urlscan.io logo urlscan.io
SecurityTrails logo

web-login.provideroffice.live Open in urlscan Pro
2606:4700:3037::6815:130  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://proceeding.app.link/FQCCW2Z23tb
Effective URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3...
Submission: On October 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3037::6815:130, located in United States and belongs to CLOUDFLARENET, US. The main domain is web-login.provideroffice.live.
TLS certificate: Issued by E1 on October 12th 2022. Valid for: 3 months.
This is the only time web-login.provideroffice.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:218... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
20 2620:1ec:40::44 8075 (MICROSOFT...)
1 20.190.159.73 8075 (MICROSOFT...)
3 2a01:111:f100... 8075 (MICROSOFT...)
1 2603:1027:1:1... 8075 (MICROSOFT...)
68 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 152.199.23.72 15133 (EDGECAST)
1 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2603:1026:c03... 8075 (MICROSOFT...)
103 10
1    2600:9000:2182:b600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
proceeding.app.link
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
redirecting.sbs
5    2606:4700:3037::6815:130 (United States)

ASN13335 (CLOUDFLARENET, US)
web-login.provideroffice.live
20    2620:1ec:40::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.159.73 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
3    2a01:111:f100:9001::1761:9482 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
portal.microsoftonline.com
1    2603:1027:1:158::a (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
68    2a02:26f0:3500:584::1e0f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.cdn.office.net
r4.res.office365.com
2    152.199.23.72 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
1    2620:1ec:a92::156 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.office.com
1    2603:1026:c03:6815::2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com
Apex Domain
Subdomains		 Transfer
61 office.net
res.cdn.office.net — Cisco Umbrella Rank: 1065
1 MB
20 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2426
309 KB
8 office365.com
outlook.office365.com — Cisco Umbrella Rank: 75
r4.res.office365.com — Cisco Umbrella Rank: 229
694 KB
5 provideroffice.live
web-login.provideroffice.live
109 KB
3 microsoftonline.com
portal.microsoftonline.com — Cisco Umbrella Rank: 36080
10 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 7015
248 KB
1 office.com
www.office.com — Cisco Umbrella Rank: 4252
1 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1652
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 65
1 redirecting.sbs
redirecting.sbs
1 KB
1 app.link
proceeding.app.link
579 B
103 11
Domain Requested by
61 res.cdn.office.net portal.microsoftonline.com
www.office.com
20 aadcdn.msauth.net web-login.provideroffice.live
aadcdn.msauth.net
7 r4.res.office365.com outlook.office365.com
5 web-login.provideroffice.live redirecting.sbs
web-login.provideroffice.live
aadcdn.msauth.net
3 portal.microsoftonline.com aadcdn.msauth.net
portal.microsoftonline.com
2 aadcdn.msauthimages.net
1 outlook.office365.com www.office.com
1 www.office.com portal.microsoftonline.com
1 autologon.microsoftazuread-sso.com
1 login.live.com web-login.provideroffice.live
1 redirecting.sbs
1 proceeding.app.link 1 redirects
103 12

This site contains links to these domains. Also see Links.

Domain
passwordreset.microsoftonline.com
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.provideroffice.live
E1		 2022-10-12 -
2023-01-10		 3 months crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-08-23 -
2023-08-23		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
portal.office.com
Microsoft Azure TLS Issuing CA 05		 2022-04-13 -
2023-04-08		 a year crt.sh
*.res.outlook.com
Microsoft RSA TLS CA 01		 2022-06-02 -
2023-06-02		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh
outlook.com
DigiCert Cloud Services CA-1		 2022-07-26 -
2023-07-25		 a year crt.sh

This page contains 4 frames:

Primary Page: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Frame ID: 41D392D96F668CD895FD51CF2218F293
Requests: 30 HTTP requests in this frame

Frame: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Frame ID: C6349C075894169DB0D2E27C5C7E9B68
Requests: 58 HTTP requests in this frame

Frame: https://www.office.com/prefetch/prefetch
Frame ID: 2ABC31CFDA20F0DE5B4240BE3B453EB9
Requests: 7 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 0B2CC6941BF4379CB94A63CC7C0D9889
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://proceeding.app.link/FQCCW2Z23tb HTTP 307
    http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_ref... Page URL
  2. https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXBy... Page URL
  3. https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXBy... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

99 %
HTTPS

82 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

2722 kB
Transfer

8771 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://proceeding.app.link/FQCCW2Z23tb HTTP 307
    http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXLyjKT05NTcnMS9dLLCjQy8nMy9Z3C3R2DjeKMjIuSQIAIW3ySycAAAA%3D Page URL
  2. https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn Page URL
  3. https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://proceeding.app.link/FQCCW2Z23tb HTTP 307
  • http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXLyjKT05NTcnMS9dLLCjQy8nMy9Z3C3R2DjeKMjIuSQIAIW3ySycAAAA%3D

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
LRgQNz
redirecting.sbs/
Redirect Chain
  • https://proceeding.app.link/FQCCW2Z23tb
  • http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXLyjKT05NTcnMS9dLLCjQy8nMy9Z3C3R2DjeKMjIuSQIAIW3ySycAAAA%3D
371 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXLyjKT05NTcnMS9dLLCjQy8nMy9Z3C3R2DjeKMjIuSQIAIW3ySycAAAA%3D
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
75900986bdf49118-FRA
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Oct 2022 13:03:43 GMT
Expires
0
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74QgAh3nM3O52GJ1wAfwBt35W%2F5Xea%2BO%2BXQ0QyuIYOzkHMA2vVjhFgvwepEIpSx%2BDBxaGCWDqLJMLcE7XRG5SJvkP1t%2BbfacdwcpHsvOSkZvb8F74LA8rZgXG0Jz4QtEffmyrgzQwgvrXUHxqeo%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 12 Oct 2022 13:03:43 GMT
last-modified
Wed, 12 Oct 2022 13:03:43 GMT
location
http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXLyjKT05NTcnMS9dLLCjQy8nMy9Z3C3R2DjeKMjIuSQIAIW3ySycAAAA%3D
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
x-amz-cf-id
T5tMd6gmseZbypRiUPzAzfRak0sYtHcDPlPh9q75s5nuGTp1LONpZQ==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
/
web-login.provideroffice.live/ 		151 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
Requested by
Host: redirecting.sbs
URL: http://redirecting.sbs/LRgQNz?_branch_match_id=1108729015216114157&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXLyjKT05NTcnMS9dLLCjQy8nMy9Z3C3R2DjeKMjIuSQIAIW3ySycAAAA%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d1844d78e4f48c20a22974ff1be8256836fa19623291b898528e1e6d03e367

