-is.production.min.js
  • https://unpkg.com/react-is@16.13.1/umd/react-is.production.min.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-is@16.13.1/umd/react-is.production.min.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092e3b681fad365a891751ed760b1807cadcb99ed8c4019142b87c2180a33233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
27874652
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FWQ5Y68BNYDNFRW5QQ7F3CF2-fra
server
cloudflare
etag
W/"a0f-7uei9ew/OGum285f6Q6gz2i8l2E"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788f4bb55a1b696a-FRA

Redirect headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GPNX6M43CVSWZM9WJG27A4QT-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
81
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-is@16.13.1/umd/react-is.production.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
788f4bb5096f696a-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.14.0/umd/
Redirect Chain
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
116 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
30527837
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83ND6SD9RRG5C1FW9YVQZ3
server
cloudflare
etag
W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788f4bb55a17696a-FRA

Redirect headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GPNWTSFR736144J6R4H73XMH-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
468
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-dom@16.14.0/umd/react-dom.production.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
788f4bb50970696a-FRA
react-router-dom.min.js
unpkg.com/react-router-dom@5.3.4/umd/
Redirect Chain
  • https://unpkg.com/react-router-dom@5/umd/react-router-dom.min.js
  • https://unpkg.com/react-router-dom@5.3.4/umd/react-router-dom.min.js
30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-router-dom@5.3.4/umd/react-router-dom.min.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8891800b94309dd1667cf8cc8457b0b25dbbe774eeb1c0c5c18f96a48d2e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2485136
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GMBV8R3VV1AM5AWHQJ5S6SBV-fra
server
cloudflare
etag
W/"76c1-xsk/FFwNWgNsBZq9VjY/hwjE9xs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788f4bb56a46696a-FRA

Redirect headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GPNX6M49V6Y2VQH9DJARM44B-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
81
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-router-dom@5.3.4/umd/react-router-dom.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
788f4bb50971696a-FRA
styled-components.min.js
unpkg.com/styled-components@5.3.6/dist/
Redirect Chain
  • https://unpkg.com/styled-components@5/dist/styled-components.min.js
  • https://unpkg.com/styled-components@5.3.6/dist/styled-components.min.js
33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/styled-components@5.3.6/dist/styled-components.min.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b964a4f1eece5fbd2c1e1ae87e87536acf9aa6adcf39fcbf33c02e503efaf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1705579
last-modified
Tue, 27 Sep 2022 18:17:55 GMT
fly-request-id
01GN32PXWY30RS1MTB56K6Z417-fra
server
cloudflare
etag
W/"830e-+sKFllC80J1+ZbKE5iFONFJEJcw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
788f4bb56a43696a-FRA

Redirect headers

date
Fri, 13 Jan 2023 15:51:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GPNX6M3ZMK65M6F6ES8TV9PQ-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
81
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/styled-components@5.3.6/dist/styled-components.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
788f4bb50972696a-FRA
app.js
expense.microsoft.com/bundles/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://expense.microsoft.com/bundles/app.js
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.184.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e4f6594b6c1ab97935819ad394b82115e3f1a509135f3c6fb82342f0ad5afbe9
Security Headers
Name Value
Content-Security-Policy default-src ‘self’
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 15:51:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 30 Nov 2022 19:32:46 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src ‘self’
ETag
"083f285f24d91:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
fabricmdl2icons-2.68.woff2
static2.sharepointonline.com/files/fabric/assets/icons/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/icons/fabricmdl2icons-2.68.woff2
Requested by
Host: static2.sharepointonline.com
URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.158.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-158-214.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
81bd9c6953694abf461e6f47173b09535424d58f3764515d2d1a9f409594559a

Request headers

Referer
https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Origin
https://expense.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:55 GMT
last-modified
Fri, 11 May 2018 22:37:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
DKIKl/aIxVCwcxzAlDbLZA==
etag
0x8D5B78FBE13CF53
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
edb58100-801e-000f-1209-68f041000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=18865961
x-ms-version
2009-09-19
content-length
118232
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: static2.sharepointonline.com
URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.158.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-158-214.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Origin
https://expense.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
unused62
8096267
date
Fri, 13 Jan 2023 15:51:55 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
6314dbd6-e01e-0044-7879-430c12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=19140436
x-ms-version
2009-09-19
content-length
36344
ExpenseDashboardIcon.svg
expense.microsoft.com/navIcons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://expense.microsoft.com/navIcons/ExpenseDashboardIcon.svg
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.184.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
387bb3c05dff7b01556f5d569164d91f745b255eb6081b6617235c6bd2c671a1
Security Headers
Name Value
Content-Security-Policy default-src ‘self’
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 15:51:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src ‘self’
Last-Modified
Wed, 30 Nov 2022 19:32:46 GMT
Server
Microsoft-IIS/10.0
ETag
"083f285f24d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
1563
X-XSS-Protection
1; mode=block
TrainingIcon.svg
expense.microsoft.com/navIcons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://expense.microsoft.com/navIcons/TrainingIcon.svg
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.184.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ee2813ae5b0b7c593bfd767e8535669374dada6f28bc1c132545211e9d9378b7
Security Headers
Name Value
Content-Security-Policy default-src ‘self’
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 15:51:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src ‘self’
Last-Modified
Wed, 30 Nov 2022 19:32:46 GMT
Server
Microsoft-IIS/10.0
ETag
"083f285f24d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
1862
X-XSS-Protection
1; mode=block
fabric-icons-8-6fdf1528.woff
spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/fabric-icons-8-6fdf1528.woff
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFB) /
Resource Hash

