urlscan.io logo urlscan.io
SecurityTrails logo

login.live.com Open in urlscan Pro
20.190.159.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mysmallbusiness.microsoft365.com/
Effective URL: https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offlin...
Submission: On July 21 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 7 domains to perform 24 HTTP transactions. The main IP is 20.190.159.4, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.live.com. The Cisco Umbrella rank of the primary domain is 37.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 9th 2024. Valid for: a year.
This is the only time login.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.111.243.5 8075 (MICROSOFT...)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 2603:1026:300... 8075 (MICROSOFT...)
1 1 40.126.31.69 8075 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 2603:1047:1:1... 8075 (MICROSOFT...)
1 20.190.159.4 8075 (MICROSOFT...)
2 52.168.117.168 8075 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
6 2606:2800:233... 15133 (EDGECAST)
24 10
1    52.111.243.5 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mysmallbusiness.microsoft365.com
3    2a02:26f0:480:588::2af1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
discover.microsoft365.com
2    2a02:26f0:480:33::212:40de (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
omex.cdn.office.net
3    2620:1ec:a92::156 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
admin.microsoft.com
1    2a02:26f0:480:d9f::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    2603:1026:3000:148::7 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    40.126.31.69 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    2a02:26f0:480:39a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2603:1047:1:188::3 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    20.190.159.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    52.168.117.168 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
1    2a02:26f0:480:24::1726:6268 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.cdn.office.net
6    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
logincdn.msftauth.net
Apex Domain
Subdomains		 Transfer
6 msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 6696
283 KB
5 microsoft.com
admin.microsoft.com — Cisco Umbrella Rank: 4510
browser.events.data.microsoft.com — Cisco Umbrella Rank: 144
admin-ignite.microsoft.com Failed
721 B
4 microsoft365.com
mysmallbusiness.microsoft365.com
discover.microsoft365.com
9 KB
3 office.net
omex.cdn.office.net — Cisco Umbrella Rank: 4180
res.cdn.office.net — Cisco Umbrella Rank: 405
746 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 37
16 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 15
4 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 2168
c.go-mpulse.net — Cisco Umbrella Rank: 906
50 KB
24 7
Domain Requested by
6 logincdn.msftauth.net login.live.com
logincdn.msftauth.net
3 admin.microsoft.com discover.microsoft365.com
3 discover.microsoft365.com discover.microsoft365.com
omex.cdn.office.net
2 browser.events.data.microsoft.com omex.cdn.office.net
logincdn.msftauth.net
2 login.live.com 1 redirects omex.cdn.office.net
2 login.microsoftonline.com 2 redirects
2 omex.cdn.office.net discover.microsoft365.com
omex.cdn.office.net
1 res.cdn.office.net
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net discover.microsoft365.com
1 mysmallbusiness.microsoft365.com 1 redirects
0 admin-ignite.microsoft.com Failed omex.cdn.office.net
24 12

This site contains no links.

Subject Issuer Validity Valid
localization.checkout.office.net
Microsoft Azure ECC TLS Issuing CA 08		 2024-05-17 -
2025-05-12		 a year crt.sh
contentstorage.omex.office.net
Microsoft Azure ECC TLS Issuing CA 07		 2024-05-27 -
2025-05-22		 a year crt.sh
portal.office.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-03 -
2025-05-29		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-31 -
2025-03-26		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-07 -
2025-06-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0
Frame ID: E9563BB04C7D6AF5E33165DAAEB1D0B6
Requests: 19 HTTP requests in this frame

Frame: https://discover.microsoft365.com/auth
Frame ID: 50CE965CA4A50587974E1EF87D57F5E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aanmelden bij je Microsoft-account

Page URL History Show full URLs

  1. https://mysmallbusiness.microsoft365.com/ HTTP 301
    https://discover.microsoft365.com/ Page URL
  2. https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=7248c928-c766-4f9b-9115-9e49849980... HTTP 302
    https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=o... Page URL