Request headers

Referer
http://redirecting.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
7590098bace25b74-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 13:03:44 GMT
expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
server
cloudflare
vary
Accept-Encoding
x-ms-ests-server
2.1.13845.9 - NEULR2 ProdSlices
x-ms-request-id
e94f354e-a966-43b4-8428-49e883162700
Primary Request /
web-login.provideroffice.live/ 		198 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa9723cf35e0c085cd6d9eb5979612609d37897aca8b0629a6c0ddd302639e1

Request headers

Referer
https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
759009916cf65b74-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 13:03:45 GMT
expires
-1
link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-ms-ests-server
2.1.13777.6 - NEULR2 ProdSlices
x-ms-request-id
c237cb4a-85e0-4580-80c9-2128e633b400
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:44 GMT
content-encoding
gzip
x-azure-ref-originshield
04iQ6YwAAAAB/LpgwvT17QZ6hhA1vU6kbRlJBMjMxMDUwNDE4MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:13:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D997CA245
x-azure-ref
0MbtGYwAAAACY+hT2iJ6QQ5JjPO1em4IxRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
868877b4-e01e-0031-0cf8-d53d60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:44 GMT
content-encoding
gzip
x-azure-ref-originshield
0NABDYwAAAADz48LyyH+sS4t7rQ8CzpL7RlJBMjMxMDUwNDE3MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
A8dgUeRfi6/VknMbox6Cuw==
x-cache
TCP_HIT
content-length
4880
x-ms-lease-status
unlocked
last-modified
Thu, 22 Oct 2020 20:43:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D876CB1D67B929
x-azure-ref
0MbtGYwAAAACCuW9HQnwtTZxBBf6YJEUsRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
64e1ae7a-501e-004a-340a-dbea77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:44 GMT
content-encoding
gzip
x-azure-ref-originshield
0w3xDYwAAAADtUeSfHESRQ62HYqTnloLZRlJBMjMxMDUwNDE3MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
up2irhKVlrgd4fr/sCzQ9w==
x-cache
TCP_HIT
content-length
3921
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 20:27:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA5944A4FF258E
x-azure-ref
0MbtGYwAAAADV8F4a00dQT5JkVAnkKeTeRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c2aadf9a-a01e-0071-6a35-daee71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watson
web-login.provideroffice.live/common/handlers/ 		444 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-login.provideroffice.live/common/handlers/watson
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
client-request-id
0a6c3f1a-6c6c-4b6c-b773-42260234cd4f
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevrgZDz7cl0QggaX11PhJM3bAjSH_YdUee-0t0WLfHPCR4UpbsFY1QQqWc1s-J1_QNfGqJzhzyyl8XMNN7JCCcalh4xUgcgEiWq-jvZhVKOpFasP41y3Qf4-7MngjbzDWf25QJ1uND9dswtq4QkhpcA61jt0iS3DQkyuibLBqJzrFouAwJ_V9BRjnMnFEEuBpUPx6ABQw1s5XMKJf8jktdbBSAA
Content-Type
application/json; charset=UTF-8
hpgid
6
Accept
application/json
Referer
https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn
X-Requested-With
XMLHttpRequest
hpgact
2101

Response headers

date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
0a6c3f1a-6c6c-4b6c-b773-42260234cd4f
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
content-type
application/json; charset=utf-8
x-ms-request-id
39fd1bdf-1eea-455f-a804-030a63a22700
cache-control
no-store, no-cache
cf-ray
75900992ed049b64-FRA
x-ms-ests-server
2.1.13845.9 - NEULR1 ProdSlices
expires
-1
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		383 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c1bf2d5549e6a44c730848d6516b15027a1bcd945d3873b5a59c9b0328594d10