Request headers

Referer
https://expense.microsoft.com/
Origin
https://expense.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:56 GMT
content-md5
fmat7OwkqCSGZSMidpba+Q==
age
10427825
x-cache
HIT
content-length
13184
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 19:15:05 GMT
server
ECAcc (frc/4CFB)
etag
0x8D8F9F9735C2133
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
b646e77e-301e-00d9-788f-c84322000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
fabric-icons-1-4d521695.woff
spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/fabric-icons-1-4d521695.woff
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C89) /
Resource Hash

Request headers

Referer
https://expense.microsoft.com/
Origin
https://expense.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:56 GMT
content-md5
u6ddQql7LLpFuSR2sFUG5Q==
age
10427901
x-cache
HIT
content-length
13096
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 19:14:54 GMT
server
ECAcc (frc/4C89)
etag
0x8D8F9F96CCCD336
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
c6338432-001e-00c2-498f-c87d21000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
fabric-icons-0-467ee27f.woff
spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/fabric-icons-0-467ee27f.woff
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC0) /
Resource Hash

Request headers

Referer
https://expense.microsoft.com/
Origin
https://expense.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:56 GMT
content-md5
h9qXbxRr/1qDgTw/GXHZ6g==
age
10427899
x-cache
HIT
content-length
12772
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 19:15:03 GMT
server
ECAcc (frc/4CC0)
etag
0x8D8F9F9727CFC68
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
c634bb94-b01e-001c-738f-c869c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by
Host: static2.sharepointonline.com
URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.158.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-158-214.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer
https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/10.0.0/css/fabric.min.css
Origin
https://expense.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:55 GMT
last-modified
Thu, 26 Oct 2017 19:02:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
ZtEeVbekE932qE6Fhpfntg==
etag
0x8D51CA4122953A7
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
8ac97894-201e-0064-4c79-4377b5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=19228667
x-ms-version
2009-09-19
content-length
31824
instance
login.microsoftonline.com/common/discovery/ 		980 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/bundles/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 13 Jan 2023 15:51:55 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
a4fc0d68-2edc-48bc-83de-27428b1e1a00
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
Content-Length
980
x-ms-ests-server
2.1.14526.2 - NEULR2 ProdSlices
X-XSS-Protection
0
openid-configuration
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0/.well-known/openid-configuration
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/bundles/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://expense.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 13 Jan 2023 15:51:55 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
80be1daf-76a8-4e01-8a1a-ea3498da1a00
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
Content-Length
1753
x-ms-ests-server
2.1.14526.2 - NEULR2 ProdSlices
X-XSS-Protection
0
track
dc.services.visualstudio.com/v2/ 		0
0
authorize
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/ 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: expense.microsoft.com
URL: https://expense.microsoft.com/bundles/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://expense.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8686
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Jan 2023 15:51:56 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14526.2 - NEULR1 ProdSlices
x-ms-request-id
51244d1c-a9ce-47e0-8fe1-075b953a1a00
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://expense.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 13 Jan 2023 15:51:56 GMT
x-content-type-options
nosniff
BssoInterrupt_Core_xnQcWjIeYG6AvCxe_oDqYQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_xnQcWjIeYG6AvCxe_oDqYQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:56 GMT
content-encoding
gzip
x-azure-ref-originshield
0bSLBYwAAAAArs1uQDPdJTYV5vnW1L5kKRlJBMjMxMDUwNDE4MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
6AsZOM45wEiaRILCpiusGg==
x-cache
TCP_HIT
content-length
47854
x-ms-lease-status
unlocked
last-modified
Wed, 07 Dec 2022 05:02:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD81045DBD10D
x-azure-ref
0HH7BYwAAAAB72qckXvBqTohIkjHMem9YRlJBMzFFREdFMDkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
89f103cd-f01e-0014-6f2c-182b59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Primary Request authorize
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/ 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_xnQcWjIeYG6AvCxe_oDqYQ2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a49d21a78d7a595440162885ee3c59df826cc12651cf0135dba543601b2b1c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14741
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Jan 2023 15:51:56 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14526.2 - WEULR1 ProdSlices
x-ms-request-id
b2af3255-721e-4b4f-a192-224a94201d00
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0nTzAYwAAAACuLEvFWJCFSK+sTjhhLy3SRlJBMjMxMDUwNDE4MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0HX7BYwAAAABg8EeL3o2XSqSXbw+NDp/7RlJBMzFFREdFMDkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
64905f0f-c01e-000f-4803-1dbe6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		393 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0vi7BYwAAAABzD63R/h9PSo0TTQ8s/9weRlJBMjMxMDUwNDE4MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
2lcEQ5vglpXqxT8YZRDC3A==
x-cache
TCP_HIT
content-length
112847
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 22:42:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADFB6BF0B914F
x-azure-ref
0HX7BYwAAAAD1nMmnPBZlQLD3jtO6YfzRRlJBMzFFREdFMDkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7735b603-601e-0029-2ff4-18d553000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7acd1c3ed3db95c90f782082388576ee46f177090e4fe2af3efd76cabe000333

