urlscan.io logo urlscan.io
SecurityTrails logo

suk.officehome.msocdn.com Open in urlscan Pro
23.37.48.112  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://suk.officehome.msocdn.com/
Effective URL: https://suk.officehome.msocdn.com/
Submission: On May 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 31 HTTP transactions. The main IP is 23.37.48.112, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is suk.officehome.msocdn.com.
TLS certificate: Issued by Microsoft IT TLS CA 5 on December 7th 2017. Valid for: 2 years.
This is the only time suk.officehome.msocdn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
1 13 23.37.48.112 16625 (AKAMAI-AS)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
3 40.77.226.250 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.114.132.74 8075 (MICROSOFT...)
31 12
13    23.37.48.112 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-48-112.deploy.static.akamaitechnologies.com
suk.officehome.msocdn.com
blob.officehome.msocdn.com
3    2a02:26f0:6c00::210:ba21 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
statics-uhf-eus.akamaized.net
2    2a02:26f0:eb:38e::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
c.s-microsoft.com
1    2a02:26f0:6c00::210:ba28 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
img-prod-cms-rt-microsoft-com.akamaized.net
3    2a02:26f0:6c00:18d::37 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
mem.gfx.ms
3    2a02:26f0:eb:381::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
c.s-microsoft.com
1    2a02:26f0:6c00:183::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.microsoft.com
1    2a02:26f0:eb:380::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
uhf.microsoft.com
3    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c1.microsoft.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c.bing.com
1    52.114.132.74 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com
Domain Requested by
11 blob.officehome.msocdn.com suk.officehome.msocdn.com
5 c.s-microsoft.com suk.officehome.msocdn.com
3 web.vortex.data.microsoft.com blob.officehome.msocdn.com
mem.gfx.ms
3 mem.gfx.ms suk.officehome.msocdn.com
mem.gfx.ms
3 statics-uhf-eus.akamaized.net suk.officehome.msocdn.com
2 c1.microsoft.com 1 redirects
2 suk.officehome.msocdn.com 1 redirects
1 browser.pipe.aria.microsoft.com blob.officehome.msocdn.com
1 c.bing.com 1 redirects
1 uhf.microsoft.com suk.officehome.msocdn.com
1 www.microsoft.com suk.officehome.msocdn.com
1 img-prod-cms-rt-microsoft-com.akamaized.net suk.officehome.msocdn.com
31 12
Subject Issuer Validity Valid
*.officehome.msocdn.com
Microsoft IT TLS CA 5		 2017-12-07 -
2019-12-07		 2 years crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-10-18 -
2019-10-18		 a year crt.sh
www.microsoft.com
Microsoft IT TLS CA 4		 2018-01-16 -
2020-01-16		 2 years crt.sh
mem.gfx.ms
Microsoft IT TLS CA 2		 2018-02-05 -
2020-02-05		 2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.vortex.data.microsoft.com
Microsoft IT TLS CA 5		 2018-01-30 -
2020-01-30		 2 years crt.sh
c.msn.com
Microsoft IT TLS CA 1		 2018-09-13 -
2020-09-13		 2 years crt.sh
*.events.data.microsoft.com
Microsoft IT TLS CA 2		 2017-11-07 -
2019-11-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://suk.officehome.msocdn.com/
Frame ID: A23B07175CE509D68EBA59B0AA01AE52
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://suk.officehome.msocdn.com/ HTTP 301
    https://suk.officehome.msocdn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

12
Subdomains

12
IPs

4
Countries

649 kB
Transfer

1176 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://suk.officehome.msocdn.com/ HTTP 301
    https://suk.officehome.msocdn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=82D5E9AD4D5E49A7B9342B201921760B&RedC=c1.microsoft.com&MXFR=258ED6429A9663293C90DB1E9E966518 HTTP 302
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=82D5E9AD4D5E49A7B9342B201921760B&MUID=070E5EED414E65860A8353B1454E6361