Page Statistics

24
Requests

83 %
HTTPS

69 %
IPv6

7
Domains

12
Subdomains

10
IPs

5
Countries

1102 kB
Transfer

4501 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mysmallbusiness.microsoft365.com/ HTTP 301
    https://discover.microsoft365.com/ Page URL
  2. https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdiscover.microsoft365.com&client-request-id=0190d439-bb7a-7b6e-87b2-6a04055e0635&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.10.0&client_info=1&code_challenge=nEEJk3f39y3AvP9tPINDWchIpfpXq-7J0qzXZXzYe7g&code_challenge_method=S256&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D HTTP 302
    https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mysmallbusiness.microsoft365.com/ HTTP 301
  • https://discover.microsoft365.com/
Request Chain 7
  • https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdiscover.microsoft365.com%2Fauth&client-request-id=0190d439-b9c5-78ea-8380-6fed630c5ce0&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.10.0&client_info=1&code_challenge=0oq7uYP1GGuAHqNRCMTpMOHkI727CHtfhNDXmm_IWPE&code_challenge_method=S256&prompt=none&nonce=0190d439-b9c6-7858-9844-a5cf70e0df36&state=eyJpZCI6IjAxOTBkNDM5LWI5YzYtN2Q5ZS1hY2Q3LTViYTdjZDZlZmZhOCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19 HTTP 302
  • https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com%2fauth&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWI5YzYtN2Q5ZS1hY2Q3LTViYTdjZDZlZmZhOCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&response_mode=fragment&nonce=0190d439-b9c6-7858-9844-a5cf70e0df36&prompt=none&code_challenge=aLd6VeUXoP7LkEdRuG5Be6qAS3HqOTZFHGjsU9CkoDQ&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439b9c578ea83806fed630c5ce0&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYmqosNPf8nR_LRReANkAAmBMpuzpYyfxURYpUVaqZORfqbM7wIbfBjCcZ9aneTZ_IHxFKh-RAJCf-eJ1swfPbV3JBbz912rxLSo5mUcRinMWFsz4HK2VzKxLTBi44nucs5ZIT1PWblwquCBbod_-Aoj4TctmBgDd-0nWkfI7X-OrqWxEykydPT2OBYYlwrbcmb-L_eRw8xKx3cn_OhbJ5DSAA&jshs=0 HTTP 302
  • https://discover.microsoft365.com/auth

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
discover.microsoft365.com/
Redirect Chain
  • https://mysmallbusiness.microsoft365.com/
  • https://discover.microsoft365.com/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discover.microsoft365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:588::2af1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b85373b59ce883000dd7ae9a1fbe08d6c1b19fe833dd044aee291843c9dee8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
3821
content-type
text/html; charset=utf-8
date
Sun, 21 Jul 2024 07:37:51 GMT
expires
Sun, 21 Jul 2024 07:37:51 GMT
link
<https://omex.cdn.office.net>;rel="preconnect"
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=23 origin; dur=7 ak_p; desc="1721547471000_35115189_110756075_2938_2224_22_51_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 4220 0 pmb=mRUM,2
x-buildversion
2024.7.17.1
x-machine
OMEXNODES000006__omexexternal-prod-weu-001_6
x-robots-tag
noodp,noindex,nofollow
x-servicefabricrequestid
b6242780-7aca-4c65-a9d5-26ffb267ea9e
x-traceid
eac58a9c27bcaba3d2d1d16580854eb5

Redirect headers

content-length
195
content-type
text/html
date
Sun, 21 Jul 2024 07:37:50 GMT
location
https://discover.microsoft365.com/
server
Microsoft-Azure-Application-Gateway/v2
site.css
discover.microsoft365.com/css/ 		1 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://discover.microsoft365.com/css/site.css?v=jE5BKhtZn_lSQGx0RIiurw9y0jlTqj2bp_B5W2yV8ec
Requested by
Host: discover.microsoft365.com
URL: https://discover.microsoft365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:588::2af1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8c4e412a1b599ff952406c744488aeaf0f72d23953aa3d9ba7f0795b6c95f1e7

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 07:37:51 GMT
content-encoding
gzip
server-timing
cdn-cache; desc=MISS, edge; dur=24, origin; dur=5, ak_p; desc="1721547471115_35115189_110756086_2877_1698_22_0_255";dur=1
x-traceid
9c72cbbab8bc8d55bae935fcf32aaedb
content-length
477
pragma
no-cache
last-modified
Wed, 17 Jul 2024 13:05:24 GMT
etag
"1dad849fc6c06d5"
x-servicefabricrequestid
1e1a3677-8061-42a0-b403-67bf7e09765c
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
x-machine
OMEXNODE2000004__omexexternal-prod-weu-2-001_4
accept-ranges
bytes
x-buildversion
2024.7.17.1
expires
Sun, 21 Jul 2024 07:37:51 GMT
main.228cc6eddf8c046522d2.js
omex.cdn.office.net/unityweb/dist/ 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omex.cdn.office.net/unityweb/dist/main.228cc6eddf8c046522d2.js
Requested by
Host: discover.microsoft365.com
URL: https://discover.microsoft365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fac840c227684a87b31b2fce21199611ae51bfe3be00d7a4bcbaf12e044c8b55

