Submitted URL: https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjYW52ZW0udG9wIiwiZG9tY...
Effective URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2fo...
Submission: On February 21 via manual from ES — Scanned from JP

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 31 HTTP transactions. The main IP is 20.190.166.133, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.live.com. The Cisco Umbrella rank of the primary domain is 95.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 10th 2024. Valid for: a year.
This is the only time login.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18 52.199.22.126 16509 (AMAZON-02)
1 2 2603:1046:c09... 8075 (MICROSOFT...)
1 20.190.166.133 8075 (MICROSOFT...)
7 2600:140b:1a0... 20940 (AKAMAI-ASN1)
4 2606:2800:247... 15133 (EDGECAST)
2 20.189.173.1 8075 (MICROSOFT...)
31 7
Apex Domain
Subdomains
Transfer
18 slidsd0canvem.top
slidsd0canvem.top
901 KB
8 office365.com
outlook.office365.com — Cisco Umbrella Rank: 47
r4.res.office365.com — Cisco Umbrella Rank: 243
690 KB
4 msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 4591
248 KB
2 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 152
759 B
1 office.com
outlook.office.com — Cisco Umbrella Rank: 73
907 B
1 live.com
login.live.com — Cisco Umbrella Rank: 95 Failed
13 KB
31 6
Domain Requested by
18 slidsd0canvem.top 3 redirects slidsd0canvem.top
7 r4.res.office365.com outlook.office365.com
4 logincdn.msftauth.net login.live.com
logincdn.msftauth.net
2 browser.events.data.microsoft.com logincdn.msftauth.net
1 outlook.office.com 1 redirects
1 outlook.office365.com slidsd0canvem.top
1 login.live.com slidsd0canvem.top
31 7

This site contains no links.

Subject Issuer Validity Valid
slidsd0canvem.top
R3
2024-02-18 -
2024-05-18
3 months crt.sh
outlook.com
DigiCert Cloud Services CA-1
2024-01-22 -
2025-01-21
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2024-02-10 -
2025-02-10
a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA
2024-02-20 -
2025-02-20
a year crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 03
2023-11-02 -
2024-10-27
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04
2023-12-18 -
2024-12-12
a year crt.sh

This page contains 2 frames:

Primary Page: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Frame ID: B13D8449A0BF380A9A193AD9B34790FC
Requests: 24 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 4EE2612519B1E213536D2AE2BAC43336
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Sign in to your Microsoft account

Page URL History Show full URLs

  1. https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjY... HTTP 302
    https://slidsd0canvem.top/?qrc=undefined HTTP 302
    https://slidsd0canvem.top/owa/?login_hint=undefined HTTP 302
    https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0... Page URL
  2. https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0... Page URL
  3. https://outlook.office.com/owa/?username=undefined&login_hint=undefined HTTP 302
    https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wr... Page URL

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1844 kB
Transfer

5054 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjYW52ZW0udG9wIiwiZG9tYWluIjoic2xpZHNkMGNhbnZlbS50b3AiLCJrZXkiOiIzUTJMc1N4Nlpmb20iLCJxcmMiOiJ1bmRlZmluZWQiLCJpYXQiOjE3MDg1MzE1MjQsImV4cCI6MTcwODUzMTY0NH0.j0UZZUACTSE_ter6n687BA1D56OtR8aDl7DP9px6Gkg HTTP 302
    https://slidsd0canvem.top/?qrc=undefined HTTP 302
    https://slidsd0canvem.top/owa/?login_hint=undefined HTTP 302
    https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M= Page URL
  2. https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true Page URL
  3. https://outlook.office.com/owa/?username=undefined&login_hint=undefined HTTP 302
    https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjYW52ZW0udG9wIiwiZG9tYWluIjoic2xpZHNkMGNhbnZlbS50b3AiLCJrZXkiOiIzUTJMc1N4Nlpmb20iLCJxcmMiOiJ1bmRlZmluZWQiLCJpYXQiOjE3MDg1MzE1MjQsImV4cCI6MTcwODUzMTY0NH0.j0UZZUACTSE_ter6n687BA1D56OtR8aDl7DP9px6Gkg HTTP 302
  • https://slidsd0canvem.top/?qrc=undefined HTTP 302
  • https://slidsd0canvem.top/owa/?login_hint=undefined HTTP 302
  • https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
autoreg.cgi
slidsd0canvem.top/
Redirect Chain
  • https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjYW52ZW0udG9wIiwiZG9tYWluIjoic2xpZHNkMGNhbnZlbS50b3AiLCJrZXkiOiIzUTJMc1N4Nlpmb20iLCJxcmMiOiJ1bmRl...
  • https://slidsd0canvem.top/?qrc=undefined
  • https://slidsd0canvem.top/owa/?login_hint=undefined
  • https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJ...
20 KB
10 KB
Document
General
Full URL
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
81be86822797f4a75d31c6817b86498dbe6238a8652b1f38388155538fcadbac
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Feb 2024 16:07:03 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
20940
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.17396.6 - SEASLR1 ProdSlices
x-ms-request-id
3a2aedda-a988-4228-9a20-536776e74d00