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
suk.officehome.msocdn.com/
Redirect Chain
  • http://suk.officehome.msocdn.com/
  • https://suk.officehome.msocdn.com/
77 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af11b16e25032e9726947cfa71becea3114d24f18a187ea8f4239b235fa47a6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
suk.officehome.msocdn.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge,chrome=1
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
content-length
19179
x-cache-start
1557149032 1557165454
date
Tue, 14 May 2019 14:41:40 GMT
x-cdn
695868
timing-allow-origin
*

Redirect headers

Cache-Control
private
Location
https://suk.officehome.msocdn.com:443/
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Content-Length
0
Date
Tue, 14 May 2019 14:41:38 GMT
Connection
keep-alive
Timing-Allow-Origin
*
segoeui_light.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_light.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Apr 2019 05:28:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
status
200
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
2c4f64c0-301e-0008-2006-f41179000000
x-cache-start
1555386066
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
10544
access-control-expose-headers
content-length
segoeui_regular.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_regular.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Apr 2019 05:28:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
status
200
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
f35e6bcd-f01e-0073-4a06-f47ac9000000
x-cache-start
1555386066
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
11100
access-control-expose-headers
content-length
segoeui_semibold.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_semibold.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Apr 2019 05:28:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
status
200
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
0cc83f24-001e-0044-0c06-f4d666000000
x-cache-start
1555386066
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
11356
access-control-expose-headers
content-length
segoeui_semilight.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_semilight.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Apr 2019 05:28:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
status
200
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
53c7937d-301e-006e-5a06-f4a323000000
x-cache-start
1555386066
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
12164
access-control-expose-headers
content-length
unauth-rtl-05cf2e79cf.css
blob.officehome.msocdn.com/bundles/ 		42 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/bundles/unauth-rtl-05cf2e79cf.css
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae4cb952ac5301a0eecfef5114e5d29b266eb995f27e0999201069fa933ed329
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1555425004
content-length
23543
last-modified
Wed, 03 Apr 2019 19:44:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1d274c14-d01e-002b-2560-f47eb2000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
sharedfontstyles-30d1fc43fd.css
blob.officehome.msocdn.com/bundles/ 		1 KB
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/bundles/sharedfontstyles-30d1fc43fd.css
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d9481536dbf3b0823d5254b666466873a2f577f1222a19aec88cd6157781f2c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1555386066
content-length
266
last-modified
Sat, 13 Apr 2019 01:30:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d2c1ae47-f01e-0015-1706-f4c893000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
51-6d3a1e
statics-uhf-eus.akamaized.net/hebrew/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/ 		160 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-eus.akamaized.net/hebrew/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba21 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a1f729b4c586009b8481ab6c85090ea082b7f598581a8b652ab051e5ad387e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

