urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-verify.dev-ely-delva.workers.dev Open in urlscan Pro
2606:4700:3031::ac43:a019  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://microsoft-verify.dev-ely-delva.workers.dev/
Effective URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Submission: On February 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::ac43:a019, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoft-verify.dev-ely-delva.workers.dev.
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.
This is the only time microsoft-verify.dev-ely-delva.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:303... 13335 (CLOUDFLAR...)
4 104.16.169.131 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 104.16.168.131 13335 (CLOUDFLAR...)
27 6
13    2606:4700:3031::ac43:a019 (United States)

ASN13335 (CLOUDFLARENET, US)
microsoft-verify.dev-ely-delva.workers.dev
4    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
hcaptcha.com
Apex Domain
Subdomains		 Transfer
13 workers.dev
microsoft-verify.dev-ely-delva.workers.dev
142 KB
8 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 24175
newassets.hcaptcha.com — Cisco Umbrella Rank: 10830
hcaptcha.com — Cisco Umbrella Rank: 7981
484 KB
4 gstatic.com
fonts.gstatic.com
57 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
27 4
Domain Requested by
13 microsoft-verify.dev-ely-delva.workers.dev microsoft-verify.dev-ely-delva.workers.dev
5 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
4 fonts.gstatic.com fonts.googleapis.com
2 hcaptcha.com newassets.hcaptcha.com
2 fonts.googleapis.com microsoft-verify.dev-ely-delva.workers.dev
1 js.hcaptcha.com microsoft-verify.dev-ely-delva.workers.dev
27 6

This site contains no links.

Subject Issuer Validity Valid
*.dev-ely-delva.workers.dev
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://microsoft-verify.dev-ely-delva.workers.dev/
Frame ID: 090B1539146B4B8F23AA9BC42D155E30
Requests: 20 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Frame ID: F427997519BCB24EDEA940BECCCE742A
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Frame ID: 67839AB91136CACAFFE34DD8C55B9C3D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Astro Client | Login

Page URL History Show full URLs

  1. http://microsoft-verify.dev-ely-delva.workers.dev/ HTTP 307
    https://microsoft-verify.dev-ely-delva.workers.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

684 kB
Transfer

2058 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://microsoft-verify.dev-ely-delva.workers.dev/ HTTP 307
    https://microsoft-verify.dev-ely-delva.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-verify.dev-ely-delva.workers.dev/
Redirect Chain
  • http://microsoft-verify.dev-ely-delva.workers.dev/
  • https://microsoft-verify.dev-ely-delva.workers.dev/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
caa51b63205f4c9aa4b999eaeb77a19c673597198ebb1a4cab1069d2242aa529

