urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-verify.dev-ely-delva.workers.dev Open in urlscan Pro
2606:4700:3031::ac43:a019  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://microsoft-verify.dev-ely-delva.workers.dev/
Effective URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Submission: On February 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::ac43:a019, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoft-verify.dev-ely-delva.workers.dev.
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.
This is the only time microsoft-verify.dev-ely-delva.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:303... 13335 (CLOUDFLAR...)
7 104.16.169.131 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.16.168.131 13335 (CLOUDFLAR...)
27 6
13    2606:4700:3031::ac43:a019 (United States)

ASN13335 (CLOUDFLARENET, US)
microsoft-verify.dev-ely-delva.workers.dev
7    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
Apex Domain
Subdomains		 Transfer
13 workers.dev
microsoft-verify.dev-ely-delva.workers.dev
141 KB
8 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 24175
newassets.hcaptcha.com — Cisco Umbrella Rank: 10830
hcaptcha.com — Cisco Umbrella Rank: 7981
484 KB
4 gstatic.com
fonts.gstatic.com
57 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
27 4
Domain Requested by
13 microsoft-verify.dev-ely-delva.workers.dev microsoft-verify.dev-ely-delva.workers.dev
5 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
4 fonts.gstatic.com fonts.googleapis.com
2 hcaptcha.com newassets.hcaptcha.com
2 fonts.googleapis.com microsoft-verify.dev-ely-delva.workers.dev
1 js.hcaptcha.com microsoft-verify.dev-ely-delva.workers.dev
27 6

This site contains no links.

Subject Issuer Validity Valid
*.dev-ely-delva.workers.dev
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://microsoft-verify.dev-ely-delva.workers.dev/
Frame ID: ABD182A05FAAC16911B72F96B1678186
Requests: 20 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Frame ID: C2FFE7A06E05392CA2941E46EB9EBF30
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Frame ID: E45F225EB9E59F35B95AB43CBC4A3D33
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Astro Client | Login

Page URL History Show full URLs

  1. http://microsoft-verify.dev-ely-delva.workers.dev/ HTTP 307
    https://microsoft-verify.dev-ely-delva.workers.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