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0WeU5YwAAAADd+L9atFUvSbosJ5mqWfrmRlJBMjMxMDUwNDE3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Jfr7ybz+m0nNvz/08u4r1Q==
x-cache
TCP_HIT
content-length
111355
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 23:41:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA8D3CB2C71735
x-azure-ref
0MbtGYwAAAABoaQsFwNoHSIx14wqqmSPxRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
09cc7597-e01e-0065-7d67-d6f25b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Prefetch.aspx
portal.microsoftonline.com/Prefetch/ Frame C634 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:9482 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
acf8dd618f24d6ed3ac17d06e68fdb0b94cf2dd1d11241dae34a29ab6369066a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Referer
https://web-login.provideroffice.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache,no-store, no-cache
content-encoding
gzip
content-length
3136
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 13:03:46 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
010xGYwAAAAC/JFvpNMcsQ6PT0YkBp/3DRlJBMjMxMDUwNDE3MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0MrtGYwAAAACE4C1e2+ZuQaNTmYfrxG7FRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
94d36064-501e-0076-1e33-db3f7f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_1z1tdsfk00zougxvr5xc7a2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_1z1tdsfk00zougxvr5xc7a2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0y4k8YwAAAABvd7vUpHsbRZJPdUWcgLwNRlJBMjMxMDUwNDE3MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
h+xaYXm9XBtkti+44Jrk8w==
x-cache
TCP_HIT
content-length
14864
x-ms-lease-status
unlocked
last-modified
Sat, 03 Sep 2022 02:17:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA8D5263F2D6F0
x-azure-ref
0MrtGYwAAAACkhLdVtKrkTLm1UgpGox6eRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9e30aa68-001e-0047-07eb-d7356c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f78a659d1f272f9c0aceb7be9ee1c095a2c52e136ba712602520e7a268583b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0NwY+YwAAAADruLdD2Mu7TKuI5bc3VYRGRlJBMjMxMDUwNDE3MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
GBMq8b7F7EUzg0oe2bIzrg==
x-cache
TCP_HIT
content-length
5529
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jul 2022 23:52:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6F61D6ECB178
x-azure-ref
0MrtGYwAAAABqSnXw3uj6SJhM4tHlZc1wRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ae784075-101e-0026-1235-d75c4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
x-azure-ref-originshield
0ds1EYwAAAACx7xldXs9kSomHQfmL2qTiRlJBMjMxMDUwNDE4MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0MrtGYwAAAACZ86JzpHTAQ6J0dI2k27TJRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
60c0512a-a01e-0009-2e16-d84460000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
x-azure-ref-originshield
0ZmxCYwAAAABwECXNOqYGR7bevAfPPsoaRlJBMjMxMDUwNDE3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0MrtGYwAAAAAN/o/gAbB2TrL2lqeykbYURlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
55c572b4-601e-0041-5c84-dbcf60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c3884c02996923d5be8f0150d8e407562f87fb48d034080740d899682967bb3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0C9VAYwAAAAD8rcCbyTrpSICNETG9wSfaRlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
myuguQkFQCsNqFzvevLkNg==
x-cache
TCP_HIT
content-length
32176
x-ms-lease-status
unlocked
last-modified
Mon, 15 Aug 2022 19:41:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7EF6352C5B49
x-azure-ref
0MrtGYwAAAAC+33Zy6nfbSJV9kIWcQn9SRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8e65cb66-301e-004c-2590-da107b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
01HtDYwAAAACAaP93OQobRK2aR1Dj1wK7RlJBMjMxMDUwNDE4MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D86E386
x-azure-ref
0MrtGYwAAAACc4nrYY2zqRYS8QyRCwjTiRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e59248cd-501e-0032-7b4a-d84066000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
09elDYwAAAACDY599e4VBQoI+Et/jgTEjRlJBMjMxMDUwNDE4MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373CB2849
x-azure-ref
0MrtGYwAAAAA88seXVa2FQJZFVw+zLOe2RlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4b50ab9e-801e-0063-806d-dc0857000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
x-azure-ref-originshield
0ds1EYwAAAACx7xldXs9kSomHQfmL2qTiRlJBMjMxMDUwNDE4MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0MrtGYwAAAADncwNgHsUoRJVlKjYYbUfrRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
60c0512a-a01e-0009-2e16-d84460000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
x-azure-ref-originshield
0ZmxCYwAAAABwECXNOqYGR7bevAfPPsoaRlJBMjMxMDUwNDE3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0MrtGYwAAAADBNdofuMPrR62i8I6ClTA6RlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
55c572b4-601e-0041-5c84-dbcf60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
04iQ6YwAAAAB/LpgwvT17QZ6hhA1vU6kbRlJBMjMxMDUwNDE4MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:13:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D997CA245
x-azure-ref
0MrtGYwAAAACfgU4bF3AOQqVlzDiO1YCaRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
868877b4-e01e-0031-0cf8-d53d60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ssoprobe
autologon.microsoftazuread-sso.com/blackrock.com/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/blackrock.com/winauth/ssoprobe?client-request-id=0ba3a3f8-f548-44e7-9b39-c03b4fbc9f1c&_=1665579826085
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1027:1:158::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 13:03:45 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
a94f6064-a399-4e07-9ccb-c640e05a2d00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.13845.9 - WUS2 ProdSlices
Expires
-1
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0NABDYwAAAADz48LyyH+sS4t7rQ8CzpL7RlJBMjMxMDUwNDE3MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
A8dgUeRfi6/VknMbox6Cuw==
x-cache
TCP_HIT
content-length
4880
x-ms-lease-status
unlocked
last-modified
Thu, 22 Oct 2020 20:43:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D876CB1D67B929
x-azure-ref
0MrtGYwAAAADgnJ0VmcWFSZXgwiQbJsrRRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
64e1ae7a-501e-004a-340a-dbea77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: web-login.provideroffice.live
URL: https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6

Request headers

Referer
https://web-login.provideroffice.live/
Origin
https://web-login.provideroffice.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0w3xDYwAAAADtUeSfHESRQ62HYqTnloLZRlJBMjMxMDUwNDE3MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
up2irhKVlrgd4fr/sCzQ9w==
x-cache
TCP_HIT
content-length
3921
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 20:27:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA5944A4FF258E
x-azure-ref
0MrtGYwAAAADZ9t6Fv3YWS6qbs9m0LpeIRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c2aadf9a-a01e-0071-6a35-daee71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watson
web-login.provideroffice.live/common/handlers/ 		264 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-login.provideroffice.live/common/handlers/watson
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d94466756e26789f0c85098d45d0db6196efb97fd1394e720363a9bb183cb5e

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
client-request-id
0ba3a3f8-f548-44e7-9b39-c03b4fbc9f1c
canary
AQABAAAAAAD--DLA3VO7QrddgJg7Wevryr5QgYE1UVugrzC2ey_RFWANznIw4gt9WiKkm3htra_9siAhdJbfDnjXFSE5JtrzsMDifI9gBkB8qRP3SVIQ306IATAy5cEneXisAk8-xnVZDegzve_fS_n5_90WIrykFYWWlMHEGGj8PMAsUYk1ZHxiZqEASli19ooV8TOLnvt4o_7_LxNi62yhffALY7M78h9zugCpBa2od_KbtG5VSSAA
Content-Type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
X-Requested-With
XMLHttpRequest
hpgact
2101