Redirect headers

Alt-Svc
h3=":443",h3-29=":443"
Connection
close
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Feb 2024 16:07:03 GMT
Location
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
OS7P301MB0734
X-BackEnd-Begin
2024-02-21T16:07:03.684
X-BackEnd-End
2024-02-21T16:07:03.684
X-BackEndHttpStatus
302, 302
X-BeSku
WCS7
X-CalculatedBETarget
OS7P301MB0734.JPNP301.PROD.OUTLOOK.COM
X-CalculatedFETarget
OS0P286CU006.internal.outlook.com
X-DiagInfo
OS7P301MB0734
X-FEEFZInfo
HND
X-FEProxyInfo
TYCP301CA0003.JPNP301.PROD.OUTLOOK.COM
X-FEServer
OS0P286CA0097, TYCP301CA0003
X-FirstHopCafeEFZ
HND
X-IIDs
0
X-OWA-DiagnosticsInfo
1;0;0
X-Proxy-BackendServerStatus
302
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedDbCopy
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-UA-Compatible
IE=EmulateIE7
content-length
1342
request-id
42f75495-368c-1540-ccce-cd17f2e3586e
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/
138 KB
50 KB
Script
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/892C) /
Resource Hash
bb77b35bffae514d97a1ae71ba26f67b1a467124fa0e3e84797352a435974673
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:03 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
63IKJF2qGIfEE+hzXafj6A==
Age
2295137
X-Cache
HIT
Connection
close
content-length
141111
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 Jan 2024 06:44:17 GMT
Server
ECAcc (tka/892C)
Etag
0x8DC1CA7E340C4C2
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
d1c8c0c9-701e-0078-4700-50f037000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
truncated
/
341 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
text/javascript
autoreg.cgi
slidsd0canvem.top/
39 KB
17 KB
Document
General
Full URL
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cc39b1baee1ba66b4004daecf9867b5e0147f9dab1b397297b23fd3fceb8950c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Feb 2024 16:07:04 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
39543
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.17338.6 - JPE ProdSlices
x-ms-request-id
af855727-ad79-48f7-8a64-c68364da2d00
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
slidsd0canvem.top/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/
110 KB
21 KB
Stylesheet
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/892A) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-Encoding
gzip
Content-MD5
kqhA3D0Xczna4D/t8ioitQ==
Age
4714586
X-Cache
HIT
Connection
close
Content-Length
20314
x-ms-lease-status
unlocked
Last-Modified
Wed, 27 Dec 2023 18:19:21 GMT
Server
ECAcc (tka/892A)
Etag
0x8DC070858CA028D
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
bf02ebb9-c01e-00d3-2eff-391346000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
ConvergedLogin_PCore_1Zpn0Z4VlomFI1SEVRlEPA2.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/
673 KB
673 KB
Script
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_1Zpn0Z4VlomFI1SEVRlEPA2.js
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6665ca6a09f770c6679556eb86cf4234c8bdb0271049620e03199b34b4a16099