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:51 GMT
content-encoding
gzip
content-md5
wbeWZ037k1SeIaQM/qGXzA==
aka-x-origin
omexcdncus.blob.core.windows.net, omexcdncus.blob.core.windows.net
x-ms-lease-status
unlocked
last-modified
Tue, 30 Apr 2024 15:12:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC6927F7FE9178
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
32e2d3c2-501e-012a-1923-9be4c2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-credentials
true
x-ms-version
2009-09-19
logclient
admin.microsoft.com/api/instrument/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://admin.microsoft.com/api/instrument/logclient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ms-mac-hostingapp
Access-Control-Request-Method
POST
Origin
https://discover.microsoft365.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://discover.microsoft365.com
access-control-max-age
600
cache-control
no-cache
content-length
0
date
Sun, 21 Jul 2024 07:37:51 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ms-correlation-id
679d76fe-a24f-4222-b4ab-4648e740c0da
x-msedge-ref
Ref A: CF0BC93DF71647C0B989192A56FB237C Ref B: AMS231032602009 Ref C: 2024-07-21T07:37:51Z
x-ua-compatible
IE=Edge
NXXN5-4NEP7-RESXQ-U9RVR-NZ5S3
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/NXXN5-4NEP7-RESXQ-U9RVR-NZ5S3
Requested by
Host: discover.microsoft365.com
URL: https://discover.microsoft365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d9f::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 07:37:51 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__361fdb1__git__361fdb1__p19.alsi10-lite
last-modified
Fri, 05 Jul 2024 18:51:42 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
logclient
admin.microsoft.com/api/instrument/ 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.microsoft.com/api/instrument/logclient
Requested by
Host: discover.microsoft365.com
URL: https://discover.microsoft365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-ms-mac-hostingapp
host-vsb-hub-app
Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
-1
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains
date
Sun, 21 Jul 2024 07:37:51 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 0F99A0B02F674BD6907731B0DFE43338 Ref B: AMS231032602009 Ref C: 2024-07-21T07:37:51Z
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
access-control-allow-origin
https://discover.microsoft365.com
cache-control
no-cache
x-ms-correlation-id
8869df7b-c703-4c0b-84dd-b36c8c3a2201
access-control-allow-credentials
true
x-ua-compatible
IE=Edge
host-vsb-hub-app.nl.bundle.js
omex.cdn.office.net/unityweb/bundle/2024.7.17.1/ 		3 MB
676 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omex.cdn.office.net/unityweb/bundle/2024.7.17.1/host-vsb-hub-app.nl.bundle.js
Requested by
Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/unityweb/dist/main.228cc6eddf8c046522d2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
461dcb79d2c6c02dde04dfec1963dc93e8d41dbc256c0f844530b376e884a287

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:51 GMT
content-encoding
br
content-md5
VqL2iISSq7ketkji+m1NQw==
aka-x-origin
omexcdnweu.blob.core.windows.net, omexcdnweu.blob.core.windows.net
content-length
691693
x-ms-lease-status
unlocked
last-modified
Wed, 17 Jul 2024 10:38:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA64C9137127C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e7a16025-f01e-0189-6940-db9baf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-credentials
true
x-ms-version
2009-09-19
auth
discover.microsoft365.com/ Frame 50CE
Redirect Chain
  • https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdiscover.microsof...
  • https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com%2fauth&response_...
  • https://discover.microsoft365.com/auth
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discover.microsoft365.com/auth
Requested by
Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/unityweb/dist/main.228cc6eddf8c046522d2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:588::2af1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://discover.microsoft365.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
2616
content-type
text/html; charset=utf-8
date
Sun, 21 Jul 2024 07:37:51 GMT
expires
Sun, 21 Jul 2024 07:37:51 GMT
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=9 origin; dur=5 ak_p; desc="1721547471685_35115189_110756256_1409_1969_22_0_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 657 0 pmb=mRUM,2
x-buildversion
2024.7.17.1
x-machine
OMEXNODE2000001__omexexternal-prod-weu-2-001_1
x-robots-tag
noodp,noindex,nofollow
x-servicefabricrequestid
bdfb8e40-3338-4083-9912-531c766fb13a
x-traceid
0796c23be864394fbc511966ea077c0f

