urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net Open in urlscan Pro
52.8.19.14  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/
Effective URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On September 26 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 52.8.19.14, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 26th 2024. Valid for: a year.
This is the only time login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 9 52.8.19.14 16509 (AMAZON-02)
16 13.57.129.12 16509 (AMAZON-02)
26 3
Domain Requested by
16 aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
5 login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net 1 redirects aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
2 login.live.com.office.pop100-o36591.qapop.myshn.net login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
1 aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
1 www.office.com.office.pop100-o36591.qapop.myshn.net 1 redirects
26 5
Subject Issuer Validity Valid
office.pop100-o36591.qapop.myshn.net
GlobalSign RSA OV SSL CA 2018		 2024-09-26 -
2025-10-28		 a year crt.sh
office.dra-company-365.dracompany.myshn.net
GlobalSign RSA OV SSL CA 2018		 2023-03-23 -
2024-04-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Frame ID: D92745469F265E42E1066C5F61629257
Requests: 25 HTTP requests in this frame

Frame: https://login.live.com.office.pop100-o36591.qapop.myshn.net/Me.htm?v=3
Frame ID: 3CF617FC76EC49EE9672DAC3B835630C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

アカウントにサインイン

Page URL History Show full URLs

  1. https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ HTTP 302
    https://www.office.com.office.pop100-o36591.qapop.myshn.net/login HTTP 302
    https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

62 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

3
IPs

1
Countries

422 kB
Transfer

1412 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ HTTP 302
    https://www.office.com.office.pop100-o36591.qapop.myshn.net/login HTTP 302
    https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/
Redirect Chain
  • https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/
  • https://www.office.com.office.pop100-o36591.qapop.myshn.net/login
  • https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.p...
48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5347cab9d4c00fcaedcb0fbf7ff206eee7479b5a86e810bb2e1e26bbe8aea95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
15960
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Sep 2024 12:27:55 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.18947.4 - SCUS ProdSlices
x-ms-request-id
d163a83c-46cd-43dd-87e2-f704088b8c00
x-ms-srs
1.P

Redirect headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Sep 2024 12:27:55 GMT
Location
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Cache
CONFIG_NOCACHE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-MSEdge-Ref
Ref A: 545CF1368EF249D58143418A21BFBB03 Ref B: BY3EDGE0212 Ref C: 2024-09-26T12:27:55Z
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-UA-Compatible
IE=edge,chrome=1
X-XSS-Protection
1; mode=block
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/ 		111 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DC9BA9D4131BFD
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:56 GMT
Content-Type
text/css
Last-Modified
Wed, 03 Jul 2024 21:48:08 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
e34bfff6-201e-001d-1e9f-0ff147000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
20414
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122756Z-r1848754585vcv9mzugssugaqc0000000140000000001hta
Server
nginx
ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ 		0
0
ux.converged.login.strings-ja.min__oyksubhxjbjkojb9dkojq2.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-ja.min__oyksubhxjbjkojb9dkojq2.js
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6598670b81b390f16864c2eaee936834d884ff294477fc19cc0928d81ad1d179

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Cache-Info
L1_T2
X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DCC6D538334E9C
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:56 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 27 Aug 2024 20:17:05 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
94d39cef-b01e-006d-1578-0f48b0000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18102
x-azure-ref
20240926T122756Z-r18487545858jxtdzrnve046940000000190000000000fbb
x-ms-blob-type
BlockBlob
Server
nginx
Me.htm
login.live.com.office.pop100-o36591.qapop.myshn.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com.office.pop100-o36591.qapop.myshn.net/Me.htm?v=3
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-Length
78
Date
Thu, 26 Sep 2024 12:27:56 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ 		0
0
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8D8DA1D997CA245
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:56 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 26 Feb 2021 06:13:13 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
c4a78fdf-f01e-0077-619f-0f617d000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
40454
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122756Z-r1848754585vcv9mzugssugaqc0000000140000000001hu5
Server
nginx
ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ 		439 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
50cdb94cb53f2aeaaccb494d90ef5a7771150eb3bdd824513f1db1bec9b6699b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DCC7710D0FB909
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:56 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 28 Aug 2024 14:52:34 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
2e1085c0-801e-0030-7d9f-0f0a26000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
122228
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122756Z-r1848754585vcv9mzugssugaqc0000000140000000001hva
Server
nginx
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8D876CB1D67B929
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:56 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 22 Oct 2020 20:43:21 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
521baf53-201e-0050-1e83-0f3eab000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
4880
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122756Z-r18487545858jxtdzrnve046940000000190000000000fc8
Server
nginx
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ 		186 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b61c610446afbe56aff0c2a86a393990d29706cd5ac6c4a0c47d5df17f4c769f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DB5D44A8CEE4F4
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 25 May 2023 17:22:47 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
f2fb2550-a01e-0061-4a76-0fdfb8000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
61118
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122757Z-r1848754585vzvbsr04r0h03cg00000000dg000000002kw5
Server
nginx
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DA5944A4FF258E
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:57 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 28 Jun 2022 20:27:38 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
e3180c77-401e-0069-749f-0fc5b7000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
3921
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122757Z-r1848754585vcv9mzugssugaqc0000000140000000001hwe
Server
nginx
watson
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/handlers/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/handlers/watson
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d193e237683ced1f912ab112a28e314c539595d9f97ec64bb17bc0380ed7defb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
hpgact
1800
canary
PAQABDgEAAAApTwJmzXqdR4BN2miheQMYsuLuMWzZShMu_hqDEL5a910B-fbI6TFvdKn51ZmE8uIx3ZEWre5wUcbELthGpSKxstNW9fV8f-xKobp-u6--IcZKapDpJ2DRuuS94zvjNx6qW-K0sTKvkZq8qiPhKIASQKE6nFAaQjvNroKFT50QZ1z6iyEy_ufi46RmLyMJlr57FsvbYXm3PSaiVL3XzEXJvG5o70h3705wmsIfjl0zZCAA
client-request-id
0416e3c1-4d7b-4850-a313-20a1d21ad427
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json; charset=UTF-8