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 16:07:04 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
689017
Content-Type
application/x-javascript
ux.converged.login.strings-en.min_xtex5cpjr0k40urejm0fgg2.js
slidsd0canvem.top/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/
54 KB
17 KB
Script
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_xtex5cpjr0k40urejm0fgg2.js
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/89A5) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
GYdBrN4UK706T52wuBroNQ==
Age
1886125
X-Cache
HIT
Connection
close
content-length
54843
x-ms-lease-status
unlocked
Last-Modified
Fri, 26 Jan 2024 21:44:25 GMT
Server
ECAcc (tka/89A5)
Etag
0x8DC1EB7F735254D
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
7df1ccd7-f01e-00b0-1ab8-532c62000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
truncated
/
341 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
text/javascript
Me.htm
login.live.com/
0
0

convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/
107 KB
33 KB
Script
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_1Zpn0Z4VlomFI1SEVRlEPA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/8898) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
todPgSbCBNAfnMYQ5LVdvw==
Age
2225860
X-Cache
HIT
Connection
close
content-length
109863
x-ms-lease-status
unlocked
Last-Modified
Thu, 26 Jan 2023 00:32:12 GMT
Server
ECAcc (tka/8898)
Etag
0x8DAFF34C449D50E
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
0f9971c5-801e-002b-1aa1-50ee02000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
prefetch.aspx
outlook.office365.com/owa/ Frame 4EE2
3 KB
2 KB
Document
General
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_1Zpn0Z4VlomFI1SEVRlEPA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1046:c09:1a47::2 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://slidsd0canvem.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443",h3-29=":443"
cache-control
private, no-store
content-encoding
gzip
content-length
1236
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 16:07:03 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HND&RemoteIP=2001:ac8:40::"}],"include_subdomains":true}
request-id
eff3b8b3-b679-fb26-a33c-619b1f654feb
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-backend-begin
2024-02-21T16:07:04.435
x-backend-end
2024-02-21T16:07:04.435
x-backendhttpstatus
200 200
x-beserver
OS3P286MB1253
x-besku
WCS6
x-calculatedbetarget
OS3P286MB1253.JPNP286.PROD.OUTLOOK.COM
x-calculatedfetarget
OSAPR01CU010.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
OS3P286MB1253
x-feefzinfo
HND
x-feproxyinfo
TYCP286CA0201.JPNP286.PROD.OUTLOOK.COM
x-feserver
OSAPR01CA0225 TYCP286CA0201
x-firsthopcafeefz
HND
x-iids
0
x-owa-diagnosticsinfo
2;0;0
x-owa-version
15.20.7316.20
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
marching_ants_white_166de53471265253ab3a456defe6da23.gif
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/88B6) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-MD5
Fm3lNHEmUlOrOkVt7+baIw==
Age
10008737
X-Cache
HIT
Connection
close
Content-Length
2672
x-ms-lease-status
unlocked
Last-Modified
Thu, 16 Jan 2020 00:32:52 GMT
Server
ECAcc (tka/88B6)
Etag
0x8D79A1B9F2C6EC8
Content-Type
image/gif
Access-Control-Allow-Origin
*
x-ms-request-id
ab562877-501e-0096-0bd8-09475d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/8890) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-MD5
tUCo5RgDcZLjLE/li/Lbqw==
Age
17703946
X-Cache
HIT
Connection
close
Content-Length
3620
x-ms-lease-status
unlocked
Last-Modified
Thu, 16 Jan 2020 00:32:52 GMT
Server
ECAcc (tka/8890)
Etag
0x8D79A1B9F8A840E
Content-Type
image/gif
Access-Control-Allow-Origin
*
x-ms-request-id
a90a5acd-401e-004c-51db-c3eea4000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
Primary Request login.srf
login.live.com/
Redirect Chain
  • https://outlook.office.com/owa/?username=undefined&login_hint=undefined
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7...
25 KB
13 KB
Document
General
Full URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.166.133 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0decef83fcec91b5fb7c23422d9b47fe7d07b95529d417780b14780c6e3daae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://slidsd0canvem.top
Referer
https://slidsd0canvem.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
10764
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Feb 2024 16:07:04 GMT
Expires
Wed, 21 Feb 2024 16:06:04 GMT
Link
<https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BY1PPFCABB9ECB5 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
3570d26e-fff1-44d0-aeb9-6aeac004c184
x-ms-route-info
C105_BAY