683 kB
Transfer

2058 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://microsoft-verify.dev-ely-delva.workers.dev/ HTTP 307
    https://microsoft-verify.dev-ely-delva.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-verify.dev-ely-delva.workers.dev/
Redirect Chain
  • http://microsoft-verify.dev-ely-delva.workers.dev/
  • https://microsoft-verify.dev-ely-delva.workers.dev/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
11a436435a13a2c232e4fd11e22516b991afeef713ac2310a5730870ba7e30c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-type
text/html; charset=utf-8
cf-ray
6dddb0d559cf5a25-MXP
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUbpVbNpVntl301u%2FInEBTVtkE5CKe1hnZ3SN0O3yLXjVjzuNkvmrqTLw05s0slZCjaYOAoU8OV9SLCpdQqg6UkMeP7vgxw4%2Fxht6PMJneFcyjzY1bbnbz%2F%2FUgkiXGe4Vvr%2FR4UTsqBDDUrWcHVYSIWU3EtdzjGnlfC6F8oZm6XRrllRCXdujwI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location
https://microsoft-verify.dev-ely-delva.workers.dev/
Non-Authoritative-Reason
HSTS
bootstrap.min.css
microsoft-verify.dev-ely-delva.workers.dev/css/vendor/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/css/vendor/bootstrap.min.css
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:54 GMT
server
cloudflare
etag
W/"26f1b-17dddf5cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5XQ72e%2Fa%2B5tZnXjgM6JX%2FA32VPgi3ns9zHf7UnMwdiNMl%2BhjAQZ8oGw5fBzmC7U010GMYqgavpZJBuu581RisM8NKI3xXDoKlrlr72i%2FRtT43dOyLr2DOpjoFpwrH2oRzsYEvOOfOxbgJf3uxDsffUtx3HTuvRgZxb8JVLDv4N%2B%2Fe8gJ6QH2Lg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dbdd4a5a25-MXP
styles.min.css
microsoft-verify.dev-ely-delva.workers.dev/css/ 		241 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:54 GMT
server
cloudflare
etag
W/"3c456-17dddf5cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S495gT17lLFWaYAgbghK70H8zcW4eGE1N%2BhShxSkSEECzmpsjbh%2FFuDC4UZkYRO%2BfSbkfHwc4l%2Bf%2B5S0c3APs0kCiKsdpJfdSy6ODs2399GHEEbOvj5meqwbzV%2F2A5ztrggHC0UI8%2BlRgfp1nLfKwbj8jVcSfYi8l%2BxxK1ojBP6aHZHLa9GGHro%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dbdd4b5a25-MXP
rocket.png
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/rocket.png
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9328
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"2470-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7luvYMBM0TXSokjHKFecQml3E%2BbOdMqYcSiBZ5MJy4PSm%2BJSVidEfyIWH7ki6b2WmWGVbofVZ5Vazug%2FnqaSoAlqsY7kPm89ZTk5UBS9jv4oZR7gGE7kW2SgikLjiEiz2%2BCaijhVe3DgYAZtq0D1lmAZk5nhCkn6MlbQ67peVALjXzNsdCwvSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dddb0dbdd4e5a25-MXP
rocket-loader.min.js
microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Feb 2022 20:14:10 GMT
server
cloudflare
etag
W/"6206c392-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlRCreEXDhokl7j%2BqU9Zs%2FWrgNLyxmQ8MhFcF6YuI2xoecQAmIIB3Qjf2NNIeqwmZtjhc0VUGs%2F%2FFL9dZFLQv7BYCItNAZe7yfBrRasukldfTQH49yPtkCNWha20eYF9n%2BCsmwmwkii4cdseWF4q9mlK4AIEIKopk6h99qGZr%2FDkyNGmEANKihg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dddb0dbdd515a25-MXP
vary
Accept-Encoding
expires
Thu, 17 Feb 2022 10:00:44 GMT
api.js
js.hcaptcha.com/1/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
via
1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
W/"3db78dddb0e62e1c5a4e475fcf6ccf9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
ARN56-P1
cf-ray
6dddb0dc2c0f9067-FRA
x-amz-cf-id
4nNcptpCqZ7ricxKyfGju_z770X9Q7alMVTCl6a85w_2QDasMfiatg==
jquery-3.6.0.min.js
microsoft-verify.dev-ely-delva.workers.dev/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/jquery-3.6.0.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"15d9d-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbLfENjgrxETAEENEXndHDcU%2BUyal%2BtZKYUBznYKCAA%2Bkopb0RDBFOS%2FU0gXeTobDxkVKnuvWikaM9Y9lKyNvQPMaR5R5KZJ6YPSUkayREm78yAQSb3PoG7EDbUviEEV4TcLarslOj2QVOz1lV88aGIKuy3gufRowVQi2nsYxVy93M9Nb2EPChs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dc0dec5a25-MXP
svg-loader.js
microsoft-verify.dev-ely-delva.workers.dev/js/utils/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/utils/svg-loader.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4230f170b63c4429e8c8f629611bb57f91ceb3e91e3548bc7512eec3e416891b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"e96f-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kybGXOPZONIkmHkvXIU1S1NKet%2Bx0QnsyAWGL2AcLzkpJZpQVr5wgs8OMriIga17tdslfLkf7tCJ8%2F6BTPadh5Hu6pnWoARp3lTmEsrcCquhDHrH0G8DlnauWTKiGBds3kAp%2BJdUzkPhiTuOYXgsPN5FokMRxPYLvNLKMTb7kcN5rJZJK%2FexSHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dc0df15a25-MXP
landing.tabs.js
microsoft-verify.dev-ely-delva.workers.dev/js/landing/ 		286 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/landing/landing.tabs.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c54107590597a42c09422549cd47e29f8d11c78d8eef7e6822db1e858cae7619