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-type
text/html; charset=utf-8
cf-ray
6dddb44b484b908e-FRA
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KneQ5a4tLRagfpo5hopr%2FneqVnNnf5NV2dNGNNtjd3J534NJyP9VGW6moIVPc9oPvJnOlw%2Bio6UcByHTHsqxepmCb155OI8aiUEbpo%2FdfOA06piunOZYlA8KsXmRgTvP4iA2AYmGu8bF26oBn1Z6NSzXFY1OiHoSSDkkw34bjMV36CkEQgpJw3E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location
https://microsoft-verify.dev-ely-delva.workers.dev/
Non-Authoritative-Reason
HSTS
bootstrap.min.css
microsoft-verify.dev-ely-delva.workers.dev/css/vendor/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/css/vendor/bootstrap.min.css
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:54 GMT
server
cloudflare
etag
W/"26f1b-17dddf5cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQ9O8alTe4fyeVT7%2B8OHbuSWeVO%2Bqzg%2F8aPdcM5d4C2evSSzuzMKY%2B0t6cIejVhzSpsq7FCG%2FVMjB%2F3d%2FG8mjVKz6QeGbtnd0D%2BACfYd3lmha4yJtasDB02I8dtLbbqX3CINyC8NueprLnhKZaDdAAlBezCqSnss3i%2FCdMXMga4rkoQjdsBSs4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44eae7c908e-FRA
styles.min.css
microsoft-verify.dev-ely-delva.workers.dev/css/ 		241 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:54 GMT
server
cloudflare
etag
W/"3c456-17dddf5cfb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al8z%2B5ME4zbCQO2eTByJGy9bmJecHqRpkduTARxHnWwyjTlE5F6nCN4XVIg9n0IrJHM4eazr42edXhcbcz5PHAqHdDajrO23kI66EskUDsaNogy%2BTMc5XpK37zwkHQiJ5yVNXdFa2fNqTOvlSZVh56GXVoZeAlJBVD3TaS0cABqlxw5VY3qU%2FWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44eae7d908e-FRA
rocket.png
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/rocket.png
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9328
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"2470-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFxKuiPgfd44Hoa5UbMsgvf5Ysvc0OyvsvjnN0BKSmLgLHqaMTCCpWyhLFJTeL%2BG68j9DMQVAD5%2BOZmYCYXzgmOP79PKke6y68XqXc5sLyGQc31JFsFXQh5iwDnHG25bsAGraOKu%2FFtiZk9gFq68QnXA%2BXJmjmUt6G0tWbKW5FOZqbGWmE3elPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dddb44eae83908e-FRA
rocket-loader.min.js
microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Feb 2022 20:14:10 GMT
server
cloudflare
etag
W/"6206c392-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecgwI%2B5PsNztj%2F1rN0kX9E%2FNCBqkRqHlwOLaMfwfVwh9Mb27l7EWE%2B7LNgBrBO3L4PwdXjqeHW%2BOUPw20akok%2BYQuYY5aUkGgRX9SQZYoPxtMDm5sJNOqvfCc8PS%2Fty2ssH5B9O9JgQpMPQhV3DKGQ%2BmpwTBRHa4TaEb7P5rMU5MTwuqnOR0ITM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dddb44eae87908e-FRA
vary
Accept-Encoding
expires
Thu, 17 Feb 2022 10:03:05 GMT
api.js
js.hcaptcha.com/1/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
via
1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
W/"3db78dddb0e62e1c5a4e475fcf6ccf9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
MXP64-C3
cf-ray
6dddb44eea0e9250-FRA
x-amz-cf-id
X188QjdhSjqDDs9BmWC6HiN5h5MTWLZFLyArBUy40XOJ75NBbMaSVQ==
jquery-3.6.0.min.js
microsoft-verify.dev-ely-delva.workers.dev/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/jquery-3.6.0.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"15d9d-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcZRpIwn4P%2Fb9speRPZMsKbDia7M6Ltlf1kzL8cWS5IIrTOhTVCOp745kBiiXXcNDu83EEjsqP2QniYho%2FYAH6db9sKCEFDKF8dSONFGsiw5CDzJXT8chvvfD7urmj6PiOMAhKLB1zBCltFQGWmmGB93v6bflHcSRC7jIYU7JNUNX%2FEDE%2FUun2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44ebeb0908e-FRA
svg-loader.js
microsoft-verify.dev-ely-delva.workers.dev/js/utils/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/utils/svg-loader.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4230f170b63c4429e8c8f629611bb57f91ceb3e91e3548bc7512eec3e416891b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"e96f-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V04A7MQLmHHwhSMpywvT56C0hRQV0%2FpjdtSRoMOhzWo%2F2vT%2BOtZ%2BKyfx8bAzcBUjVYB8wZWPe9TzoAyz0AjGDXDOac5wgdUH4OPNubJHhQg%2BNgTmP6wa%2FMCvrZoq6f824THynnki5qBrxogIBC7S%2BEvMhFmdp0mbjW0%2FhSWj14MuzibVMdotIjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44ebeb3908e-FRA
landing.tabs.js
microsoft-verify.dev-ely-delva.workers.dev/js/landing/ 		286 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/landing/landing.tabs.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c54107590597a42c09422549cd47e29f8d11c78d8eef7e6822db1e858cae7619