Redirect headers

alt-svc
h3=":443",h3-29=":443"
content-length
503
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 16:07:04 GMT
location
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HND&RemoteIP=2001:ac8:40::"}],"include_subdomains":true}
request-id
f45f994f-a9df-fd8b-996a-0cd3b6d9e523
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-02-21T16:07:04.701
x-backend-end
2024-02-21T16:07:04.701
x-backendhttpstatus
302
x-beserver
TYWP286MB3447
x-besku
WCS7
x-calculatedbetarget
TYWP286MB3447.JPNP286.PROD.OUTLOOK.COM
x-content-type-options
nosniff
x-diaginfo
TYWP286MB3447
x-feefzinfo
HND
x-feproxyinfo
TYCP286CA0201.JPNP286.PROD.OUTLOOK.COM
x-feserver
TYCP286CA0201
x-firsthopcafeefz
HND
x-iids
0
x-owa-diagnosticsinfo
2;0;0
x-proxy-backendserverstatus
302
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/
987 B
2 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/89EA) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-MD5
5YqvyYBhSpzXeWvqe16o8A==
Age
8779048
X-Cache
HIT
Connection
close
Content-Length
987
x-ms-lease-status
unlocked
Last-Modified
Fri, 27 Mar 2020 19:42:36 GMT
Server
ECAcc (tka/89EA)
Etag
0x8D7D287001BC861
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
d9f11d01-201e-00f1-7b07-15d471000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
49_7916a894ebde7d29c2cc29b267f1299f.jpg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/
17 KB
18 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/8987) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-MD5
eRaolOvefSnCzCmyZ/Epnw==
Age
8927874
X-Cache
HIT
Connection
close
Content-Length
17453
x-ms-lease-status
unlocked
Last-Modified
Fri, 27 Mar 2020 19:42:36 GMT
Server
ECAcc (tka/8987)
Etag
0x8D7D2870015D3DE
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
6d32b39c-101e-0052-1dad-136f11000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
53_8b36337037cff88c3df203bb73d58e41.png
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/
5 KB
6 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/8980) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-MD5
izYzcDfP+Iw98gO7c9WOQQ==
Age
21074113
X-Cache
HIT
Connection
close
Content-Length
5139
x-ms-lease-status
unlocked
Last-Modified
Wed, 12 Feb 2020 03:12:17 GMT
Server
ECAcc (tka/8980)
Etag
0x8D7AF695D6C58F2
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
4e51bae0-c01e-006e-4235-a59d98000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/
4 KB
2 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/8992) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-Encoding
gzip
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Age
3359782
X-Cache
HIT
Connection
close
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Thu, 16 Jan 2020 00:32:52 GMT
Server
ECAcc (tka/8992)
Etag
0x8D79A1B9F5E121A
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
b30d766b-c01e-007b-3b51-468d31000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/
111 KB
36 KB
Script
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
Requested by
Host: slidsd0canvem.top
URL: https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_1Zpn0Z4VlomFI1SEVRlEPA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/89D1) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
SxsaXa39nTRc5WmIHM+/cw==
Age
2104388
X-Cache
HIT
Connection
close
content-length
113440
x-ms-lease-status
unlocked
Last-Modified
Thu, 26 Jan 2023 00:32:14 GMT
Server
ECAcc (tka/89D1)
Etag
0x8DAFF34C5641B4D
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
5f05600c-001e-009b-7fbc-519846000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2
648 KB
176 KB
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/scripts/boot.worldwide.0.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:09:04 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
179692
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/
2 KB
1 KB
Image
General
Full URL
https://slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.199.22.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
Software
ECAcc (tka/8947) /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 21 Feb 2024 16:07:04 GMT
Content-Encoding
gzip
Content-MD5
R2FAVxfpONfnQAuxVxXbHg==
Age
14738521
X-Cache
HIT
Connection
close
Content-Length
621
x-ms-lease-status
unlocked
Last-Modified
Tue, 10 Nov 2020 03:41:05 GMT
Server
ECAcc (tka/8947)
Etag
0x8D8852A740F01B9
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
596643bd-b01e-00e0-50d4-de4f51000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2
644 KB
160 KB
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/scripts/boot.worldwide.1.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:08:52 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
163064
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2
647 KB
166 KB
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/scripts/boot.worldwide.2.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:09:05 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
169666
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2
645 KB
142 KB
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/scripts/boot.worldwide.3.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:08:53 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
145599
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.7316.21/resources/images/0/ Frame 4EE2
132 B
327 B
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/resources/images/0/sprite1.mouse.png
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:26:43 GMT
server
AkamaiNetStorage
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
132
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.7316.21/resources/images/0/ Frame 4EE2
994 B
503 B
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/resources/images/0/sprite1.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:26:43 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
288
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.7316.21/resources/styles/0/ Frame 4EE2
227 KB
43 KB
Stylesheet
General
Full URL
https://r4.res.office365.com/owa/prem/15.20.7316.21/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2791 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Feb 2024 18:27:43 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
44144
login_en_ab04aQSkUg8kw-swjhCJkw2.js
logincdn.msftauth.net/shared/5/js/
833 KB
213 KB
Script
General
Full URL
https://logincdn.msftauth.net/shared/5/js/login_en_ab04aQSkUg8kw-swjhCJkw2.js
Requested by
Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:43e9:c35a:4025:1596:b588 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8969) /
Resource Hash
d75a833891296977443c37f58d66b115fbef557354a069207b710cbdda7d7466