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"11e-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjAk3qqzUUNKzuICiaBuTGrZC0bN6fpQ32kriATlxRg65IDJnBDY5WeMDHd6eGYZsAZPEBvNXKIWP%2BqQ4B5qhhFyGGdgDkF8RrVrJ4yv01vM8Wj9xvyGE4nGFBCgjYM3%2FLyd3GtN%2B67cqrsh0P43advgYHvMdKKWzZtDruIKYGhiv1ECvQtjesM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dc0df35a25-MXP
form.utils.js
microsoft-verify.dev-ely-delva.workers.dev/js/form/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/form/form.utils.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
51a4526ac953de4d01f270406d9b94a0bc543c38b6727409d0ab40e07f451260

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"121a-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7eUrSRFf4CRR8SOLcRYmb5iTuizUwCb1uS1HBpOYkR945%2FgCr7y%2Boy%2FmbcxjQgdBHmJHc0k2jGRO9x9jQl%2FL80h6HyGZgpYT4pq6ylk%2F%2BsRIHyHTcpgU3nfS4UTqRBaKHLq%2B85jigA4wlJnfU1xXSGgntDQUCjksyJuvyfHdCwPlBzA52sVp0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dc0df95a25-MXP
xm_plugins.min.js
microsoft-verify.dev-ely-delva.workers.dev/js/vendor/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/vendor/xm_plugins.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"b62b-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFJ6soKxxdeKMaJYEnWvv7MrdDGLJXvyaFl0nB9pbvuTo7%2FZgAacxIB9eluQNG9O09hNRSnC%2BIep%2BjkLmMhJ9pLWmGIg8ZDrrr%2Bn5WVlADoGsbKBG2l9%2Bu5xuGNocopW3%2FzTLxKSvrDBXP8w%2BJpW0JJGf2tcD5yJC7nFFTB%2F1xDofjyH309Q%2Bbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dc0dfb5a25-MXP
app.js
microsoft-verify.dev-ely-delva.workers.dev/js/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/utils/app.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
340db5c8ec2f5c3a20f0620043ce5145b6d2d583e8668733f9aec7a34c289616