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"11e-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iFbGszUeyxlpisQS76TDt1%2FPNuJ0q783THrQcRDxYaitJ7YawgkpCaT35grOGc7xqngyQu%2BGrVUGUOnQ%2FntJ3JQG4bc87%2F%2BhpLaEryOj3J95c0RvS%2BMeQ%2F9v18VQr2FFa7PoLKIlFxhxfoLLyHPhSQCTUtOuzhfRygzm7M4c0PrcZN32EieNDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44ebeb4908e-FRA
form.utils.js
microsoft-verify.dev-ely-delva.workers.dev/js/form/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/form/form.utils.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
51a4526ac953de4d01f270406d9b94a0bc543c38b6727409d0ab40e07f451260

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"121a-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdMQEeVo4r1gM0ZlzcVux8G%2FZ1O1fxlRob1lCVtfTtq75PjpKhegtigrQI94AIjVxwdlhO25TP%2BLztsaqelaWqTQRRB3sGItN1ITeAYIBWirtQlTcgjzlkRcSeG2twshWdPixYKhy6w4Yycyhbo0cVTgzXIROqk0DOvuNuwSurHI9tFUPYx12oY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44eceb7908e-FRA
xm_plugins.min.js
microsoft-verify.dev-ely-delva.workers.dev/js/vendor/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/vendor/xm_plugins.min.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"b62b-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9L2A8dbDKNElG0teYhT8gz%2BKt3oV1D1pTRM9aZfJwC4BFnquXetxMhetdV8eWi6otM6G2DQIGjA94EP9wkOGbpl%2B3iguxmN%2FcyUIowph3FBvgcM2IYx9N8eug8wQkBzrApHOCdBCZzsmmQL%2FP6stPBX0asZMuGnrdN9eMuCJHkdPqW6N4h667PE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44eceb9908e-FRA
app.js
microsoft-verify.dev-ely-delva.workers.dev/js/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/js/utils/app.js
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
340db5c8ec2f5c3a20f0620043ce5145b6d2d583e8668733f9aec7a34c289616