Redirect headers

Cache-Control
no-store, no-cache
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Jul 2024 07:37:51 GMT
Expires
Sun, 21 Jul 2024 07:36:51 GMT
Location
https://discover.microsoft365.com/auth#error=login_required&error_description=Silent+authentication+was+denied.+The+user+must+first+sign+in+and+if+needed+grant+the+client+application+access+to+the+scope+'openid+profile+offline_access'.&state=eyJpZCI6IjAxOTBkNDM5LWI5YzYtN2Q5ZS1hY2Q3LTViYTdjZDZlZmZhOCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: SN1PEPF0002FA98 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-WLID-Error
0x8004100C
X-XSS-Protection
1; mode=block
x-ms-request-id
f1c478ad-229d-42f2-b958-b9f0e084d888
x-ms-route-info
C560_SN1
config.json
c.go-mpulse.net/api/ 		51 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=NXXN5-4NEP7-RESXQ-U9RVR-NZ5S3&d=discover.microsoft365.com&t=5738492&v=1.720.0&sl=0&si=78ab1efa-ff53-4069-b097-8c6437ef95c2-sgyqj3&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=780094
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/NXXN5-4NEP7-RESXQ-U9RVR-NZ5S3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:39a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
467285f0d16bce687e959e4c71f6af7292c2e2c4ed97041a809ad8c639f26e21

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jul 2024 07:37:51 GMT
cache-control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
51
content-type
application/json
logclient
admin.microsoft.com/api/instrument/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.microsoft.com/api/instrument/logclient
Requested by
Host: discover.microsoft365.com
URL: https://discover.microsoft365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-ms-mac-hostingapp
host-vsb-hub-app
Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
-1
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains
date
Sun, 21 Jul 2024 07:37:51 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 020A5CA5B1064EB1889F4857C165FEE7 Ref B: AMS231032602009 Ref C: 2024-07-21T07:37:51Z
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
access-control-allow-origin
https://discover.microsoft365.com
access-control-expose-headers
*
cache-control
no-cache
x-ms-correlation-id
93829b4d-8743-49bf-a078-b230c08c7e2f
access-control-allow-credentials
true
x-ua-compatible
IE=Edge
site.css
discover.microsoft365.com/css/ Frame 50CE 		0
0
Primary Request oauth20_authorize.srf
login.live.com/
Redirect Chain
  • https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdiscover.microsof...
  • https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=co...
27 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0
Requested by
Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/unityweb/dist/main.228cc6eddf8c046522d2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40685c1041142d5e06ad5a9fd1cc070162c780d0101f79925f2e1725eae8858a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discover.microsoft365.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
11120
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Jul 2024 07:37:52 GMT
Expires
Sun, 21 Jul 2024 07:36:52 GMT
Link
<https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: SN1PEPF0002F0EC V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
d1edb2e4-ffbe-473f-9479-6b228dd20abc
x-ms-route-info
C516_SN1

Redirect headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
803
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Jul 2024 07:37:52 GMT
Expires
-1
Location
https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0#
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+sin"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.18517.11 - KRSLR1 ProdSlices
x-ms-request-id
2a3e2a30-cdf6-4d0f-af2d-3e4b5a112701
x-ms-srs
1.P
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.11&apikey=6950fbd1937a421d9272c9a288ff6c1f-fd2da0e2-d3b1-4f0a-9952-1c410a276f9a-7177&upload-time=1721547471741&time-delta-to-apply-millis=use-collector-delta&w=2&NoResponseBody=true
Requested by
Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/unityweb/bundle/2024.7.17.1/host-vsb-hub-app.nl.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.168.117.168 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 07:37:51 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
396
access-control-allow-methods
POST
access-control-allow-origin
https://discover.microsoft365.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
0
m365.svg
res.cdn.office.net/admincenter/admin-content/images/vsbhub/brandedassets/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/admincenter/admin-content/images/vsbhub/brandedassets/m365.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://discover.microsoft365.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 07:37:52 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
strict-transport-security
max-age=31536000; includeSubDomains
server-timing
clientrtt; dur=21, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc
h3=":443"; ma=93600
content-length
1078
last-modified
Mon, 13 May 2024 22:38:11 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a8632617.1721547472.31e1a5b1&TotalRTCDNTime=21&CompressionType=gzip&FileSize=1078"}],"include_subdomains ":true}
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b7264467-f01e-0045-55cb-a52a74000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
akamai-request-bc
[a=23.38.99.168,b=836871601,c=g,n=DE_HE_FRANKFURT,o=20940]
timing-allow-origin
*
logclient
admin-ignite.microsoft.com/api/instrument/ 		0
0
logclient
admin-ignite.microsoft.com/api/instrument/ Frame 		0
0
login_nl_wv6wHtSpI4XQSkP6kb13YQ2.js
logincdn.msftauth.net/shared/5/js/ 		909 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/shared/5/js/login_nl_wv6wHtSpI4XQSkP6kb13YQ2.js
Requested by
Host: login.live.com
URL: https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489B) /
Resource Hash
ad44ecc5ae9001134c8ae6dbe06172b6c7d74d35199c292c05053b16932f4ef5