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
0ba3a3f8-f548-44e7-9b39-c03b4fbc9f1c
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
content-type
application/json; charset=utf-8
x-ms-request-id
483f8aeb-0fcf-407f-a035-a72e8335ba00
cache-control
no-store, no-cache
cf-ray
759009994b439b64-FRA
x-ms-ests-server
2.1.13777.6 - NEULR2 ProdSlices
expires
-1
embeddedfonts.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		3 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/embeddedfonts.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f94db6ff18ab676d3ff153b9c0185fd12c7edff3ca3ecf0353efaa9cca48eef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:44:28 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f2552a4a-201e-0034-5eec-ddcc5f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
320
admin.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/admin/css/ Frame C634 		1 MB
193 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/admin/css/admin.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
06e3eb15f47d434b0050d88dd05e13c1c99ecc449199750320abb1a1087daf85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:31:09 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a5c9045f-201e-0024-61ec-dd0937000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
196553
o365themedefault.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/o365themedefault.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:45:55 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
15808870-901e-001e-33ec-dd134f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
1067
masterstyles15.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		92 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/masterstyles15.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
00163f8b3a0f8ce6ba6ddb1706e7670598d29d6d437f50f982798e67f041da0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:44:30 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
157d1b2a-901e-001e-70ec-dd134f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
25650
masterstyles15mvc.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/masterstyles15mvc.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eef11f9175340ce4384c331041052cdfa080a5d9abeb0bbefa5d1ce414e0ab0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:44:32 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
62929233-601e-0047-3bec-dd94cc000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
3243
website.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/website.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
home.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/home.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
home15.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/home15.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
assistancepanel.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/assistancepanel.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
conciergehelper.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/conciergehelper.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
signup16.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/content/css/ Frame C634 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/content/css/signup16.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9b440fbd7209e59dce7e99d9df330ee309b39b655fb7a7af4209e4e76813c7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:47:18 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
49dc03a3-c01e-005e-7aed-dd1477000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
4297
adoption.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/adoption.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
commonhealthdashboard.css
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/ Frame C634 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/commonhealthdashboard.css
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
webcontrols.png
res.cdn.office.net/images/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/webcontrols.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d8b66151e698d6eb26d0e93505f5e07d9c05c75bc0fe2b45e16ead9f36e45358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
09717dd2-901e-0013-373b-deeecd000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
transparent.gif
res.cdn.office.net/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Images/transparent.gif
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
73787b4d2c10f55fccdb081d5eabcef34d86a5a7b3ae7fb5a845a682f6f2e407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
123af10d-a01e-0048-483b-dee2a0000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
header_bg_signup_office.jpg
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/header_bg_signup_office.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15834a7491d77c663548aa33ec7ef860a21f5ae586666c04783146874b9ca528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
1825d78f-c01e-002c-023b-de1338000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
O365SharedClusteredImage.png
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/O365SharedClusteredImage.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
963fa397da2ef3b2d6e26e900c37e4dbbd594979b891398404bdc32a0fb4bb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
d6852224-901e-006c-033b-de1400000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
servicestatus.png
res.cdn.office.net/images/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/servicestatus.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
65bff3bf2cd9b638a2caec8565490d1708ad0922801eb7be21070ad18cfac380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
2e317228-f01e-0058-123b-de129e000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
pagelayout_white_panel.jpg
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/pagelayout_white_panel.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f5d41249a8a4248105588f7b5a179ffec8d48a27d124277e19b6ceccd42c5d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
445a8f69-d01e-0042-4d3b-de4617000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
pagelayout_mos_background_right.jpg
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/pagelayout_mos_background_right.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
35800e34d1cd069ef71d56454ed2293013531eca9d3bfb919f3f6e2f8c4ec24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
606d6d50-e01e-002b-273b-de7f5b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
pagelayout_mos_background_left.jpg
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/pagelayout_mos_background_left.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ab76b02f229e2c583d3f56d3c80a2bbc2ae5944af4af4ea69fdd600511f6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
f81e5a79-b01e-006b-5d3b-de7863000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
pagelayout_nav_highlight.jpg
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/pagelayout_nav_highlight.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b6b608b5973cc174f7b1db8d44f52557df3841cba7bbd592ec5d2e344f7108f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
606d6581-e01e-002b-123b-de7f5b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
header_wizard_hl_mos.jpg
res.cdn.office.net/Shell/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Shell/Images/header_wizard_hl_mos.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
216e64715e5a7fe493fe91ee7105efb33549d36124a57ffb6cc3170f77e1b78e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
60e5fc9f-601e-0057-553b-de51a4000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
list_bullet_5x5.gif
res.cdn.office.net/Images/ Frame C634 		226 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/Images/list_bullet_5x5.gif
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a9e5ba7c54abb32d448996730711a2c0d3d356813405ec93877034ee0414bde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
5e736b2c-001e-0051-4d3b-de621b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
226
spinner_16x16_metro.gif
res.cdn.office.net/images/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/spinner_16x16_metro.gif
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea25fdd69b86b78a43bdd9e4216d2c4dd74146cba880c2b2b5d8903d0fa47829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
71aad198-701e-0069-543b-def38d000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
spinner_24x24_metro.gif
res.cdn.office.net/images/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/spinner_24x24_metro.gif
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c70ca39a899c687b11a95a6eb63eac46651c4a615da60d380498ab7935ed30ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
2e312f48-f01e-0058-3a3b-de129e000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
signup_ms_logo.png
res.cdn.office.net/shell/images/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/shell/images/signup_ms_logo.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0bbeb1aa7d9879326eddd7b51aac83169e697b9b6ebdfef1ead16097e4c2ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
55a81a52-b01e-0004-683b-de47c6000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
o365_gallatin_logo.png
res.cdn.office.net/shell/images/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/shell/images/o365_gallatin_logo.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b8f2ec51817f7ec14d170b9f66d907fc754a39a278767c19f20c331038b4dda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
097190f8-901e-0013-393b-deeecd000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
image1.jpg
res.cdn.office.net/images/backgrounds/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/backgrounds/image1.jpg
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e4db255088ad6c4c6eaf2c69499a0c9ccfe527407ccc9d2690c5cd8908aaae06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
4e0b698a-901e-004e-613b-dee449000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
arrow_staticup_16.png
res.cdn.office.net/images/scrollbar/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/scrollbar/arrow_staticup_16.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ce54609f7e925859ce02111feae0ffd74152a6e1273565941cfe62bc3e8932db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
4e0b61b1-901e-004e-0f3b-dee449000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
arrow_staticdown_16.png
res.cdn.office.net/images/scrollbar/ Frame C634 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/images/scrollbar/arrow_staticdown_16.png