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"14a5-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwn%2BzEXMQfu%2FQQ0357LYrz3pzXiqBuzS%2BMYwao%2BW5kmBXjNtVTVJmvMhGLoLyMZULy%2B0hgzTcfyElWHVpqOsy9ReYHoMuxVb2m1BI8NePTiRdJfg%2FZKX47CJuZnXzl8zErcZ8i49AaE9M4%2FCKemXISLv9OuZ%2F9DUf4Ag5Z4batPhzJjG3IEzl70%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6dddb44ecd7d924a-FRA
css
fonts.googleapis.com/ 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 10:03:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 10:03:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 10:03:05 GMT
css
fonts.googleapis.com/ 		4 KB
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 10:02:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 10:03:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 10:03:05 GMT
landing-background.jpg
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		173 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/landing-background.jpg
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
953130555e0724070d3cc0654d30bc64a00fada3831d9b0626386907cad9c438
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhlGaSOo0YfAjIipCQFzeEahm2JMBq2euaNpgjT3KRCImcj5YfbXqUCUrAeA%2Fdw5N2MwKWzJVjtbvt5NGwdrF%2FsIZmqU%2BOjqYyHsm4fOrVPlYAG2oS6eY3bBKMXfuELBli%2Fmrcbt6sYSr9xJd%2Flqm9CbqTGY6xPnXTRR8bb2kCJ%2By4gg4eSHGSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
content-security-policy
default-src 'none'
cf-ray
6dddb450da9e924a-FRA
dot-texture.png
microsoft-verify.dev-ely-delva.workers.dev/img/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/dot-texture.png
Requested by
Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2830
last-modified
Tue, 21 Dec 2021 17:06:55 GMT
server
cloudflare
etag
W/"b0e-17dddf5d398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp8sNs0VcUdcZwfOl3q2dP%2BJmQG7dbtvIPTsDxO%2Ba%2BsX0Rvjnl8HuItjDk10QUkblW48dZ4R6HrotmlF3DKsOhduz%2Baat934sX76w7LQ%2BZCQZZmNBdoPzaQlfjANQyrW8sZuLhg1ObMYws57lT80ETL8UwM6UkQAmpwSPpDl0csYtU96KeS52ps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dddb450daa4924a-FRA
LDI2apCSOBg7S-QT7pb0EPOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pb0EPOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:02:12 GMT
x-content-type-options
nosniff
age
482453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15084
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 20:02:12 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:47:37 GMT
x-content-type-options
nosniff
age
483328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10444
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:03:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:47:37 GMT
LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pa8FvOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:02:11 GMT
x-content-type-options
nosniff
age
482454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:00:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 20:02:11 GMT
LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:55:26 GMT
x-content-type-options
nosniff
age
482859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:55:26 GMT
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame F427 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-type
text/html
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 976d678772d12ef1dc632cc293efa4f4.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
x-amz-cf-id
-MymZPZw75I2ELTRPLSqjRQmyOGl5Am84fkOITWQttXwsmEdYYWBnQ==
age
7712
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb4515ed99250-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame 6783 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-type
text/html
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
x-amz-cf-id
YZ1ZOluIZfhOsGaUTEHPuhZyWrvW4Ih2kkTXx6OBJOQkIPO1t2xVFg==
age
7712
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb4515edb9250-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame F427 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7710
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60785
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
"3f5cf3f58a9b58a4506ae9dd004186ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
6dddb451ae4d6901-FRA
x-amz-cf-id
bCQer4707ciM3atRiYnexMj5j8Gtu-pSmF7iYnUXtt1vdvJksQAtNA==
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame 6783 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
7710
x-cache
Hit from cloudfront
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47886
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 07:44:18 GMT
server
cloudflare
etag
"b88aa12fdb3081df3c3188598478f007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
6dddb451ae4e6901-FRA
x-amz-cf-id
TmV2TFeg8ZrQt_FKQx2yWpyahjcPF8NdXv3VPgQJ8pVj6ShHDw0lyQ==
truncated
/ Frame 6783 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 6783 		508 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0073764a51f217dc59501d1143d3c849c78f21096efa23b8deb89c7e8c4ce159
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 15 Feb 2022 10:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6dddb45298636901-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Feb 2022 10:03:06 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6dddb4527f4990c7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/919a3f58/ Frame F427 		919 KB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/919a3f58/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:03:06 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
62476
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 16:35:39 GMT
server
cloudflare
etag
W/"777d618166357c7ea8c00b987c3ad278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
cf-ray
6dddb452c8d76901-FRA
x-amz-cf-id
shOFERr0z2lTPw7En2fMyKZiVGSypqVnRNfq3cLWnZhsE-J3xfPu1A==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| __cfQR function| _typeof function| XM_Accordion function| XM_Dropdown function| XM_Hexagon function| XM_Popup function| XM_ProgressBar function| XM_Tab function| XM_Tooltip function| $ function| jQuery function| submitForm boolean| __cfRLUnblockHandlers object| hcaptcha object| grecaptcha

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://microsoft-verify.dev-ely-delva.workers.dev/img/landing/landing-background.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
js.hcaptcha.com
microsoft-verify.dev-ely-delva.workers.dev
newassets.hcaptcha.com
104.16.168.131
104.16.169.131
2606:4700:3031::ac43:a019
2a00:1450:4001:809::200a
2a00:1450:4001:812::2003
0073764a51f217dc59501d1143d3c849c78f21096efa23b8deb89c7e8c4ce159
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
340db5c8ec2f5c3a20f0620043ce5145b6d2d583e8668733f9aec7a34c289616
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
4230f170b63c4429e8c8f629611bb57f91ceb3e91e3548bc7512eec3e416891b
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
51a4526ac953de4d01f270406d9b94a0bc543c38b6727409d0ab40e07f451260
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
953130555e0724070d3cc0654d30bc64a00fada3831d9b0626386907cad9c438
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
c54107590597a42c09422549cd47e29f8d11c78d8eef7e6822db1e858cae7619
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027
caa51b63205f4c9aa4b999eaeb77a19c673597198ebb1a4cab1069d2242aa529
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e