Response headers

X-Robots-Tag
none
x-ms-ests-server
2.1.18947.4 - EUS ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
X-Content-Type-Options
nosniff
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Date
Thu, 26 Sep 2024 12:27:57 GMT
Content-Type
application/json; charset=utf-8
x-ms-srs
1.P
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, no-cache
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
x-ms-request-id
b571a015-9b9c-454a-b33b-08a3759a1000
client-request-id
0416e3c1-4d7b-4850-a313-20a1d21ad427
Content-Length
265
X-XSS-Protection
0
Server
nginx
watson
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/handlers/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/handlers/watson
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0eb71fd94367e8c5eb592567cb0877b75fa16fcaf6dde4b1b215243e0640f0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
hpgact
1800
canary
PAQABDgEAAAApTwJmzXqdR4BN2miheQMYsuLuMWzZShMu_hqDEL5a910B-fbI6TFvdKn51ZmE8uIx3ZEWre5wUcbELthGpSKxstNW9fV8f-xKobp-u6--IcZKapDpJ2DRuuS94zvjNx6qW-K0sTKvkZq8qiPhKIASQKE6nFAaQjvNroKFT50QZ1z6iyEy_ufi46RmLyMJlr57FsvbYXm3PSaiVL3XzEXJvG5o70h3705wmsIfjl0zZCAA
client-request-id
0416e3c1-4d7b-4850-a313-20a1d21ad427
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json; charset=UTF-8

Response headers

X-Robots-Tag
none
x-ms-ests-server
2.1.18947.4 - NCUS ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
X-Content-Type-Options
nosniff
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
application/json; charset=utf-8
x-ms-srs
1.P
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, no-cache
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
x-ms-request-id
f0cdf276-99bb-4107-b1fa-1e4f73edda00
client-request-id
0416e3c1-4d7b-4850-a313-20a1d21ad427
Content-Length
265
X-XSS-Protection
0
Server
nginx
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/ 		397 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DCBD5317046A2F
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 15 Aug 2024 17:52:54 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
c8d02abc-801e-004a-3281-0f60d9000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
116365
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122758Z-r1848754585vzvbsr04r0h03cg00000000dg000000002kwh
Server
nginx
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/ 		81 B
292 B 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
446e116ebd4ad27daafe352da79b7640098da28d9901913fb78dcb3f2e599db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-Length
81
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-Length
81
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
ETag
0x8DB5C3F48EC4154
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
image/gif
Last-Modified
Wed, 24 May 2023 10:11:47 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
398b97a0-201e-001d-5665-0ff147000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2672
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122758Z-r1848754585vzvbsr04r0h03cg00000000dg000000002kx9
Server
nginx
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/ 		81 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
446e116ebd4ad27daafe352da79b7640098da28d9901913fb78dcb3f2e599db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-Length
81
Date
Thu, 26 Sep 2024 12:27:58 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-MD5
betEqf4nMmbvq8MhS5mLoA==
X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
Etag
0x8DCBD52F3A242D0
Age
3508447
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
HIT
Date
Thu, 26 Sep 2024 12:27:59 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 15 Aug 2024 17:51:55 GMT
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
39681758-201e-003d-6c26-f0bc37000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
5529
x-ms-blob-type
BlockBlob
Server
nginx
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/ 		81 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
446e116ebd4ad27daafe352da79b7640098da28d9901913fb78dcb3f2e599db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-Length
81
Date
Thu, 26 Sep 2024 12:27:59 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DB5C3F4911527F
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:59 GMT
Content-Type
image/svg+xml
Last-Modified
Wed, 24 May 2023 10:11:48 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
eafe2a09-901e-002c-1166-0f5846000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1435
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122759Z-r1848754585vzvbsr04r0h03cg00000000dg000000002ky6
Server
nginx
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/ 		81 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
446e116ebd4ad27daafe352da79b7640098da28d9901913fb78dcb3f2e599db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