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e4d3eefa6709ff580cfcc28fb8389632d28cfedecb7aac5a7c1347b21b2ff39f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn-provider
Akamai
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
8a4a9161-a01e-0037-553b-de186d000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
223
WebResource.axd
portal.microsoftonline.com/ Frame C634 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.microsoftonline.com/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=637983616337948032
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:9482 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Thu, 12 Oct 2023 04:04:00 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 13:03:46 GMT
last-modified
Fri, 09 Sep 2022 23:07:13 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
content-length
6007
x-ua-compatible
IE=Edge
microsoftajaxcombined.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/microsoftajaxcombined.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2e8859f136956ce2ae0c5330bf402a9cf673b6a5191e394232fa2cc6364c3c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:44:27 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d285ee59-501e-002e-2aec-ddad80000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
56341
jquery-1_10_2_min.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/jquery/ Frame C634 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/jquery/jquery-1_10_2_min.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:44:23 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f2552a94-201e-0034-20ec-ddcc5f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
33304
headbundle.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		82 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/headbundle.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2a81375139c443530fecbf7b97800a87f94789764d03d5963b985300297b145d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:30:06 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
62929195-601e-0047-2bec-dd94cc000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
16829
controlbundle.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/controlbundle.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:30:08 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5c8fe3b-201e-0024-52ec-dd0937000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
20658
angularlib.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/angularlib.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41a8eb2356079e81d6a1166d5872e9f4bdf6bae18699a0a552510ca518fc30b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:30:25 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02407a12-f01e-0045-11ec-dd2a74000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
57636
angularextensions.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		1 MB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/angularextensions.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
79f6c7dc6daafef4d7d585399f56e683a6cb6232fdd3c2b2ef07becb3c1f6885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:30:34 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae3ae9ee-001e-001c-04ec-ddadf7000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
247426
adminbootstrap.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		529 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/adminbootstrap.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cbc7375df2dcc2887d9c08490ba01e55a98ac44f90d223adcce0b5f245d9655c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:30:40 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d28d05a4-501e-002e-70ed-ddad80000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
117709
adminapp.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		674 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/adminapp.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c1a605ba985ee8298c1421f011454557f1e21ac55559f0490bcf8f3cd7d41cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:31:04 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae438626-001e-001c-7ced-ddadf7000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
158078
mscorlib.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/mscorlib.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:45:59 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eeb8b11b-d01e-0030-4eed-dd4158000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
7064
listgrid.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/ Frame C634 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/listgrid.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28383c7e2db70923ffdabf9ea34e3666be26ebcd37120def4f5a0234e69e1246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:44:55 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d28977c5-501e-002e-6ced-ddad80000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
13259
peoplepicker.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/ Frame C634 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/peoplepicker.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
382ffa068deb747a667d355fb79785af950a1b5f27a6bee0f1c97383f4cb1996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:46:00 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
41968b7d-001e-0033-1ded-dda03c000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
3110
productkeycontrol.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/ Frame C634 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/productkeycontrol.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c7e5524918b83475f905d489c4db25a327d751dfe5075edd0ea054e84af53d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:46:01 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
38b2bce8-701e-0039-3fed-dd048b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
2674
gridview.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/ Frame C634 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/gridview.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6fedae5107f342161ba5b8dc77d5d20a77feec58a4417a4cb14c8baa883d157e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:46:08 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eeb8b130-d01e-0030-62ed-dd4158000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
2338
netperf.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/netperf.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
329e33e61952a1445bf79f6d073ff443339aa13e6338c568d20a3015c0e7bf9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:47:24 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d324e028-a01e-0067-1bed-ddef6b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
1766
searchbox.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/searchbox.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn-provider
Akamai
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e948b861-c01e-0053-473b-dee9f5000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
215
passwordstrengthmeter.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/passwordstrengthmeter.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8dc4107571ba20983d62df95a23d5cabc961418c55b75a8ceb1437a83cc7ab3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:46:03 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
38b2bcf2-701e-0039-48ed-dd048b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
1027
hipcontrol.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/ Frame C634 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/jsc/hipcontrol.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
811e2184acac6e3dc10851b5e1ddd6f431ab4feff39a4914ee487a961f7761db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:30:18 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eeb8b149-d01e-0030-79ed-dd4158000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
6853
geminiwizard.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/ Frame C634 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/webcontrols/js/geminiwizard.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
78f204fb7b794aad7425f3822f1c8c0107f0fa1442369a798aef0dc6bf35b40d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:46:02 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae43863e-001e-001c-12ed-ddadf7000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
2158
webuivalidation.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/webuivalidation.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 23:46:01 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
41968bbf-001e-0033-59ed-dda03c000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
5468
webtrends.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/webtrends.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn-provider
Akamai
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6270d20e-901e-0003-173b-de2ba5000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
215
webtrendsstream.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/webtrendsstream.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn-provider
Akamai
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e0b2d005-801e-0030-143b-de740e000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
215
home.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/home.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn-provider
Akamai
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0971c8c2-901e-0013-2d3b-deeecd000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
215
reporting.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/reporting.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn-provider
Akamai
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
71ab3f33-701e-0069-5c3b-def38d000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
215
assistancepanel.js
res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/ Frame C634 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/assistancepanel.js
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn-provider
Akamai
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c30d648c-e01e-0019-4c3b-de4a7a000000
access-control-expose-headers
date,Akamai-Request-BC
timing-allow-origin
*
content-length
215
dssostatus
web-login.provideroffice.live/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-login.provideroffice.live/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
156f4475e389fb12910e48adbc968118a69b30dbc1b8b4378edf625dfa053eb8