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:52 GMT
content-encoding
gzip
content-md5
ZYI8L9t/7qbNcd177yCh7w==
age
462395
x-cache
HIT
content-length
235057
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jul 2024 00:01:10 GMT
server
ECAcc (ama/489B)
etag
0x8DCA07367C81357
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9b56057c-701e-0057-710c-d7fafd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneds-analytics-js_76849cb4d7c1c6ab9e6f_nl.js
logincdn.msftauth.net/shared/5/chunks/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_76849cb4d7c1c6ab9e6f_nl.js
Requested by
Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/5/js/login_nl_wv6wHtSpI4XQSkP6kb13YQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B3) /
Resource Hash
7dccaae4a5681eb9c440dfa68fb96b52b5ac3e9af596a7033541c94b72c941ff

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:52 GMT
content-encoding
gzip
content-md5
FlAGznY+EcgDFpMN+f0vrw==
age
9466192
x-cache
HIT
content-length
32823
x-ms-lease-status
unlocked
last-modified
Sat, 30 Mar 2024 01:20:24 GMT
server
ECAcc (ama/48B3)
etag
0x8DC5057934A73C4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4dca4020-701e-00d0-1728-856e40000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msftauth.net/shared/5/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Requested by
Host: login.live.com
URL: https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DC) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://login.live.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:53 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
10293185
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:45:14 GMT
server
ECAcc (ama/48DC)
etag
0x8DB77257FFE6B4E
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
472bd7a8-c01e-006b-38a3-7d3d13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19d.svg
logincdn.msftauth.net/shared/5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
Requested by
Host: login.live.com
URL: https://login.live.com/oauth20_authorize.srf?client_id=7248c928-c766-4f9b-9115-9e49849980c5&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fdiscover.microsoft365.com&response_type=code&state=eyJpZCI6IjAxOTBkNDM5LWJiN2ItNzMyMC04ZjY5LTRmZWExZTM5YzMxOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d&response_mode=fragment&nonce=0190d439-bb7b-7589-9d70-b7d1289704f2&code_challenge=RC8CSv-BlsRxMTwsYrFW2c94ddLhbGxmmW2Hb290VsA&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=3.10.0&uaid=0190d439bb7a7b6e87b26a04055e0635&msproxy=1&issuer=mso&tenant=consumers&ui_locales=nl-NL&client_info=1&epct=PAQABDgEAAAApTwJmzXqdR4BN2miheQMYEnlVs-3eYc-u7qQjq3zeQUlGuglldXgFU-GB4fGcycMowpmdq4JigsyfxBkDQtdJb8HkMZF01tpoVMokjPRdzi7LI5zgQ_Tg_syGyaMM3vTr92vv3tYfV8VC5BlCBYwqz-YPpEIwWDF_lKQU1bXQzzaK_WkGg6NO9nGN0g2ENRXG-WLS99iaO1ACtKgUZ6kNJuMmJcitUPAdhyxLeyUz6yAA&jshs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://login.live.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:53 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
10292852
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:45:09 GMT
server
ECAcc (ama/4893)
etag
0x8DB77257C91B168
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ac2ada67-201e-0075-0da3-7d2f2c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon.ico
logincdn.msftauth.net/16.000.30275.14/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/16.000.30275.14/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48EB) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://login.live.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:53 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
2540940
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Fri, 21 Jun 2024 00:31:30 GMT
server
ECAcc (ama/48EB)
etag
0x8DC91897F0BC379
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
d2b566c6-801e-0007-5224-c48b28000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin_options_4e48046ce74f4b89d450.svg
logincdn.msftauth.net/shared/5/images/ 		2 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BE) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://login.live.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 07:37:53 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
10292692
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:45:19 GMT
server
ECAcc (ama/48BE)
etag
0x8DB772582D4527C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
aa9b14c3-701e-00fc-01a4-7d0b6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.168.117.168 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://login.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://login.live.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Sun, 21 Jul 2024 07:37:54 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
discover.microsoft365.com
URL
https://discover.microsoft365.com/css/site.css?v=jE5BKhtZn_lSQGx0RIiurw9y0jlTqj2bp_B5W2yV8ec
Domain
admin-ignite.microsoft.com
URL
https://admin-ignite.microsoft.com/api/instrument/logclient
Domain
admin-ignite.microsoft.com
URL
https://admin-ignite.microsoft.com/api/instrument/logclient
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PROOF object| ServerData function| $Loader object| g_dtFirstByte function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime object| __dynProto$Gbl