Content-Length
81
Date
Thu, 26 Sep 2024 12:27:59 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
Me.htm
login.live.com.office.pop100-o36591.qapop.myshn.net/ Frame 3CF6 		78 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com.office.pop100-o36591.qapop.myshn.net/Me.htm?v=3
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
454b494b8e0cd2677946c5d084e7766df24387f12c6170c982a6a0c2396955ca

Request headers

Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
78
Content-Type
text/plain
Date
Thu, 26 Sep 2024 12:27:59 GMT
Server
nginx
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
watson
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/handlers/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/handlers/watson
Requested by
Host: aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.8.19.14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-19-14.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c020398dcb18204fec336cf13f898b9cdf56dab643c873b4c2295d7abdf62ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
hpgact
1800
canary
PAQABDgEAAAApTwJmzXqdR4BN2miheQMYsuLuMWzZShMu_hqDEL5a910B-fbI6TFvdKn51ZmE8uIx3ZEWre5wUcbELthGpSKxstNW9fV8f-xKobp-u6--IcZKapDpJ2DRuuS94zvjNx6qW-K0sTKvkZq8qiPhKIASQKE6nFAaQjvNroKFT50QZ1z6iyEy_ufi46RmLyMJlr57FsvbYXm3PSaiVL3XzEXJvG5o70h3705wmsIfjl0zZCAA
client-request-id
0416e3c1-4d7b-4850-a313-20a1d21ad427
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json; charset=UTF-8

Response headers

X-Robots-Tag
none
x-ms-ests-server
2.1.18947.4 - WUS3 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
X-Content-Type-Options
nosniff
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Date
Thu, 26 Sep 2024 12:27:59 GMT
Content-Type
application/json; charset=utf-8
x-ms-srs
1.P
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, no-cache
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
x-ms-request-id
3b502554-c53d-47c3-badb-82849ae28a00
client-request-id
0416e3c1-4d7b-4850-a313-20a1d21ad427
Content-Length
265
X-XSS-Protection
0
Server
nginx
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/ 		0
0
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.57.129.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-129-12.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
Referer
https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/

Response headers

X-Robots-Tag
none
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-Encoding
gzip
x-ms-lease-status
unlocked
ETag
0x8DB5C3F47E260FD
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
X-SkyHigh-Version
BuildNumber=19, BuildDate=2024-09-18 13:53
X-Cache
TCP_HIT
Date
Thu, 26 Sep 2024 12:27:59 GMT
Content-Type
image/svg+xml
Last-Modified
Wed, 24 May 2023 10:11:46 GMT
Cache-Control
public, max-age=31536000
Connection
keep-alive
x-ms-request-id
d9c4b20b-501e-0076-4981-0f491e000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
673
x-ms-blob-type
BlockBlob
x-azure-ref
20240926T122759Z-r1848754585vcv9mzugssugaqc0000000140000000001hyf
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
URL
https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Domain
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net
URL
https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Domain
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net
URL
https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| StringRepository object| PROOF boolean| __ function| $ function| jQuery object| webpackJsonp object| ko object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore object| $Api boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834