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0MCjBYwAAAADELTuQN8tkSJADtHjJHuLTRlJBMjMxMDUwNDE3MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
k7fVZXvzmEOgfmeeNd3Kyw==
x-cache
TCP_HIT
content-length
15207
x-ms-lease-status
unlocked
last-modified
Sat, 17 Dec 2022 08:38:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE00A0321E74C
x-azure-ref
0HX7BYwAAAABm/wv/5a3pS6pxkCNt/z7gRlJBMzFFREdFMDkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3fc6187e-a01e-0061-31f8-265e53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=93a5b7e4-1041-4141-b9be-8f35b56e3db7&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fexpense.microsoft.com&client-request-id=f9068568-935b-4c1f-8f42-b512274a73e9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=ka75TZBr4nYvGFZNKQXSGWpjUa4FF6C27H8aykO7-a8&code_challenge_method=S256&nonce=8e75924d-f3bd-4207-9b49-8e72e61d9960&state=eyJpZCI6Ijc1MWM3ZmRmLWNjNjQtNDAyYS1hNzdkLTQ3MGQ0ZjY5OWE2YSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
oneDs_641b1cf809bdc17b42ab.js
aadcdn.msauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0G+PAYwAAAAAmZToadorZRYMeqkx9oCiORlJBMjMxMDUwNDE4MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Rajh8JKNmzx4FHNJDjlS4A==
x-cache
TCP_HIT
content-length
61054
x-ms-lease-status
unlocked
last-modified
Thu, 27 Oct 2022 14:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB826EBE74413
x-azure-ref
0HX7BYwAAAAA9ZhB7rXG0RKw/MMt3mBAqRlJBMzFFREdFMDMwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f397d1ce-801e-0063-1e63-1a0857000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0jhzAYwAAAABIgS8S+UrjSa2S5uVLpmYnRlJBMjMxMDUwNDE3MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
e/EZAgcGdIaZjab5+bzwzw==
x-cache
TCP_HIT
content-length
32186
x-ms-lease-status
unlocked
last-modified
Wed, 07 Dec 2022 05:02:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD81040AAC077
x-azure-ref
0HX7BYwAAAAAUFEVdK+uoRpe8wjV442zbRlJBMzFFREdFMDMwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dbe4bcbf-f01e-0050-63e4-155440000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=636783560675581343
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF0) /
Resource Hash
160475d84084caad4359d2ac576272d2a69198c7fdde361d0c2148f6e16f074c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:58 GMT
last-modified
Wed, 21 Nov 2018 00:14:28 GMT
server
ECAcc (frc/4CF0)
content-md5
OC3yFV1eu4zCUdwk7omIeQ==
age
4403
etag
0x8D64F464D8B1DE1
x-cache
HIT
content-type
image/*
x-ms-request-id
61411dbb-401e-000b-375c-27982d000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
169698
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFC) /
Resource Hash
dde1acefe23281e3715bdee565cf1fd7064370d4bb751ab92c4add7d42932bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:58 GMT
last-modified
Wed, 21 Nov 2018 00:14:30 GMT
server
ECAcc (frc/4CFC)
content-md5
yfMeh0AMRvn4+1gGAjKMcg==
age
9333
etag
0x8D64F464E9A2738
x-cache
HIT
content-type
image/*
x-ms-request-id
bebd6904-801e-00b7-0951-278f5c000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3666
convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0DfzAYwAAAAARCFwCUFodTZtDuEOtRkcjRlJBMjMxMDUwNDE4MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
x+Nhj00unyDBcQ40kWZ5lw==
x-cache
TCP_HIT
content-length
35786
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:12:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC745B3E8CFA6
x-azure-ref
0Hn7BYwAAAABOlpbQRo2OTLlgMddP578YRlJBMzFFREdFMDMwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d9aff92f-601e-0015-6c80-13005b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Jan 2023 15:51:57 GMT
content-encoding
gzip
x-azure-ref-originshield
0LijBYwAAAADmdshPtGXPTKSleED1CMxGRlJBMjMxMDUwNDE3MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0Hn7BYwAAAAAIkwdgjNGCSoMVXbG4bjy4RlJBMzFFREdFMDMwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
eb32278d-101e-0026-77ac-265c4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dc.services.visualstudio.com
URL
https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f3782014f3739160dbfd boolean| __convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503