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Feb 2024 16:07:04 GMT
content-encoding
gzip
content-md5
BQusSjdtDQDgqeNCzDVxiw==
age
594850
x-cache
HIT
content-length
217462
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 00:50:17 GMT
server
ECAcc (tka/8969)
etag
0x8DC290915B65DD4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cf78e35d-001e-0077-0377-5f7928000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneds-analytics-js_c53074e74ebeb8e140d6_en.js
logincdn.msftauth.net/shared/5/chunks/
88 KB
32 KB
Script
General
Full URL
https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js
Requested by
Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/5/js/login_en_ab04aQSkUg8kw-swjhCJkw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:43e9:c35a:4025:1596:b588 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89A6) /
Resource Hash
f6ca33591efe5eaa905f49f5cb0d0643080dbc045865f02dc88f33dc7ddc7c33

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Feb 2024 16:07:05 GMT
content-encoding
gzip
content-md5
s98wrnDDS6yV/JFUTZIJvQ==
age
594849
x-cache
HIT
content-length
32748
x-ms-lease-status
unlocked
last-modified
Tue, 06 Feb 2024 16:57:45 GMT
server
ECAcc (tka/89A6)
etag
0x8DC2734BD782EB3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c4d8d56a-801e-00d7-6b77-5fbf4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msftauth.net/shared/5/images/
4 KB
2 KB
Image
General
Full URL
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Requested by
Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:43e9:c35a:4025:1596:b588 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89C0) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Feb 2024 16:07:05 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
18878614
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:45:14 GMT
server
ECAcc (tka/89C0)
etag
0x8DB77257FFE6B4E
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5259c1d0-c01e-0068-372c-b97b59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19d.svg
logincdn.msftauth.net/shared/5/images/
2 KB
824 B
Image
General
Full URL
https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
Requested by
Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:43e9:c35a:4025:1596:b588 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89AE) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Feb 2024 16:07:05 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
18859570
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:45:09 GMT
server
ECAcc (tka/89AE)
etag
0x8DB77257C91B168
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
04d8c632-201e-005c-0e59-b9518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://login.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://login.live.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Wed, 21 Feb 2024 16:07:07 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/
153 B
759 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
626bf8190ea97f556345bad818b243aae3c0a23efae5dde6be40f93724e9185e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1708531627445
accept-language
jp-JP,jp;q=0.9
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://login.live.com/
apikey
69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Feb 2024 16:07:07 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
931
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://login.live.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PROOF object| ServerData function| $Loader object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime object| __dynProto$Gbl