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"14a5-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5jU4IRfh5oI4sOeeTHyrlEuuvqWA1LDA%2BfZFN9W5g8rtuWzLuZUXhMpYwtz8FPsiOj%2F7j2qHk29wQr6Tk%2FtdT7jkQxaCupmcVmnqqpCV%2BNyx7TW9r6pOjQ70vVcgphSvS4lrPXJ7FUVYMLMY5btvUGHNiwepgv3k2kbmQMOET7Flhkc1mBfnR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb0dc0dfc5a25-MXP
css
fonts.googleapis.com/ 		2 KB
481 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 10:00:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 10:00:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 10:00:44 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 10:00:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 10:00:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 10:00:44 GMT
landing-background.jpg
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		173 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/landing-background.jpg
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
953130555e0724070d3cc0654d30bc64a00fada3831d9b0626386907cad9c438
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJMFm1mQmDIo7AugNmY%2BLq8AK9r04m9BVSRwIFQvTSo3U9K6q3tZuEXiFSNNNA1E5l3Z68LwO0nAsWiBoiZeU5ESCP5HUASFFe8HiHLkNmJ2JJbbDdLviyHo9OtFd5BpBArG87A5mtkcAu11Yytfjyp0r%2BZHbQ5kh48hu76tW5ptvs6v10bzJa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
content-security-policy
default-src 'none'
cf-ray
6dddb0ddfbbd83ac-MXP
dot-texture.png
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/dot-texture.png
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2830
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"b0e-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bor3QmueFRTYyxewHOygEy%2F8PlaeX%2BGXIkfe2ieT6njPIKmjiLlJz%2FH7MYLIfwyM8i2GzcYJaoZ0HFuTs4j6bpqJN4wYDYmJZdS2kDouV3Hx1Fjs9nobbYOPt7rLzT00TUeV%2FypY70vbSZEmS1RSLY1cC%2FV%2BizuL0cAPwxuSb6swApd2txZyaGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dddb0ddfbc883ac-MXP
LDI2apCSOBg7S-QT7pb0EPOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pb0EPOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 21:59:15 GMT
x-content-type-options
nosniff
age
475289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15084
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 21:59:15 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 00:07:17 GMT
x-content-type-options
nosniff
age
467607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10444
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:03:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 00:07:17 GMT
LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pa8FvOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:07:45 GMT
x-content-type-options
nosniff
age
481979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:00:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 20:07:45 GMT
LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 21:59:12 GMT
x-content-type-options
nosniff
age
475292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 21:59:12 GMT
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame C2FF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-type
text/html
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN56-P1
x-amz-cf-id
spoVsfC5y2Ic7olfios9EzX73pIQ2IE56QE2ZRyKJ8aUB_0CxaiLhQ==
age
7568
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb0de48b59067-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame E45F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-type
text/html
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN56-P1
x-amz-cf-id
X3rq2Ah_AwBCs3Iq8BXXZpstc7Vgaxal4oEOQon8bE0y_FoRnLplPw==
age
7568
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb0de48b89067-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame E45F 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7571
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47886
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
"b88aa12fdb3081df3c3188598478f007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 8279bca1d4905f7589e8a8f7d09741dc.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
MXP64-C3
accept-ranges
bytes
cf-ray
6dddb0dea9b6922b-FRA
x-amz-cf-id
aLOOYUUxIS6Pof0i3p46xsQ2P21iUGarv3E1_ftf_7Fy2LxbrUSWiQ==
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame C2FF 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7571
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60785
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
"3f5cf3f58a9b58a4506ae9dd004186ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ac9a9db2e57fbe7ebe7ee8fc2d557856.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
MXP64-C3
accept-ranges
bytes
cf-ray
6dddb0dea9b9922b-FRA
x-amz-cf-id
Rj5mEJFk3pKB-lU5X94VgyS5WjhWWtMRdCLceeHISpO_PtPCFZrF1A==
truncated
/ Frame E45F 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame E45F 		508 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd5002a19f96a9c9ca16bd572b9b9928ee52d3f2abb76acc724eef142a9a1f0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6dddb0df9b9d922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb0df4db1902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/919a3f58/ Frame C2FF 		919 KB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/919a3f58/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:00:44 GMT
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
62334
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 16:35:39 GMT
server
cloudflare
etag
W/"777d618166357c7ea8c00b987c3ad278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
cf-ray
6dddb0e00c67922b-FRA
x-amz-cf-id
oPzwXlrZSDJUKMLveCVQt28wIuF-C8bxZRgtbn9qLmZz1Z6z_pEJwA==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| __cfQR function| _typeof function| XM_Accordion function| XM_Dropdown function| XM_Hexagon function| XM_Popup function| XM_ProgressBar function| XM_Tab function| XM_Tooltip function| $ function| jQuery function| submitForm boolean| __cfRLUnblockHandlers object| hcaptcha object| grecaptcha

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/landing-background.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
js.hcaptcha.com
microsoft-verify.dev-ely-delva.workers.dev
newassets.hcaptcha.com
104.16.168.131
104.16.169.131
2606:4700:3031::ac43:a019
2a00:1450:4001:803::2003
2a00:1450:4001:830::200a
11a436435a13a2c232e4fd11e22516b991afeef713ac2310a5730870ba7e30c7
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
340db5c8ec2f5c3a20f0620043ce5145b6d2d583e8668733f9aec7a34c289616
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
4230f170b63c4429e8c8f629611bb57f91ceb3e91e3548bc7512eec3e416891b
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
51a4526ac953de4d01f270406d9b94a0bc543c38b6727409d0ab40e07f451260
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
953130555e0724070d3cc0654d30bc64a00fada3831d9b0626386907cad9c438
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
c54107590597a42c09422549cd47e29f8d11c78d8eef7e6822db1e858cae7619
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dbd5002a19f96a9c9ca16bd572b9b9928ee52d3f2abb76acc724eef142a9a1f0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e