ms-operation-id
7d84fcc5ffc0d845a5a5391bed1422e8
Date
Tue, 14 May 2019 14:41:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2019-03-05T20:04:39
P3P
CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id
00000000-7d5c-41ba-954b-be07e0d4ed0b
Connection
keep-alive
MS-CV
mocJukkOZUKyJ3kh.0
Vary
Accept-Encoding
Content-Length
21517
X-XSS-Protection
1
Last-Modified
Tue, 05 Mar 2019 20:04:39 GMT
Server
Microsoft-IIS/10.0
X-Az
{did:-, rid: -, sn: uhf-eus-prod, dt: 2019-03-05T19:08:15.5042997Z, bt: 2019-02-27T00:18:04.0000000Z}
X-S1
2019-03-05T20:04:39
Access-Control-Allow-Methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=25507378
Timing-Allow-Origin
*
X-AppVersion
1.0.6997.542
Expires
Wed, 04 Mar 2020 20:04:38 GMT
override.css
statics-uhf-eus.akamaized.net/statics/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-eus.akamaized.net/statics/override.css?c=7
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba21 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 14 May 2019 14:41:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 19:05:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6A19D82194196
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
3146b697-b01e-0014-4c8e-d3fb0d000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
mscc-0.4.1.min.css
c.s-microsoft.com/mscc/statics/ 		1 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:38e::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 17:42:23 GMT
content-md5
2MKxgMQLzH/8vixotX2Pog==
access-control-allow-origin
*
etag
0x8D61744C3ED0073
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css;charset=utf-8
status
200
x-ms-request-id
46cd1b4b-b01e-00ea-1b03-95ec99000000
x-ms-version
2009-09-19
content-length
627
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cms-cdninvalkey
am:RE1Mu3b
date
Tue, 14 May 2019 14:41:40 GMT
x-aspnet-version
4.0.30319
x-source-length
4054
x-powered-by
ASP.NET
status
200
x-activityid
3090d269-3150-41dc-a669-64722774acab
x-deployment
a89a5014e89c41b7b60a64d7ee950637
content-length
4054
timing-allow-origin
*
last-modified
Sun, 12 May 2019 18:27:57 GMT
server
Microsoft-IIS/10.0
x-datacenter
NorthEU
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=272818
x-instance
Resizer.Web_IN_1
content-location
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
expires
Fri, 17 May 2019 18:28:38 GMT
hero-still-image-desktop-89e7da971f.jpg
blob.officehome.msocdn.com/images/content/images/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blob.officehome.msocdn.com/images/content/images/hero-still-image-desktop-89e7da971f.jpg
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d89bb86fe481803aa172b1cd9a3993fe59f23cffcc938bd2b827c9d2e0997ca4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Apr 2019 17:36:32 GMT
x-cdn
5290
status
200
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
0334c5e9-701e-0040-700e-f423e4000000
x-cache-start
1555389464, 1555394754
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
158097
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-expose-headers
content-length
unauth-vendor-b5e15713c1.js
blob.officehome.msocdn.com/bundles/ 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/bundles/unauth-vendor-b5e15713c1.js
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ea6a668a4814c97bcbf65218ef96fa3ff0a56791fc83a38fab834f125ffdfe0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1555386066
content-length
33809
last-modified
Wed, 03 Apr 2019 19:44:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a88a697d-101e-001f-6206-f4d11a000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
sharedscripts-3b5e8eac10.js
blob.officehome.msocdn.com/bundles/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/bundles/sharedscripts-3b5e8eac10.js
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
48c5aa5c9415a4d2a2a9aa2d32a95654c2b917535344ee1ad277b5200640249b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
24302
status
200
x-cache-start
1555973324, 1555997626
content-length
14883
last-modified
Sat, 20 Apr 2019 01:44:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ff2e7b4d-901e-0005-255d-f9fe75000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
unauth-49e566bfcb.js
blob.officehome.msocdn.com/bundles/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blob.officehome.msocdn.com/bundles/unauth-49e566bfcb.js
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f64687b2cf6a3bd34cf2da531b120ef5ae0a3002f9bb35078f3d14614c32b0fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1555386066
content-length
17224
last-modified
Wed, 03 Apr 2019 19:44:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
433a572c-001e-006d-4c06-f4a024000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
18-d72213
statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc01... 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc0148/dc-7e9864/78-4c7d22/9f-d154ca/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/32-6dafa3/93-283c2d/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/18-d72213?ver=2.0&iife=1
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba21 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