Request headers

hpgrequestid
c237cb4a-85e0-4580-80c9-2128e633b400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
client-request-id
0ba3a3f8-f548-44e7-9b39-c03b4fbc9f1c
canary
AQABAAAAAAD--DLA3VO7QrddgJg7Wevryr5QgYE1UVugrzC2ey_RFWANznIw4gt9WiKkm3htra_9siAhdJbfDnjXFSE5JtrzsMDifI9gBkB8qRP3SVIQ306IATAy5cEneXisAk8-xnVZDegzve_fS_n5_90WIrykFYWWlMHEGGj8PMAsUYk1ZHxiZqEASli19ooV8TOLnvt4o_7_LxNi62yhffALY7M78h9zugCpBa2od_KbtG5VSSAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://web-login.provideroffice.live/?yu=347d&username=aarti.angara@blackrock.com&af=aHR0cHM6Ly93d3cuc2VydmljZXByb2Nlc3Muc2JzL3Nicmw3aHNn&sso_reload=true
hpgact
2101

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
0ba3a3f8-f548-44e7-9b39-c03b4fbc9f1c
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://autologon.microsoftazuread-sso.com/
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-request-id
209b39eb-8e4d-4ba6-99fe-f1da324bcc00
cache-control
no-store, no-cache
access-control-allow-credentials
true
cf-ray
7590099ace3d9b64-FRA
x-ms-ests-server
2.1.13777.6 - WEULR2 ProdSlices
expires
-1
convergedlogin_ppassword_51269b1fec08d00a3770.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_51269b1fec08d00a3770.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8b1fd4cb3c157b68c50f453502ee96ae3485d0e9b5069c6d6aa798fa51b183dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-azure-ref-originshield
0UeU5YwAAAACseUrM8Xl5Tq7BTn+YZ8w+RlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
lgyYvR1YvmK21Og5AgMWcg==
x-cache
TCP_HIT
content-length
5784
x-ms-lease-status
unlocked
last-modified
Mon, 15 Aug 2022 19:41:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7EF6353C387B
x-azure-ref
0MrtGYwAAAAAL+jB9AfAwTqmeh5zSnA1QRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c05ebbea-f01e-0040-155c-d4e462000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:46 GMT
x-azure-ref-originshield
0ds1EYwAAAACx7xldXs9kSomHQfmL2qTiRlJBMjMxMDUwNDE4MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0MrtGYwAAAAAO8ot8Du/ORKC28mnt7wU1RlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
60c0512a-a01e-0009-2e16-d84460000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:46 GMT
x-azure-ref-originshield
0ZmxCYwAAAABwECXNOqYGR7bevAfPPsoaRlJBMjMxMDUwNDE3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0MrtGYwAAAAAKtXyHAZ+mSJEx5LRDawRbRlJBMjMxMDUwNDIwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
55c572b4-601e-0041-5c84-dbcf60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/dbd5a2dd-fgtzaikjazspmtk3e2lo7augwwaau850ypozdzq8ci8/logintenantbranding/0/ 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-fgtzaikjazspmtk3e2lo7augwwaau850ypozdzq8ci8/logintenantbranding/0/illustration?ts=636904768211740296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAA) /
Resource Hash
cc8979574206a42beb95002ac804a1deb2c0b97c77de7850e8b7e509cbaf453b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:46 GMT
last-modified
Wed, 10 Apr 2019 07:07:01 GMT
server
ECAcc (frc/4CAA)
content-md5
HJzDNArzZdaMUEivN1PUsA==
age
69587
etag
0x8D6BD83218030B8
x-cache
HIT
content-type
image/*
x-ms-request-id
7d5a6536-601e-013a-7099-dd85af000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
245032
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-fgtzaikjazspmtk3e2lo7augwwaau850ypozdzq8ci8/logintenantbranding/0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-fgtzaikjazspmtk3e2lo7augwwaau850ypozdzq8ci8/logintenantbranding/0/bannerlogo?ts=636904768228183086
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEC) /
Resource Hash
f4347397b602d756ae0f6d0f398520fedb085cdaf97f8d28fd77c876bb44bab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web-login.provideroffice.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 12 Oct 2022 13:03:46 GMT
last-modified
Wed, 10 Apr 2019 07:07:03 GMT
server
ECAcc (frc/4CEC)
content-md5
sJ05u34ALUnF3uyc6ykXtA==
age
69587
etag
0x8D6BD83224B46C7
x-cache
HIT
content-type
image/*
x-ms-request-id
ecec6a0b-f01e-009a-0899-dd0c9c000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
7961
prefetch
www.office.com/prefetch/ Frame 2ABC 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.office.com/prefetch/prefetch
Requested by
Host: portal.microsoftonline.com
URL: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e62c774bdda5277d38f1a1db9fd0fa454e39696c20a37831733e83ac9775aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store,no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 13:03:46 GMT
nel
{ "report_to": "NelOfficeHubUpload1", "max_age": 3600, "include_subdomains":False, "failure_fraction":1, "success_fraction":0,01}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "NelOfficeHubUpload1", "max_age": 3600, "endpoints": [{ "url": "https://officehub.nel.measure.office.net/api/report?TenantId=unknown&DestinationEndpoint=weu&FrontEnd=AFD" }],"include_subdomains":False}
request-context
appId=
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: C065E9E2D5B2429CB9C6CB7AD714A23F Ref B: AMS231032609033 Ref C: 2022-10-12T13:03:46Z
x-ua-compatible
IE=edge,chrome=1
x-xss-protection
1; mode=block
polyfills-bundle-a156a541bde262ab44ff.js
res.cdn.office.net/officehub/bundles/ Frame 2ABC 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/officehub/bundles/polyfills-bundle-a156a541bde262ab44ff.js
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 02:16:10 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
46b05c4d-901e-0043-2142-dd19cb000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
31869
sharedscripts-c77f7edec8.js
res.cdn.office.net/officehub/bundles/ Frame 2ABC 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/officehub/bundles/sharedscripts-c77f7edec8.js
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 09 May 2022 22:18:52 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cb146b6b-701e-0039-75fc-63048b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
15201
staticscripts-34b9cd1d7d.js
res.cdn.office.net/officehub/bundles/ Frame 2ABC 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/officehub/bundles/staticscripts-34b9cd1d7d.js
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 15 Sep 2022 03:13:54 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5110e6c9-401e-000d-6311-cd3743000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
5454
app-bundle-d822ad22221b0ce63ffb.js
res.cdn.office.net/officehub/bundles/ Frame 2ABC 		0
305 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/officehub/bundles/app-bundle-d822ad22221b0ce63ffb.js
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 02:15:46 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
87b73d85-101e-004d-3a37-dd307b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
311799
app-bundle-ceb702ec3da0f3901762.css
res.cdn.office.net/officehub/bundles/ Frame 2ABC 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/officehub/bundles/app-bundle-ceb702ec3da0f3901762.css
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 02:15:45 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
af00ab9f-c01e-004e-7f37-ddd11f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
14646
header-default-desktop-652cc04392.svg
res.cdn.office.net/officehub/images/content/images/fluent-background-sources/ Frame 2ABC 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/officehub/images/content/images/fluent-background-sources/header-default-desktop-652cc04392.svg
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 01 Sep 2021 01:22:50 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b6517747-d01e-0052-05e1-30837f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
1403
prefetch.aspx
outlook.office365.com/owa/ Frame 0B2C 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: www.office.com
URL: https://www.office.com/prefetch/prefetch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:c03:6815::2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
adb62405a2fe58a23fd0c3a5d6ed7af7a1e231d56144edcee38820cb7c38b85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Alt-Svc
h3=":443",h3-29=":443"
Cache-Control
private, no-store
Content-Length
2745
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Oct 2022 13:03:46 GMT
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=DHR"}],"include_subdomains":true}
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
VI1P194MB0686
X-BackEnd-Begin
2022-10-12T13:03:46.927
X-BackEnd-End
2022-10-12T13:03:46.927
X-BackEndHttpStatus
200 200
X-BeSku
WCS6
X-CalculatedBETarget
VI1P194MB0686.EURP194.PROD.OUTLOOK.COM
X-CalculatedFETarget
VI1PR10CU003.internal.outlook.com
X-Content-Type-Options
nosniff
X-DiagInfo
VI1P194MB0686
X-FEEFZInfo
DHR
X-FEProxyInfo
AS9P194CA0025.EURP194.PROD.OUTLOOK.COM
X-FEServer
VI1PR10CA0105 AS9P194CA0025
X-FirstHopCafeEFZ
DHR
X-IIDs
0
X-OWA-DiagnosticsInfo
1;0;0
X-OWA-Version
15.20.5709.21
X-Proxy-BackendServerStatus
200
X-Proxy-RoutingCorrectness
1
X-RUM-Validated
1
X-UA-Compatible
IE=EmulateIE7
request-id
936b4979-4d7d-8d1e-581e-defd1d1ee77a
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.5709.21/scripts/ Frame 0B2C 		648 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/scripts/boot.worldwide.0.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 15:45:59 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
179692
pp.l
portal.microsoftonline.com/ Frame C634 		813 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.microsoftonline.com/pp.l?CID=527c4f89d27d4a28a51081a45727f2cd&pageId=Prefetch.aspx&d={B:{S:%27L%27,LT:793,UT:-1,MT:-1},A:{ET:-1,OT:1,DT:107,CT:151,RT:181,ST:182,MT:-1,LT:990},C:{LT:1665579826969}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:9482 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9397d5506d9bb44184a4bd44001382209441bd80d8c5fb4f3dffdb1f966b7995
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Wed, 12 Oct 2022 13:02:46 GMT
pragma
no-cache
strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 13:03:46 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
cache-control
private
content-length
191
x-ua-compatible
IE=Edge
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.5709.21/scripts/ Frame 0B2C 		644 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/scripts/boot.worldwide.1.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c7bcfcd2305204dd3ded9a440c9a0a67b14f8d63224ed72795b23243d90a6771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 15:45:53 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
163086
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.5709.21/scripts/ Frame 0B2C 		647 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/scripts/boot.worldwide.2.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8533d0f21e61506e6a8e9517b63019a16b2af69805c6f2c86c02f6319e14de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 15:46:00 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
169702
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.5709.21/scripts/ Frame 0B2C 		645 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/scripts/boot.worldwide.3.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
792dc78187a6f568e693191d29532b39659dfc92fbd8d44949f9c89d01cb2de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 15:45:53 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
145618
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.5709.21/resources/images/0/ Frame 0B2C 		132 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/resources/images/0/sprite1.mouse.png
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 16:08:18 GMT
server
AkamaiNetStorage
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
132
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.5709.21/resources/images/0/ Frame 0B2C 		994 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/resources/images/0/sprite1.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 16:08:20 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
288
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.5709.21/resources/styles/0/ Frame 0B2C 		227 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5709.21/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:584::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 16:08:49 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
44144

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ function| onclickListener object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503 boolean| __convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970 function| $ function| jQuery object| $Api boolean| __convergedlogin_ppassword_51269b1fec08d00a3770

21 Cookies

Domain/Path Name / Value
.app.link/ Name: _s
Value: zswcUH97Qjs6ewwNaX26RcHOUqQHim4FdpQ7%2BruIz0sJgwLwaTvgNCtRYIXEu2FW
redirecting.sbs/ Name: xid
Value: 2WN8R7sobIpj
web-login.provideroffice.live/ Name: x-ms-gateway-slice
Value: estsfd
web-login.provideroffice.live/ Name: stsservicecookie
Value: estsfd
.provideroffice.live/ Name: LPQy
Value: 7c4d9fadce3050175cab80e22c30b9fff32eff2b6cbb8d606efc495cff6c8be4
.web-login.provideroffice.live/ Name: AADSSO
Value: NA|NoExtension
web-login.provideroffice.live/ Name: SSOCOOKIEPULLED
Value: 1
web-login.provideroffice.live/ Name: buid
Value: 0.ATwAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrvImmJvyMRtApvbFK3ID0-Wa-eTVLbDdUFloQ_kEHip3YoMMhChhZ1ccY-PYkAS7cALXt6sHFdUhGKSK2xSOLyuR3hLDazeaN-dzYxuEgiPogAA
web-login.provideroffice.live/ Name: fpc
Value: AjHOMSK81plPpjiWaBeBidi4vjNwAQAAADGy2NoOAAAA
.web-login.provideroffice.live/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevriNkTPzKlYRPEfh0x3LCOGRtY_08CzVJV7sDva_QrSv7UnFEpocrJs2Juo7CNWGlcoXrpzs9v3bIvOoh_0SLIX9NQVYEjoffqB4MqjbTPTxuE6aCZo8QiM-s2OUMaE4eg8rH1eRtUIOidI9_-ebVW_mmVapXWEX8O6e7fxt4BJeLq_kjYaaUs2k4HM1HHMUuMm8AVbYg-GrUsB-hSDkTmJJPwVvxKJbpNBadMJFXwgkkgAA
.web-login.provideroffice.live/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 1b4436f20044437cb7feabda3e934dfb
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1665579825&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AuP39WNLLD9KrVAdy15bBig
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd
www.office.com/ Name: OH.SID
Value: c0e0f708-429b-44f4-ad37-f9b76b5be707
www.office.com/ Name: OH.DCAffinity
Value: OH-weu
www.office.com/ Name: OH.FLID
Value: d74a864f-5b28-4f5c-9d8a-976c6993fdef
outlook.office365.com/ Name: ClientId
Value: FADBE9AB2A754F04AAA65E20AFCAEF70
outlook.office365.com/ Name: OIDC
Value: 1

32 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/blackrock.com/winauth/ssoprobe?client-request-id=0ba3a3f8-f548-44e7-9b39-c03b4fbc9f1c&_=1665579826085
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/adoption.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/commonhealthdashboard.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/home15.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/Images/transparent.gif
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/home.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/Shell/Images/header_bg_signup_office.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/images/webcontrols.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/Shell/Images/O365SharedClusteredImage.png
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/Shell/Images/pagelayout_mos_background_right.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/Shell/Images/pagelayout_mos_background_left.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/Shell/Images/pagelayout_nav_highlight.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/Shell/Images/pagelayout_white_panel.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/Shell/Images/header_wizard_hl_mos.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/Images/list_bullet_5x5.gif
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://res.cdn.office.net/images/spinner_16x16_metro.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/website.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/shell/images/o365_gallatin_logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/images/servicestatus.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/images/backgrounds/image1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/images/spinner_24x24_metro.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/assistancepanel.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/images/scrollbar/arrow_staticup_16.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/conciergehelper.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/images/scrollbar/arrow_staticdown_16.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/shell/images/signup_ms_logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/searchbox.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/webtrends.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/css/home.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/webtrendsstream.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/reporting.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cdn.office.net/admincenter/admin-pkg/2022.10.6.3/de/js/assistancepanel.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
login.live.com
outlook.office365.com
portal.microsoftonline.com
proceeding.app.link
r4.res.office365.com
redirecting.sbs
res.cdn.office.net
web-login.provideroffice.live
www.office.com
152.199.23.72
20.190.159.73
2600:9000:2182:b600:19:9934:6a80:93a1
2603:1026:c03:6815::2
2603:1027:1:158::a
2606:4700:3037::6815:130
2620:1ec:40::44
2620:1ec:a92::156
2a01:111:f100:9001::1761:9482
2a02:26f0:3500:584::1e0f
2a06:98c1:3121::3
00163f8b3a0f8ce6ba6ddb1706e7670598d29d6d437f50f982798e67f041da0f
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
06e3eb15f47d434b0050d88dd05e13c1c99ecc449199750320abb1a1087daf85
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
156f4475e389fb12910e48adbc968118a69b30dbc1b8b4378edf625dfa053eb8
15834a7491d77c663548aa33ec7ef860a21f5ae586666c04783146874b9ca528
216e64715e5a7fe493fe91ee7105efb33549d36124a57ffb6cc3170f77e1b78e
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
28383c7e2db70923ffdabf9ea34e3666be26ebcd37120def4f5a0234e69e1246
2a81375139c443530fecbf7b97800a87f94789764d03d5963b985300297b145d
2e8859f136956ce2ae0c5330bf402a9cf673b6a5191e394232fa2cc6364c3c43
329e33e61952a1445bf79f6d073ff443339aa13e6338c568d20a3015c0e7bf9e
35800e34d1cd069ef71d56454ed2293013531eca9d3bfb919f3f6e2f8c4ec24b
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
382ffa068deb747a667d355fb79785af950a1b5f27a6bee0f1c97383f4cb1996
3aa9723cf35e0c085cd6d9eb5979612609d37897aca8b0629a6c0ddd302639e1
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41a8eb2356079e81d6a1166d5872e9f4bdf6bae18699a0a552510ca518fc30b8
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
4d94466756e26789f0c85098d45d0db6196efb97fd1394e720363a9bb183cb5e
4e62c774bdda5277d38f1a1db9fd0fa454e39696c20a37831733e83ac9775aef
5ab76b02f229e2c583d3f56d3c80a2bbc2ae5944af4af4ea69fdd600511f6b07
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
65bff3bf2cd9b638a2caec8565490d1708ad0922801eb7be21070ad18cfac380
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
6fedae5107f342161ba5b8dc77d5d20a77feec58a4417a4cb14c8baa883d157e
73787b4d2c10f55fccdb081d5eabcef34d86a5a7b3ae7fb5a845a682f6f2e407
78f204fb7b794aad7425f3822f1c8c0107f0fa1442369a798aef0dc6bf35b40d
792dc78187a6f568e693191d29532b39659dfc92fbd8d44949f9c89d01cb2de3
79f6c7dc6daafef4d7d585399f56e683a6cb6232fdd3c2b2ef07becb3c1f6885
811e2184acac6e3dc10851b5e1ddd6f431ab4feff39a4914ee487a961f7761db
8533d0f21e61506e6a8e9517b63019a16b2af69805c6f2c86c02f6319e14de5d
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b1fd4cb3c157b68c50f453502ee96ae3485d0e9b5069c6d6aa798fa51b183dd
8dc4107571ba20983d62df95a23d5cabc961418c55b75a8ceb1437a83cc7ab3f
9397d5506d9bb44184a4bd44001382209441bd80d8c5fb4f3dffdb1f966b7995
963fa397da2ef3b2d6e26e900c37e4dbbd594979b891398404bdc32a0fb4bb96
965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1
9b440fbd7209e59dce7e99d9df330ee309b39b655fb7a7af4209e4e76813c7ea
a0bbeb1aa7d9879326eddd7b51aac83169e697b9b6ebdfef1ead16097e4c2ab5
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a7d1844d78e4f48c20a22974ff1be8256836fa19623291b898528e1e6d03e367
a9e5ba7c54abb32d448996730711a2c0d3d356813405ec93877034ee0414bde0
acf8dd618f24d6ed3ac17d06e68fdb0b94cf2dd1d11241dae34a29ab6369066a
adb62405a2fe58a23fd0c3a5d6ed7af7a1e231d56144edcee38820cb7c38b85d
b6b608b5973cc174f7b1db8d44f52557df3841cba7bbd592ec5d2e344f7108f4
b8f2ec51817f7ec14d170b9f66d907fc754a39a278767c19f20c331038b4dda9
c1a605ba985ee8298c1421f011454557f1e21ac55559f0490bcf8f3cd7d41cb1
c1bf2d5549e6a44c730848d6516b15027a1bcd945d3873b5a59c9b0328594d10
c3884c02996923d5be8f0150d8e407562f87fb48d034080740d899682967bb3f
c70ca39a899c687b11a95a6eb63eac46651c4a615da60d380498ab7935ed30ce
c7bcfcd2305204dd3ded9a440c9a0a67b14f8d63224ed72795b23243d90a6771
c7e5524918b83475f905d489c4db25a327d751dfe5075edd0ea054e84af53d36
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
cbc7375df2dcc2887d9c08490ba01e55a98ac44f90d223adcce0b5f245d9655c
cc8979574206a42beb95002ac804a1deb2c0b97c77de7850e8b7e509cbaf453b
ce54609f7e925859ce02111feae0ffd74152a6e1273565941cfe62bc3e8932db
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
d8b66151e698d6eb26d0e93505f5e07d9c05c75bc0fe2b45e16ead9f36e45358
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d3eefa6709ff580cfcc28fb8389632d28cfedecb7aac5a7c1347b21b2ff39f
e4db255088ad6c4c6eaf2c69499a0c9ccfe527407ccc9d2690c5cd8908aaae06
ea25fdd69b86b78a43bdd9e4216d2c4dd74146cba880c2b2b5d8903d0fa47829
eef11f9175340ce4384c331041052cdfa080a5d9abeb0bbefa5d1ce414e0ab0a
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f4347397b602d756ae0f6d0f398520fedb085cdaf97f8d28fd77c876bb44bab0
f5d41249a8a4248105588f7b5a179ffec8d48a27d124277e19b6ceccd42c5d82
f78a659d1f272f9c0aceb7be9ee1c095a2c52e136ba712602520e7a268583b66
f94db6ff18ab676d3ff153b9c0185fd12c7edff3ca3ecf0353efaa9cca48eef6