34 Cookies

Domain/Path Name / Value
slidsd0canvem.top/ Name: qPdM
Value: 3Q2LsSx6Zfom
slidsd0canvem.top/ Name: qPdM.sig
Value: uTAMuJiWv9w8wWNp5vZRSrY-F6k
slidsd0canvem.top/ Name: ClientId
Value: 8192F48DF7534D36ACB7496F755BE136
slidsd0canvem.top/ Name: OIDC
Value: 1
slidsd0canvem.top/ Name: OpenIdConnect.nonce.v3.bPb4w9bPv3qqyXNdbGsvT4Nn7Sd8-kaNJyXLjqWCJUg
Value: 638441284236844030.9ccdad08-f6f1-40b8-95d1-00094d09d75d
slidsd0canvem.top/ Name: X-OWA-RedirectHistory
Value: ArLym14B_pvhJPcy3Ag
.slidsd0canvem.top/ Name: esctx-q2FbaWYe0Qw
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8msGvDwglN3OJWpvNxTC_s5MDe1eMJ6bDwyMmPvf5jYQsjGXbdcPIHSPSKgTYsvDm3dJwBDIuhn6hYrCKH9QtfDGK3uJmljml7uRpV1llUCemWdy1Xu3L-Bzt5dZoAkR2puuxEI-Dykgt3EmH7pUqmiAA
slidsd0canvem.top/ Name: x-ms-gateway-slice
Value: estsfd
slidsd0canvem.top/ Name: stsservicecookie
Value: estsfd
.slidsd0canvem.top/ Name: AADSSO
Value: NA|NoExtension
slidsd0canvem.top/ Name: SSOCOOKIEPULLED
Value: 1
slidsd0canvem.top/ Name: buid
Value: 0.AXEAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-VM65lNYprE6tqz09rkhubJ_ptQ2QrVDMTMllT_FVhdhOx5u7-b9vk9DjK8tE2CBxNFtpOidIYNnGSdKyLNzKtOdBH0wIj7h-RPZoprv0urYgAA
.slidsd0canvem.top/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-r-OfqqwVz662wXIcZ2sW9A3DvLwdDSOeooFsiMR5emo2lg8bhOp8no075MeycdsvzA36NxS3De9l6CsgArJGsV8YUWAaS3RIH-auGnJOeZ58nRitpDKAgWTKDEF_RqbSkF8I3_JH_sL1vfCj_z3L_JBMU12JS2KhQrv2EOAhscYgAA
.slidsd0canvem.top/ Name: esctx-yft4il61SAw
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-ZsceycmaZNQYlaUnYDkb5iJTFpRWCUDmHSXdU7m4KJBTwfBaj3M2ADXiqW6UW_7uQZABXoy9kNHztVukw1v9m-W7ZMXlvhk7nVnOrau2qZF6y8AqJ4tuCCPAi3QIal79Kr-d-YINmABNsFgk9FobcSAA
slidsd0canvem.top/ Name: fpc
Value: AmaQ7E3PVYFInhzNCUvxkJyerOTJAQAAAKcWaN0OAAAA
.slidsd0canvem.top/ Name: brcap
Value: 0
.slidsd0canvem.top/ Name: ESTSWCTXFLOWTOKEN
Value: AQABIQEAAAAmoFfGtYxvRrNriQdPKIZ-vXQZ-eKFEcmTG_iDhee5jWjsN-73yYJkPSX2ySD1CUqmrGcXeVy8B6qmrJCttYzo6irc1lZ7B6OFE6r9IT-8krsIRHsQJjXVvRZc_cZedGEFgGPucZtP5vQnJQGS_OVQ5zQA51HGKxhw-7kEDPTWveMyjj7kwBRHijg-kD5DIWXN1l3Vq3MTsCtD8gAnm-Sh0y8L5KrxKgqXROwZR2EZT6AsnvoeARebDZwnCiG2_XYjVff6m2e4zY_WS6HzcQzmToitZq34ilMqNCSLpzLjDJcUeJRN4CSdSi3Xgg4FXm3h4ZOcKoSpl0RYbtvqd4E4bh92smu5Ud5xpCGLkRDGLL5bLTqcjMNnUScwnxhhbQcc5v9ccMnd9Qtw2yxDa1NV372akjOzQ4tnjGlUVDT5AdyJtPI_WnNlnvaL4dBbZxD_Whh6KIl_QhoDq99UwqdbiqhvrgFqGq4lD1ZYeQKuhyAA