14 Cookies

Domain/Path Name / Value
.expense.microsoft.com/ Name: ARRAffinity
Value: 56645a4c0ec0ad0c2f745874f885746642c2e4d21391de90f6be2f42e4829ac8
.expense.microsoft.com/ Name: ARRAffinitySameSite
Value: 56645a4c0ec0ad0c2f745874f885746642c2e4d21391de90f6be2f42e4829ac8
expense.microsoft.com/ Name: ai_user
Value: 5Um50gCP/b9g7F8dIyQtGs|2023-01-13T15:51:55.581Z
expense.microsoft.com/ Name: ai_session
Value: My8p0aUxnuR3Azk6a0RqiK|1673625115744|1673625115744
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ARoAv4j5cvGGr0GRqy180BHbR-S3pZNBEEFBub6PNbVuPbcaAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevryPaABaHiPAeyXUOZOcmpgahmgTi9e7m4BrC5pr7mzt1ZVWKCk75ZLXWhYPGYFsXpXMvVOnjPAqUeJOF8FuWMmYpr13C3ZXsYR1tKUEp7o34gAA
login.microsoftonline.com/ Name: fpc
Value: Agw5GYqVW1tIvH5hYRnCT8dTQ2K3AQAAABx1U9sOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrodI87ToqUZ1UTbLV8_4Z2Bz2oquTp8Swt9NpuxisLs7kM0c1TAqZ3Q3UNfopC_cHEfUuWXdxGaTof_invIYd9ScWvUxaVvd93nVJGZOhkCAXirIKtDYLczDAMAA4nut2uLMFgNiGx6CHlkipMexOU_1VZilstHidSoarhCLwYfUgAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 97fa45e7a494484cb65db2701bc16275
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1673625117&co=1

1 Console Messages

Source Level URL
Text
security error URL: https://expense.microsoft.com/
Message:
The value for the Content-Security-Policy directive 'default-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src self
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
dc.services.visualstudio.com
expense.microsoft.com
login.live.com
login.microsoftonline.com
onefinancebot.blob.core.windows.net
spoppe-b.azureedge.net
static2.sharepointonline.com
unpkg.com
dc.services.visualstudio.com
13.69.106.88
152.199.23.72
20.190.160.12
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6810:7baf
2620:1ec:4f:1::44
40.126.32.67
52.173.184.147
52.239.160.170
96.16.158.214
092e3b681fad365a891751ed760b1807cadcb99ed8c4019142b87c2180a33233
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe
160475d84084caad4359d2ac576272d2a69198c7fdde361d0c2148f6e16f074c
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
387bb3c05dff7b01556f5d569164d91f745b255eb6081b6617235c6bd2c671a1
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
61c2692a39b04e3600ea96cfb54249d4cc0bfd9baf45b03f41412a1fe5f632e2
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2
7acd1c3ed3db95c90f782082388576ee46f177090e4fe2af3efd76cabe000333
81bd9c6953694abf461e6f47173b09535424d58f3764515d2d1a9f409594559a
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141
a0a4a2aef0de563eabeb4c13b672b2865b285dc2e878411e8f24c6b339ab4310
a49d21a78d7a595440162885ee3c59df826cc12651cf0135dba543601b2b1c44
c2b964a4f1eece5fbd2c1e1ae87e87536acf9aa6adcf39fcbf33c02e503efaf8
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490
cc8891800b94309dd1667cf8cc8457b0b25dbbe774eeb1c0c5c18f96a48d2e84
dde1acefe23281e3715bdee565cf1fd7064370d4bb751ab92c4add7d42932bbe
e4f6594b6c1ab97935819ad394b82115e3f1a509135f3c6fb82342f0ad5afbe9
e9563ccb523383f3026cdf6adbeb844c9d2b28847cbacddfbb198c2c9f22d53e
ee2813ae5b0b7c593bfd767e8535669374dada6f28bc1c132545211e9d9378b7