14 Cookies

Domain/Path Name / Value
.microsoft365.com/ Name: AKA_A2
Value: A
login.microsoftonline.com/ Name: fpc
Value: AhVXNzBbaO9EncqJ9qIaCg4
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
discover.microsoft365.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: df76c64f-b94a-45a2-9bc8-1eda01b245bd
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY148GNSFjv-YE76EqNyvHAzfEXiqpE6olD6maghI0tWNOyKQ0e7JkPmgBKDfqRGQrB9oKr4zGCYKp5yjKiyhqYyIZg1WKHB4stpxWXesMGmgER6qOvsU1uozFDEp7FdXSZezeh2ve2JYJ8SpDN9tpUAbVmn_F83_1-YJYOqiaikYgAA
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1721547472&co=2
.login.live.com/ Name: uaid
Value: 0190d439bb7a7b6e87b26a04055e0635
.login.live.com/ Name: MSCC
Value: 31.204.150.144-NL
.login.live.com/ Name: MSPOK
Value: $uuid-9955b217-fcb6-4ff7-939c-6e3125244542
.login.live.com/ Name: OParams
Value: 11O.DjzLAXS!p!GWm*4wWllgBsFmpKJfS!C*awAs*svpMyOEPz6GLu9cQpHI9sbOzuH3hc9tFAIRUoMlr2S8XlrVgixT8qAWzTMsd6MjfVCF6k5v0cF16S*j1eYIppxDWjAl2lQzEAorboB9LnDt434e!WJdmnNKSAUhsNcdZgjjfNR7egcyytSXs9tOmPqVsHPDatXET2IUV8TkPfdlbvy7r01OAdq3lRLHmCZKpPsxxW27tn0CVJBpv*thcC!epfNZdo0pA64TDTkI4Qn9ReRRP5eYlWJPxVmAVt0xCcQvAZJInf1HP17456aPULa!nZ3k5HFiQ61MDe3kCIvt11xe2oYTopEm718mqLsTRkL3wwGUKkSPi6a*LFUrP2biYqJsJwbnu3NTG1xzwxq7Gec!YB7aKAmkshvGoOy*oQ04GBE3aVpmvXw9Nky3qd2kv6IRatiTtWMGiVO5V!pu0D6ujTWyFNInfkfKQx6YiTOVBk0*RlQJAoRl*nU23DH!rZl66rgjZtcrSo8Xr!DDuhPXdPUZgf6HdsAOmlj2aIunkhDTdFNv5AJhHw8GBFhQFSG1dpUZPcUk3wj0UHuvFLUQXzVrv7CkVJfdOnDVBJq8dr4SGUmIUK6e90laq!LazY8fGrmDjZaRYAmTtdYIEcfqq*71NY*4mij1PuOOPCGrUgYUX3U!Y8UhAr8NKKe7A6wcaHQWg4n3x2lPqLPKHr6Yj2s!724ar2HJh5JUauIbtBPDd3rVC7XOpIwVlGsTr0nj73szbxFihjGMjLjnvhp4TiNLLDbX25bxKyh6qopYZDKKknvhIPxPcdxKACBhpbT9DLb8DW9*STl!dMOj*5QyuCcIJNMiLgnFVkgCnzB4Zwjw!avqSFenVGTkR5wp2KlU*HR4k5yTNp7Z1J6Zxhrh0v8Y*dC1aA5yZI0yiVtJedikK!cuJz*3tuanuNYLqddcL6nRIU2o6QdhUrEXtDXplx3cQfdm*9Ub24FTFP5StRZnMs!KWfmPVsQ9Le97WxPLJJQPjXNb3NIXi!1PcglyANbifO2mg5c02Jdg1*mfTDWrTTeiHgJYjxTbJbm*xPwedgtCkZMlbEi4FiRNg8PkRXcjqHldtSPcdo6ywlFMfOU7iorvDD8jhY6pdcfNdujVXe7X1AnmkCVbQIvVYxNIyMYsdxHMnJrnSsgXeDFGJXVaF4x0Ke0EvclDmThT82e!Xu09JikEzVuXS4Ua1p!ftdRvC7Z259tkSispXzreVsOAhgVk6N0G*vEoL7zodVU4I7xneU!uQ7w0xJcuzdF2bTdgYecqVtmz8owHSVsbi*62NSWewzDQagXqfqxHabZbRPbgKpwztyUWXFqP!8eUhQkhBUO2qF8Sb1vKU87T9KKrLFkQaorTIOsiZtODzRMi5U2ri6jpY*zeHqPfxuppHzRbf3XEbu5hhlDXYcFDd51*n*I!J8DmLdgUSJt1pScJaSsRFRzNmyJsSV!yn7ZX*NU$
.discover.microsoft365.com/ Name: RT
Value: "z=1&dm=discover.microsoft365.com&si=78ab1efa-ff53-4069-b097-8c6437ef95c2&ss=lyv8wxv3&sl=1&tt=sp&rl=1&ld=sq&ul=st&hd=1l2"
login.live.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: f9094c1a-4dea-4fff-b0ad-32ae72ae7d20
login.live.com/ Name: ai_session
Value: JJ947ZqBx2gsXHG8nNKTbe|1721547473134|1721547473134