ms-operation-id
743514bf79ec144ebf733933c1211ed9
Date
Tue, 14 May 2019 14:41:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2019-03-05T19:58:56
P3P
CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id
00000000-847f-4c92-af5e-ec7e62259789
Connection
keep-alive
MS-CV
PYfp7yTCFkGqbXBN.0
Vary
Accept-Encoding
Content-Length
33384
X-XSS-Protection
1
Last-Modified
Tue, 05 Mar 2019 19:58:56 GMT
Server
Microsoft-IIS/10.0
X-Az
{did:-, rid: -, sn: uhf-eus-prod, dt: 2019-03-05T19:51:26.9163129Z, bt: 2019-02-27T00:18:04.0000000Z}
X-S1
2019-03-05T19:58:56
Access-Control-Allow-Methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=25507079
Timing-Allow-Origin
*
X-AppVersion
1.0.6997.542
Expires
Wed, 04 Mar 2020 19:59:39 GMT
meversion
mem.gfx.ms/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=office&market=he-il&uhf=1
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
69cf6c7ef17e80353d937fe508f8960a97893dc33375da67bc97ea7075812aee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 14:41:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Type
application/javascript
Expires
Wed, 15 May 2019 05:13:47 GMT
Cache-Control
public, no-transform, max-age=86400
Connection
keep-alive
Content-Length
4249
X-UA-Compatible
IE=edge
mscc-0.4.1.min.js
c.s-microsoft.com/mscc/statics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.js
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:38e::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 17:42:12 GMT
content-md5
XpofSqMdSqYPb4maLkXO+A==
access-control-allow-origin
*
etag
0x8D61744BD6EA9B6
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
status
200
x-ms-request-id
cbec8ac8-801e-0084-1c44-b745b0000000
x-ms-version
2009-09-19
content-length
1588
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c81876e873c09b16821fbf22db91c76d99df502aaa3d934eb01714e7d4d21d3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/hebrew/normal/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/hebrew/normal/latest.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:381::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
b7c414fb42537c3e3f1229b595683ff0690e18ab609bc788d0dc83b22cb36f4b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://statics-uhf-eus.akamaized.net/hebrew/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
last-modified
Tue, 01 Mar 2016 17:40:34 GMT
access-control-allow-origin
*
etag
"1D173E1751B1500"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status
200
cache-control
public, max-age=308342
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/font-woff2
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
59140
expires
Sat, 18 May 2019 04:20:42 GMT
mwfmdl2-v3.07.woff
www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/mwfmdl2-v3.07.woff
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://statics-uhf-eus.akamaized.net/hebrew/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
status
200
x-activity-id
8e9c150c-e873-4e85-b320-3ae42805b5ed
tls_version
tls1.2
ms-cv
/9SnGqd2L0CnVKDg.0
content-length
22376
x-xss-protection
1
last-modified
Tue, 11 Dec 2018 05:55:06 GMT
x-az
{did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 5, sn: mwf-eus-prod, dt: 2018-12-07T13:58:13.9231850Z, bt: 2018-12-01T00:33:22.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=18198648
access-control-allow-headers
*
x-appversion
1.0.6909.1001
expires
Wed, 11 Dec 2019 05:52:28 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://suk.officehome.msocdn.com

Response headers

Content-Type
application/octet-stream
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/hebrew/Semibold/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/hebrew/Semibold/latest.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:381::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
994f4e4ea946a8a23ad80eceaa679dda91095f541a9abc4d7f3a88ee0eddedf6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://statics-uhf-eus.akamaized.net/hebrew/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
last-modified
Tue, 01 Mar 2016 17:40:34 GMT
access-control-allow-origin
*
etag
"1D173E1751B1500"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status
200
cache-control
public, max-age=168119
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/font-woff2
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
69908
expires
Thu, 16 May 2019 13:23:39 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/hebrew/Bold/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/hebrew/Bold/latest.woff2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:381::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7e0a14af82e724c12d1d325ea34ad17eb42c0c275bdf7aebbfc314ff8a6bd1be
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://statics-uhf-eus.akamaized.net/hebrew/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://suk.officehome.msocdn.com

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
last-modified
Tue, 01 Mar 2016 17:40:34 GMT
access-control-allow-origin
*
etag
"1D173E1751B1500"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status
200
cache-control
public, max-age=532938
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/font-woff2
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
71732
expires
Mon, 20 May 2019 18:43:58 GMT
_log
uhf.microsoft.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhf.microsoft.com/_log?o=mscc&s=Microsoft.OneRenderFramework.Core&m=show&nv=aspnet-3.1.3&sv=0.1.2
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:380::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 14:41:40 GMT
access-control-allow-origin
*
content-type
text/html
status
204
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Tue, 14 May 2019 14:41:40 GMT
t.js
web.vortex.data.microsoft.com/collect/v1/ 		260 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272019-05-14T14%3A41%3A40.600Z%27&os=%27MacOS%27&appId=%27JS%3Awww.office.com-unauth%27&*baseType=%27Ms.Content.PageView%27&-ver=%271.0%27&-impressionGuid=%27eb5943a9-b709-45d3-a802-f09a5066167a%27&-pageName=%27UnauthOhp%27&-uri=%27https%3A%2F%2Fsuk.officehome.msocdn.com%2F%27&-pageTags=%27%7B%22metaTags%22%3A%7B%22ver%22%3A%225%22%2C%22ms.lang%22%3A%22he%22%2C%22ms.loc%22%3A%22IL%22%2C%22ms.ocpub.assetid%22%3A%22UnauthOhp%22%2C%22ms.env%22%3A%22prod%22%2C%22ms.sitever%22%3A%225%22%2C%22ms.flightid%22%3A%22%22%7D%7D%27&-behavior=0&-resHeight=1200&-resWidth=1600&-market=%27he-IL%27&*cookieEnabled=true&*flashInstalled=false&*isJs=true&*title=%27%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C-%20Office%20365%E2%80%8F%20%7C%20Microsoft%20Office%27&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.1.0%27&ext-javascript-domain=%27suk.officehome.msocdn.com%27
Requested by
Host: blob.officehome.msocdn.com
URL: https://blob.officehome.msocdn.com/bundles/unauth-49e566bfcb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
ebb9f0e7b81f87c62ebc5940672eae7de202205ea65aecf4be228d4f329b0fc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 May 2019 14:41:40 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
zPAzZN0T8U28MAjga08B2A.0
Content-Type
application/javascript
Content-Length
260
Expires
0
whatisoffice365-apps-54ab775e62.svg
blob.officehome.msocdn.com/images/content/images/ 		48 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blob.officehome.msocdn.com/images/content/images/whatisoffice365-apps-54ab775e62.svg
Requested by
Host: suk.officehome.msocdn.com
URL: https://suk.officehome.msocdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.48.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-48-112.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2cc93012d9521672b673c5ba6516c8c14545bf8a0c360101fc81fb2f5ef08e43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 14:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
5254
status
200
x-cache-start
1555389528, 1555394782
content-length
18324
last-modified
Mon, 15 Apr 2019 17:36:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ca8f11c5-201e-0017-6b0e-f4ca69000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
meBoot.min.js
mem.gfx.ms/me/MeControl/9.18275.0/he-IL/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/MeControl/9.18275.0/he-IL/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=he-il&uhf=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
4e369bf2416324b2fb61db9e4d16f844604435031ec15dd78cf717f555d170dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 14:41:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 18 Apr 2019 19:38:41 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8184
X-UA-Compatible
IE=edge
meCore.min.js
mem.gfx.ms/me/MeControl/9.18275.0/he-IL/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/MeControl/9.18275.0/he-IL/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=he-il&uhf=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
6d1fa14bfa2ef0aca03a84d0624432b4757e9c2417fd994c75bf836be1ff736c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 14:41:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Apr 2019 19:32:21 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13014
X-UA-Compatible
IE=edge
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: blob.officehome.msocdn.com
URL: https://blob.officehome.msocdn.com/bundles/unauth-49e566bfcb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://suk.officehome.msocdn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
c.gif
c1.microsoft.com/
Redirect Chain
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=82D5E9AD4D5E49A7B9342B201921760B&RedC=c1.microsoft.com&MXFR=258ED6429A9663293C90DB1E9E966518
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=82D5E9AD4D5E49A7B9342B201921760B&MUID=070E5EED414E65860A8353B1454E6361
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=82D5E9AD4D5E49A7B9342B201921760B&MUID=070E5EED414E65860A8353B1454E6361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://suk.officehome.msocdn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 14:41:40 GMT
last-modified
Fri, 29 Mar 2019 20:38:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e71593696fe6d41:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status
200
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 14 May 2019 14:41:40 GMT
x-msedge-ref
Ref A: B3EB7AE74BA74F5889FB2230603E82B7 Ref B: VIEEDGE0622 Ref C: 2019-05-14T14:41:41Z
x-powered-by
ASP.NET
location
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=82D5E9AD4D5E49A7B9342B201921760B&MUID=070E5EED414E65860A8353B1454E6361
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status
302
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/me/MeControl/9.18275.0/he-IL/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://suk.officehome.msocdn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=ea6758984c4b43529f9929667d8d3198-c52d4a8b-47fe-4fdf-99b8-5f897ff4e33b-7365&client-time-epoch-millis=1557844902612&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: blob.officehome.msocdn.com
URL: https://blob.officehome.msocdn.com/bundles/sharedscripts-3b5e8eac10.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.132.74 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://suk.officehome.msocdn.com/
Origin
https://suk.officehome.msocdn.com