14 Cookies

Domain/Path Name / Value
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: stsservicecookie
Value: estsfd
www.office.com.office.pop100-o36591.qapop.myshn.net/ Name: OH.DCAffinity
Value: OH-wus
www.office.com.office.pop100-o36591.qapop.myshn.net/ Name: OH.FLID
Value: 1fc3cc6c-addf-4b9a-af9c-430f8e6356bd
www.office.com.office.pop100-o36591.qapop.myshn.net/ Name: .AspNetCore.OpenIdConnect.Nonce._cC9y1wPKHqNw6qgtVtwH0RZqlwwzFjfHeJwjUzDyUHf3IQt34_UCMETKuY00bTejOGgpVV7qv5Go0i4yIzJbwGvNJoAUg6WqD1nd_dUloYzneXQ7X7sYSzicu_IdOtWoyUIQp8i2nEO4qhx_C6HB_G0h7zGfzllNRowbAVxLQDX89n8hKJDPK7XJayg1S46ie6L2t-bwNfOVdOs1JRYk5lEPeYFyREP5TX_XzoFfkCKqfDxefkzu6TQlCw5GpBA
Value: N
www.office.com.office.pop100-o36591.qapop.myshn.net/ Name: .AspNetCore.Correlation.yGo-yR-5AB5LpfWZqFiTfxmf5pH7s6J-sfYoUcAZ9_0
Value: N
.office.com.office.pop100-o36591.qapop.myshn.net/ Name: MUID
Value: 34C571BAE63F6F0D3B3E64BCE7736E35
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: buid
Value: 0.AVAAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYLEIFiTLJ-u2Rdumg_ifMl3BJqego0P6bgUmKUHvnc0WBlfLMsOodXzwqsNTarRfBHeRwBbHR2QC1F_B7t1lyvmGHHMDbSHZMnn3I7qPb9gIgAA
.login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYum8uqBB3IdTY4lpU-fxPquBjk6Z_A7nXT1Xm99FCMnkUxueH7JYAx-mdk9mdBJSs8Uu-_TpaHhl5gK2w91MZy9xtc1c2l_JWEGKACd62QIZ7rtlD0cTP-pEga9PsmxaYGZe_5zQhD9Gk-WiR12v-3D08tqCfsjZDwpUUZHuUSoMgAA
.login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: esctx-1063OyYBSQ
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYgojm9V3wCvCluSgSu60C0VGAZGh0qX3B1hYZ7PN-eOK_IYKk6icMZzfMi0luW5DkkDGB0S7es4LuYmo5NJJrWSJVY33PRAUkQJV-qtt2yX3jpV5_CmocumMSoEFS3Tu6yq_nu6X_fJ2CVK4e8xPILSAA
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: fpc
Value: ApPPraYjeW5JnyWjuYEqaxa8Ae7AAQAAAEpKh94OAAAA
.office.pop100-o36591.qapop.myshn.net/ Name: SHN-VH-session
Value: c000e0db-9aa4-4203-a7c0-4d982ce6b46b|1727355475431
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 9df99223-26d2-403e-9cc1-6e96d4e57ed3
.login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/ Name: brcap
Value: 0

13 Console Messages

Source Level URL
Text
javascript error URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Message:
Access to script at 'https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js' from origin 'https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://login.live.com.office.pop100-o36591.qapop.myshn.net/Me.htm?v=3
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Message:
Access to script at 'https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js' from origin 'https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://login.live.com.office.pop100-o36591.qapop.myshn.net/Me.htm?v=3
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com.office.pop100-o36591.qapop.myshn.net%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638629504753116603.Yjk2NmNlN2EtOTE2ZS00ZDFkLTk1MWUtMmFkZjEwMGFhNjdiNjAzZWViZmMtZThjZC00NGY0LWJjN2UtOTE1ZGQ0MzdkMGQ4&ui_locales=ja-JP&mkt=ja-JP&client-request-id=0416e3c1-4d7b-4850-a313-20a1d21ad427&state=DXBMK0nD4XXGuMfPONRgwDosMJSf8P-7dSw9xx6fGiEqY5QlMXySaeOCR4S-1gNjjkQO-EP75-o8ZHZE8uMI6Xu-J4PjZjF7aQuJMZmJ1ZZOLXdSFoTUPw-2m6A9Ac743ZaoSJnuYwyfE6x3ICogcdh4h_AmjryeyREchEYIthzR58Bxm38poMx5dZni0goH8uc_peCytB4yxNBKLJfySlYpPcl-RRn9p6oF_Pb_Mmj94vQJCoodGg2-0iUhmN8ee9uHV3djeQ-v8gWBYJghWg&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Message:
Access to image at 'https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg' from origin 'https://login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net
login.live.com.office.pop100-o36591.qapop.myshn.net
login.microsoftonline.com.office.pop100-o36591.qapop.myshn.net
www.office.com.office.pop100-o36591.qapop.myshn.net
aadcdn.msauth.net.office.pop100-o36591.qapop.myshn.net
aadcdn.msftauth.net.office.pop100-o36591.qapop.myshn.net
13.57.129.12
52.8.19.14
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0eb71fd94367e8c5eb592567cb0877b75fa16fcaf6dde4b1b215243e0640f0f0
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
446e116ebd4ad27daafe352da79b7640098da28d9901913fb78dcb3f2e599db3
454b494b8e0cd2677946c5d084e7766df24387f12c6170c982a6a0c2396955ca
50cdb94cb53f2aeaaccb494d90ef5a7771150eb3bdd824513f1db1bec9b6699b
5347cab9d4c00fcaedcb0fbf7ff206eee7479b5a86e810bb2e1e26bbe8aea95b
6598670b81b390f16864c2eaee936834d884ff294477fc19cc0928d81ad1d179
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b61c610446afbe56aff0c2a86a393990d29706cd5ac6c4a0c47d5df17f4c769f
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
c020398dcb18204fec336cf13f898b9cdf56dab643c873b4c2295d7abdf62ff0
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
d193e237683ced1f912ab112a28e314c539595d9f97ec64bb17bc0380ed7defb
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0