2 Console Messages

Source Level URL
Text
security warning URL: https://omex.cdn.office.net/unityweb/dist/main.228cc6eddf8c046522d2.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://discover.microsoft365.com/auth#error=login_required&error_description=Silent+authentication+was+denied.+The+user+must+first+sign+in+and+if+needed+grant+the+client+application+access+to+the+scope+'openid+profile+offline_access'.&state=eyJpZCI6IjAxOTBkNDM5LWI5YzYtN2Q5ZS1hY2Q3LTViYTdjZDZlZmZhOCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin-ignite.microsoft.com
admin.microsoft.com
browser.events.data.microsoft.com
c.go-mpulse.net
discover.microsoft365.com
login.live.com
login.microsoftonline.com
logincdn.msftauth.net
mysmallbusiness.microsoft365.com
omex.cdn.office.net
res.cdn.office.net
s.go-mpulse.net
admin-ignite.microsoft.com
browser.events.data.microsoft.com
discover.microsoft365.com
20.190.159.4
2603:1026:3000:148::7
2603:1047:1:188::3
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:a92::156
2a02:26f0:480:24::1726:6268
2a02:26f0:480:33::212:40de
2a02:26f0:480:39a::11a6
2a02:26f0:480:588::2af1
2a02:26f0:480:d9f::11a6
40.126.31.69
52.111.243.5
52.168.117.168
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
22b85373b59ce883000dd7ae9a1fbe08d6c1b19fe833dd044aee291843c9dee8
40685c1041142d5e06ad5a9fd1cc070162c780d0101f79925f2e1725eae8858a
461dcb79d2c6c02dde04dfec1963dc93e8d41dbc256c0f844530b376e884a287
467285f0d16bce687e959e4c71f6af7292c2e2c4ed97041a809ad8c639f26e21
7dccaae4a5681eb9c440dfa68fb96b52b5ac3e9af596a7033541c94b72c941ff
8c4e412a1b599ff952406c744488aeaf0f72d23953aa3d9ba7f0795b6c95f1e7
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
ad44ecc5ae9001134c8ae6dbe06172b6c7d74d35199c292c05053b16932f4ef5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fac840c227684a87b31b2fce21199611ae51bfe3be00d7a4bcbaf12e044c8b55