Response headers

Date
Tue, 14 May 2019 14:41:43 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1429
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| isValidMsaUser function| isValidAadUser function| getAadData function| getMsaData function| getAadMsaData function| getAccount object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions boolean| enableConsoleLog boolean| msaFedEnabled function| $ function| jQuery object| StandaloneAriaLogger object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| HomePage object| awa string| behaviorKey object| DefaultSignInHandler object| mscc string| signInUrl undefined| viewType undefined| myConfigOptions function| setShellOptions function| SendMeControlSignInEvent function| SetConsent object| shellOptions object| onShellReadyToLoad string| aadUserForgetUrlFormat function| clearStorage object| MSA object| MeControl function| MejQuery object| lazyImages number| lazyLoadAnimationId object| msCommonShell

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blob.officehome.msocdn.com
browser.pipe.aria.microsoft.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
mem.gfx.ms
statics-uhf-eus.akamaized.net
suk.officehome.msocdn.com
uhf.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
23.37.48.112
2620:1ec:c11::200
2a02:26f0:6c00:183::356e
2a02:26f0:6c00:18d::37
2a02:26f0:6c00::210:ba21
2a02:26f0:6c00::210:ba28
2a02:26f0:eb:380::2b57
2a02:26f0:eb:381::356e
2a02:26f0:eb:38e::356e
40.77.226.250
52.114.132.74
52.142.114.2
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
2cc93012d9521672b673c5ba6516c8c14545bf8a0c360101fc81fb2f5ef08e43
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
3c81876e873c09b16821fbf22db91c76d99df502aaa3d934eb01714e7d4d21d3
48c5aa5c9415a4d2a2a9aa2d32a95654c2b917535344ee1ad277b5200640249b
4d9481536dbf3b0823d5254b666466873a2f577f1222a19aec88cd6157781f2c
4e369bf2416324b2fb61db9e4d16f844604435031ec15dd78cf717f555d170dc
55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
69cf6c7ef17e80353d937fe508f8960a97893dc33375da67bc97ea7075812aee
6d1fa14bfa2ef0aca03a84d0624432b4757e9c2417fd994c75bf836be1ff736c
7e0a14af82e724c12d1d325ea34ad17eb42c0c275bdf7aebbfc314ff8a6bd1be
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
994f4e4ea946a8a23ad80eceaa679dda91095f541a9abc4d7f3a88ee0eddedf6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1f729b4c586009b8481ab6c85090ea082b7f598581a8b652ab051e5ad387e12
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd
ae4cb952ac5301a0eecfef5114e5d29b266eb995f27e0999201069fa933ed329
af11b16e25032e9726947cfa71becea3114d24f18a187ea8f4239b235fa47a6b
b7c414fb42537c3e3f1229b595683ff0690e18ab609bc788d0dc83b22cb36f4b
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
d89bb86fe481803aa172b1cd9a3993fe59f23cffcc938bd2b827c9d2e0997ca4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6a668a4814c97bcbf65218ef96fa3ff0a56791fc83a38fab834f125ffdfe0a
ebb9f0e7b81f87c62ebc5940672eae7de202205ea65aecf4be228d4f329b0fc9
f64687b2cf6a3bd34cf2da531b120ef5ae0a3002f9bb35078f3d14614c32b0fe