outlook.office365.com/ Name: ClientId
Value: 9326B462956F4E8DBE4B03E077719DB0
outlook.office365.com/ Name: OIDC
Value: 1
outlook.office.com/ Name: ClientId
Value: 8258BF8EA41C4A1E8A9727846AEEADE0
outlook.office.com/ Name: OIDC
Value: 1
outlook.office.com/ Name: exchangecookie
Value: 1d466c2e17a747f28418f1da4230c711
outlook.office.com/ Name: RpsCsrfState.QrL_bybvT_pDAIacxNYeVEEn7kRIlXN8bvQySN6Wvi0
Value: 635c4f88-36d7-4a05-aeff-efd5d4fcacd1
outlook.office.com/ Name: X-OWA-RedirectHistory
Value: AhR7n8MBF818Jfcy3Ag
.login.live.com/ Name: uaid
Value: d8b9e077c2424f2cbe201e23faf08550
.login.live.com/ Name: MSPRequ
Value: id=292841&lt=1708531624&co=1
.login.live.com/ Name: MSCC
Value: 146.70.201.240-JP
.login.live.com/ Name: MSPOK
Value: $uuid-b266bc7f-6b1a-406e-9f30-7d079b87ae38
.login.live.com/ Name: OParams
Value: 11O.Dv8X7mbX7t5QnAplFRBnPV40W961RCnzlFAU!kwuPrm4LV*lylyybrJfvaGYZ0GMizU24d09naXJfJnMM5TRFyqSM8Fam9h7W7VPiUhzzqMJMCtnx2wKis7ERv06yiiiAeGpbxzE2ZMedsyIYD84MMBs6dQx0j5SXHSjJ1A9BBLPUt!Do9Jpz2Y0zVFlF!a5Ehnq6RN8KVlN7jQVYpFzhun4FUoCR5PQu0ZglPCtlY2LfgDAjPbVDxuq!!1kuF*c9kB4egXX2mmJTTcNpX0A!RO7m6dUqYcUBMTAk3oC7B7ieDyVi3mUxlBLCJkgr2w5g*MiGy2Ts0dPhhKbXqoK1ZUMzdGYtAWXoK7uJoY6fvtLVsBV*CjHwV5IXAtz2bq0CQAiDrCwQpXjCCvdjImo4JsEgyP!Tvtw5w6MW6audjKH
login.live.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 2679eecf-0686-4c7a-a280-06145c4b3bd5
login.live.com/ Name: ai_session
Value: uDOtg3jbUpfpG25cXx6EpT|1708531625438|1708531625438
.microsoft.com/ Name: MC1
Value: GUID=d158c7ab04f346588a3ea9c92f9368e4&HASH=d158&LV=202402&V=4&LU=1708531628376
.microsoft.com/ Name: MS0
Value: 7971a4b03129466f9bae18b7dbfe4de7
login.live.com/ Name: MSFPC
Value: GUID=d158c7ab04f346588a3ea9c92f9368e4&HASH=d158&LV=202402&V=4&LU=1708531628376

6 Console Messages

Source Level URL
Text
other warning URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains