www.authentication-microsoft.com Open in urlscan Pro
20.80.72.81  Malicious Activity! Public Scan

Submitted URL: http://www.authentication-microsoft.com/
Effective URL: https://www.authentication-microsoft.com/
Submission: On July 21 via manual from AU — Scanned from DE

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 76 HTTP transactions. The main IP is 20.80.72.81, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.authentication-microsoft.com.
TLS certificate: Issued by R3 on June 14th 2022. Valid for: 3 months.
This is the only time www.authentication-microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Live information

Domain & IP information

IP Address AS Autonomous System
2 3 20.80.72.81 8075 (MICROSOFT...)
20 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2.19.126.148 20940 (AKAMAI-ASN1)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
4 2620:1ec:bdf::44 8068 (MICROSOFT...)
1 20.190.159.68 8075 (MICROSOFT...)
26 185.199.110.153 54113 (FASTLY)
9 23.96.225.71 8075 (MICROSOFT...)
1 192.229.221.185 15133 (EDGECAST)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.50.73.9 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 51.105.71.136 8075 (MICROSOFT...)
76 18
Apex Domain
Subdomains
Transfer
26 o365blog.com
o365blog.com
2 MB
20 office.net
res.cdn.office.net — Cisco Umbrella Rank: 408
3 MB
17 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 275
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1343
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 103
c1.microsoft.com — Cisco Umbrella Rank: 5202
browser.events.data.microsoft.com — Cisco Umbrella Rank: 198
91 KB
3 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 2840
57 KB
3 authentication-microsoft.com
www.authentication-microsoft.com
login.authentication-microsoft.com
120 KB
2 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 9853
62 KB
2 akamaized.net
statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 10198
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1005
5 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2216
29 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 192
668 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 737
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
1 KB
1 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 2279
6 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 71
6 KB
76 14
Domain Requested by
26 o365blog.com res.cdn.office.net
o365blog.com
20 res.cdn.office.net www.authentication-microsoft.com
9 web.vortex.data.microsoft.com res.cdn.office.net
www.authentication-microsoft.com
mem.gfx.ms
3 mem.gfx.ms www.authentication-microsoft.com
mem.gfx.ms
3 www.microsoft.com www.authentication-microsoft.com
www.microsoft.com
2 c1.microsoft.com 1 redirects
2 browser.pipe.aria.microsoft.com res.cdn.office.net
2 c.s-microsoft.com www.microsoft.com
2 www.authentication-microsoft.com 1 redirects
1 browser.events.data.microsoft.com js.monitor.azure.com
1 js.monitor.azure.com mem.gfx.ms
1 c.bing.com 1 redirects
1 www.google-analytics.com o365blog.com
1 maxcdn.bootstrapcdn.com o365blog.com
1 fonts.googleapis.com o365blog.com
1 logincdn.msauth.net login.live.com
1 login.authentication-microsoft.com 1 redirects
1 login.live.com res.cdn.office.net
1 img-prod-cms-rt-microsoft-com.akamaized.net www.authentication-microsoft.com
1 statics-marketingsites-eus-ms-com.akamaized.net www.authentication-microsoft.com
76 20
Subject Issuer Validity Valid
login.authentication-microsoft.com
R3
2022-06-14 -
2022-09-12
3 months crt.sh
*.res.outlook.com
Microsoft RSA TLS CA 01
2022-06-02 -
2023-06-02
a year crt.sh
www.microsoft.com
Microsoft RSA TLS CA 01
2022-07-08 -
2023-07-08
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 02
2022-05-11 -
2023-05-06
a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA
2022-06-09 -
2023-06-09
a year crt.sh
o365blog.com
R3
2022-05-25 -
2022-08-23
3 months crt.sh
*.vortex.data.microsoft.com
Microsoft Azure TLS Issuing CA 02
2022-07-08 -
2023-07-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02
2022-05-21 -
2023-05-16
a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06
2022-06-26 -
2023-06-21
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.authentication-microsoft.com/
Frame ID: BDEAE1F82C71DFFF1260ADDA7AA260E1
Requests: 55 HTTP requests in this frame

Frame: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.authentication-microsoft.com/
Frame ID: 63B9AC63B9E3BE470A93C94927E9B52A
Requests: 2 HTTP requests in this frame

Frame: https://o365blog.com/
Frame ID: 790D8489200D5B08ACB546D184A017E0
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Office 365-Anmeldung | Microsoft Office

Page URL History Show full URLs

  1. http://www.authentication-microsoft.com/ HTTP 302
    https://www.authentication-microsoft.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

76
Requests

99 %
HTTPS

50 %
IPv6

14
Domains

20
Subdomains

18
IPs

4
Countries

6010 kB
Transfer

6957 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.authentication-microsoft.com/ HTTP 302
    https://www.authentication-microsoft.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://login.authentication-microsoft.com/savedusers?wreply=https://www.authentication-microsoft.com/&appid=4345a7b9-9a63-4910-a426-35363201d503 HTTP 302
  • https://o365blog.com/
Request Chain 79
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=7CEE407C60874BA8B6CC6E1CEB7A95E4&RedC=c1.microsoft.com&MXFR=0C518D254B29621E25899CCD4F296419 HTTP 302
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=7CEE407C60874BA8B6CC6E1CEB7A95E4&MUID=2AE84D40A40C68120AE45CA8A5676949

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.authentication-microsoft.com/
Redirect Chain
  • http://www.authentication-microsoft.com/
  • https://www.authentication-microsoft.com/
118 KB
120 KB
Document
General
Full URL
https://www.authentication-microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.80.72.81 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c5ddebccecacdff567eedde0759b63f30697908938a4e3d2d3be7e2620f58c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Jul 2022 01:30:00 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
CONFIG_NOCACHE
X-Msedge-Ref
Ref A: 9DF5508E6CE34648AD2521857F487EB6 Ref B: DM2EDGE0708 Ref C: 2022-07-21T01:30:01Z
X-Ua-Compatible
IE=edge,chrome=1

Redirect headers

Content-Length
64
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Jul 2022 01:30:01 GMT
Location
https://www.authentication-microsoft.com/
unauth-c6f8cb8934.css
res.cdn.office.net/officehub/bundles/
192 KB
70 KB
Stylesheet
General
Full URL
https://res.cdn.office.net/officehub/bundles/unauth-c6f8cb8934.css
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c41a0700fe51c75a3ed77460b8cdeba4d4cc86de24c0302a9b4e3b52ef2508b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Jul 2022 21:06:43 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
07abe7f3-701e-0029-075c-9bc1e3000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
71604
sharedfontstyles-27fa2598d8.css
res.cdn.office.net/officehub/bundles/
1 KB
571 B
Stylesheet
General
Full URL
https://res.cdn.office.net/officehub/bundles/sharedfontstyles-27fa2598d8.css
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8ad9c22eb148de817a1b86bcfc7ccef2151f798c0d8f26a7534ee0b9465ea34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 21:10:14 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
efeee362-d01e-0052-1945-34837f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
267
segoeui_light.woff2
res.cdn.office.net/officehub/versionless/webfonts/
10 KB
11 KB
Font
General
Full URL
https://res.cdn.office.net/officehub/versionless/webfonts/segoeui_light.woff2
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:22:49 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
caefca9a-501e-0063-2177-37626c000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
10567
segoeui_regular.woff2
res.cdn.office.net/officehub/versionless/webfonts/
11 KB
11 KB
Font
General
Full URL
https://res.cdn.office.net/officehub/versionless/webfonts/segoeui_regular.woff2
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:21:15 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
69dd85a8-301e-0017-37d4-32569c000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
11123
segoeui_semibold.woff2
res.cdn.office.net/officehub/versionless/webfonts/
11 KB
11 KB
Font
General
Full URL
https://res.cdn.office.net/officehub/versionless/webfonts/segoeui_semibold.woff2
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:24:24 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
68816127-a01e-0048-5161-34e2a0000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
11379
segoeui_semilight.woff2
res.cdn.office.net/officehub/versionless/webfonts/
12 KB
12 KB
Font
General
Full URL
https://res.cdn.office.net/officehub/versionless/webfonts/segoeui_semilight.woff2
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:25:07 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
5f2fb1d3-701e-0006-6ffb-36cc28000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
12187
ef-a24652
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/bd-97baf6/
166 KB
23 KB
Stylesheet
General
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/bd-97baf6/ef-a24652?ver=2.0&_cf=20210618
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f5e98e2373c741c7a3d6f1c3a4b114e3f0f022c41e24ee6ba022de985eac773b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

ms-operation-id
0c30ba875c3e2042877bbca2c45a3bc1
date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rtag
RT
x-s2
2022-06-15T19:37:26
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
ee4c6912-02a6-4afd-ad84-38706ea65e6b
tls_version
tls1.3
x-s1
2022-06-15T19:37:26
ms-cv
4NLaIQUDWUaT48fW.0
vary
Accept-Encoding
content-length
22531
x-xss-protection
1; mode=block
last-modified
Wed, 15 Jun 2022 19:37:26 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-05-13T07:04:02.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=28490843
timing-allow-origin
*
x-appversion
1.0.8167.41521
expires
Thu, 15 Jun 2023 19:37:25 GMT
override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/
1 KB
907 B
Stylesheet
General
Full URL
https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.19.126.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-148.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 21 Jul 2022 01:30:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
d0de67a5-701e-0062-5638-494dd2000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/
4 KB
4 KB
Image
General
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:f7::5c7b:e0f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 01:30:02 GMT
last-modified
Sun, 29 May 2022 13:53:06 GMT
x-datacenter
northeu
x-source-length
4054
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=176256
x-activityid
0833e942-4a94-41b7-98f3-3dc8b31e3bed
x-resizerversion
1.0
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length
4054
expires
Sat, 23 Jul 2022 02:27:38 GMT
hero-xxl-b79c4b74fa.jpg
res.cdn.office.net/officehub/images/content/images/
515 KB
516 KB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/hero-xxl-b79c4b74fa.jpg
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb4506c6341c8bed31416f698406b26cadf9773b1a70f65a6115bedf88960b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:22:31 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
4eb65cd6-901e-0053-5204-9cdca3000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
526848
for-home-22b0da7562.png
res.cdn.office.net/officehub/images/content/images/
1 KB
2 KB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/for-home-22b0da7562.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2faed8a5b8611ced29bd53267d47173058b5a448b3ff65b0fdf2fdb047cbf0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:23:42 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
862c62b7-801e-005f-0e9f-9c4bab000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
1467
for-business-7a6cb040bd.png
res.cdn.office.net/officehub/images/content/images/
2 KB
2 KB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/for-business-7a6cb040bd.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
38ccec1fc395d0e037e0898297a0fecb652dfefab7f5fbd110d468757f0681f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:22:44 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
4e628eef-101e-0010-559f-9c3aff000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
1613
for-enterprise-b5e0072ea2.png
res.cdn.office.net/officehub/images/content/images/
1 KB
1 KB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/for-enterprise-b5e0072ea2.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ee74532919b86d147a917a5c87d7b3002fff7f7287693c7d1908b9bcd6556f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:22:46 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
729de0fd-501e-003e-249f-9c68e8000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
1211
for-education-5ca7026e70.png
res.cdn.office.net/officehub/images/content/images/
3 KB
3 KB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/for-education-5ca7026e70.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f7eb4a6e059d1265c204a61a13c7c309304e5d2aa02962fa6627f6ede3da5096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:23:21 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
226715ed-401e-0022-3f9f-9c3a88000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
2701
unauth-vendor-320f34a99e.js
res.cdn.office.net/officehub/bundles/
103 KB
34 KB
Script
General
Full URL
https://res.cdn.office.net/officehub/bundles/unauth-vendor-320f34a99e.js
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71edbbdac41799addbc0f83b2286b4544e98215614a132708bcbd4f618cdcb80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Sep 2021 01:37:06 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8076c99d-d01e-001f-7637-364c93000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
34271
sharedscripts-c77f7edec8.js
res.cdn.office.net/officehub/bundles/
52 KB
15 KB
Script
General
Full URL
https://res.cdn.office.net/officehub/bundles/sharedscripts-c77f7edec8.js
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5eecee06d474645944c6c0f552679df4dd4f7cedf6482a9073b8cc1c598d34e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 May 2022 22:18:52 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cb146b6b-701e-0039-75fc-63048b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
15201
unauth-59fa1432f4.js
res.cdn.office.net/officehub/bundles/
57 KB
19 KB
Script
General
Full URL
https://res.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f5888af9e7759a8aaa8c11cbd5804debf7d84c758d95a06af791fc48e85ffd4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Sep 2021 01:32:23 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fd7566ef-a01e-0005-61e3-352d4c000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
18732
37-8473b9
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/93-04b71e/dd-2cee44/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d...
134 KB
36 KB
Script
General
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/93-04b71e/dd-2cee44/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=20210618&iife=1
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6022483a43ae32ec56995126315b808b05735aa7508e8ade3b6c4c21a14f283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

ms-operation-id
eb4315aa61ce7c46a301f0275a4f468e
date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rtag
RT
x-s2
2022-07-12T19:10:12
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
a73c9c99-7288-4212-ad4f-77d19f6c3f35
tls_version
tls1.3
x-s1
2022-07-12T19:10:11
ms-cv
4OEPZL5ISUu8Cqao.0
vary
Accept-Encoding
content-length
35714
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jul 2022 19:10:11 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-06-23T06:16:40.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30822008
timing-allow-origin
*
x-appversion
1.0.8208.40100
expires
Wed, 12 Jul 2023 19:10:10 GMT
meversion
mem.gfx.ms/
29 KB
10 KB
Script
General
Full URL
https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d975a54bf52f400d4fc61667eb5e2580ef80a4ea4657ed01ca6a2628a85e6c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-azure-ref-originshield
0VTLYYgAAAACWye4JNX76TqMn+lvpdxGDRlJBMjMxMDUwNDE4MDM3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date
Thu, 21 Jul 2022 01:30:01 GMT
x-azure-ref
0GqzYYgAAAADh7WTOEgGYR5kYXGvRxDCyRlJBRURHRTEwMTkAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
x-ua-compatible
IE=edge
expires
Thu, 21 Jul 2022 00:01:03 GMT
Me.srf
login.live.com/ Frame 63B9
12 KB
6 KB
Document
General
Full URL
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.authentication-microsoft.com/
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/unauth-vendor-320f34a99e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83062f16548b16267876a6b3e86d7321bc400a97d9766bb2f35c123b56e8a64f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.authentication-microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
4845
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Jul 2022 01:30:02 GMT
Expires
Thu, 21 Jul 2022 01:29:02 GMT
Link
<https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02PF66A8ECB69 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
339e5fc1-193e-47dc-b153-4a5769a4259e
x-ms-route-info
R3_BL2
/
o365blog.com/ Frame 790D
Redirect Chain
  • https://login.authentication-microsoft.com/savedusers?wreply=https://www.authentication-microsoft.com/&appid=4345a7b9-9a63-4910-a426-35363201d503
  • https://o365blog.com/
51 KB
10 KB
Document
General
Full URL
https://o365blog.com/
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/unauth-vendor-320f34a99e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
dba7358b4506f14d0b7634193470a33531fc9da93cb3aee9031c7b30252f9723

Request headers

Referer
https://www.authentication-microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
9406
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 01:30:03 GMT
etag
W/"62c7ed90-cc5a"
expires
Thu, 21 Jul 2022 01:40:03 GMT
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
3147b374ea26fc37b6537661d51a7be26876c59d
x-github-request-id
6D84:23A1:5BCC99:605275:62D8AC1B
x-proxy-cache
MISS
x-served-by
cache-hhn4046-HHN
x-timer
S1658367003.156852,VS0,VE89

Redirect headers

Connection
close
Content-Type
text/html
Location
https://o365blog.com
Transfer-Encoding
chunked
t.js
web.vortex.data.microsoft.com/collect/v1/
281 B
966 B
Script
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272022-07-21T01%3A30%3A02.426Z%27&os=%27Windows%27&appId=%27JS%3Awww.authentication-microsoft.com-unauth%27&*baseType=%27Ms.Content.PageView%27&-ver=%271.0%27&-impressionGuid=%272cb11f52-f146-48c9-8b1f-1d0af2902466%27&-pageName=%27UnauthOhp%27&-uri=%27https%3A%2F%2Fwww.authentication-microsoft.com%2F%27&-pageTags=%27%7B%22metaTags%22%3A%7B%22expengine%22%3A%22office.com%22%2C%22expstatus%22%3A%22prod%22%2C%22ver%22%3A%225%22%2C%22ms.lang%22%3A%22de%22%2C%22ms.loc%22%3A%22DE%22%2C%22ms.ocpub.assetid%22%3A%22UnauthOhp%22%2C%22ms.env%22%3A%22prod%22%2C%22ms.sitever%22%3A%225%22%2C%22ms.flightid%22%3A%22pwav2token%7Cinstallmovecf%7Cacctsw%7Cvalidhost%7Clogouthint%7Cwachostprodhwa%7Cthumbnailcall%22%7D%7D%27&-behavior=0&-resHeight=1200&-resWidth=1600&-market=%27de-DE%27&*cookieEnabled=true&*flashInstalled=false&*isJs=true&*title=%27Office%20365-Anmeldung%20%7C%20Microsoft%20Office%27&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.1.0%27&ext-javascript-domain=%27www.authentication-microsoft.com%27&ext-user-localId=%27t%3A369FCD6DA1DF6B803F80DC85A0396A03%27
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b50168cd38eaae902d0c0a404c2ae0e03979656d81d2cc6716a6b981b3662e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 01:30:02 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
twjvNiyWdEGfmiqodWLJXQ.0
Content-Type
application/javascript
Content-Length
281
Expires
0
office-apps-347d86a528.gif
res.cdn.office.net/officehub/images/content/images/
3 MB
3 MB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/office-apps-347d86a528.gif
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ead46caac003896735edae621ee4c3d439d82ca8d84f1a61cc81fab6aafb3174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:22:20 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
895f1491-701e-0016-52b3-9a0940000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
2795835
linkedin-refresh-02734a460c.png
res.cdn.office.net/officehub/images/content/images/
315 B
619 B
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/linkedin-refresh-02734a460c.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:25:25 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
c5f81342-501e-0001-3a7b-38a04b000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
338
facebook-refresh-090a700c0f.png
res.cdn.office.net/officehub/images/content/images/
256 B
556 B
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/facebook-refresh-090a700c0f.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
81dd42197f137d54b0833fb24aab0c9a05ac07bd4aecec3f79ac281bbc46b64a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:25:00 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
5c3532fd-901e-0031-7ce3-301e84000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
275
twitter-refresh-93ca1a80ff.png
res.cdn.office.net/officehub/images/content/images/
369 B
673 B
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/twitter-refresh-93ca1a80ff.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:21:22 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
cda8ee76-901e-0053-6022-36dca3000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
392
instagram-refresh-5d315a943e.png
res.cdn.office.net/officehub/images/content/images/
410 B
714 B
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/instagram-refresh-5d315a943e.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9ede85d6c2139703e1a1dfa94105f6063607bc0f2f53cfb98d30daf90134bc51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:24:53 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
fdea4359-f01e-0055-50dd-35ef1c000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
433
blog-33305b0d90.png
res.cdn.office.net/officehub/images/content/images/
1 KB
1 KB
Image
General
Full URL
https://res.cdn.office.net/officehub/images/content/images/blog-33305b0d90.png
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:297::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
207f50299063fbb1f3b17bc02663cc5e8fb3b385e8ea29919d1af13a7baa6247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 01:21:27 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-ms-request-id
21087680-a01e-002a-5097-352087000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
821
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.22108.2/de-DE/
158 KB
31 KB
Script
General
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/de-DE/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
971f209bf1eda08fa1ce4381bc8dfe81702e8866e2e1e303991e3f6135808caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Jun 2022 23:09:26 GMT
x-azure-ref-originshield
0hZbYYgAAAAAwss9FwXobQ5/Cq6Kew8YyRlJBMjMxMDUwNDE3MDI5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d87c90a30919e5"
x-azure-ref
0GqzYYgAAAADdwsUgr69+QbfXJkaeXJG2RlJBRURHRTEwMjIAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Thu, 21 Jul 2022 01:30:01 GMT
x-ua-compatible
IE=edge
t.gif
web.vortex.data.microsoft.com/collect/v1/
43 B
714 B
Image
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-21T01%3A30%3A02.447Z%27&appId=%27JS%3AMeControl%27&cV=%27v8XIg3dZErI47aJ9.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.authentication-microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=112&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27b6698ab2-8343-491f-55b1-75577115e4c5%27&*market=%27de-DE%27&*customData=%27%7B%22computedDuration%22%3A205.5999984741211%2C%22perfDuration%22%3A111.5%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22office%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22de-DE%22%2C%22ptn%22%3A%22office%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.authentication-microsoft.com%2F%22%2C%22accts%22%3A%220-0%22%7D%27
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 01:30:02 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
eKsZVRVcIUyjTO27lInMzg.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/
43 B
714 B
Image
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-21T01%3A30%3A02.570Z%27&appId=%27JS%3AMeControl%27&cV=%27v8XIg3dZErI47aJ9.3%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.authentication-microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=114&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22108.2%2Fde-DE%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27b6698ab2-8343-491f-55b1-75577115e4c5%27&*market=%27de-DE%27&*customData=%27%7B%22computedDuration%22%3A117.89999771118164%2C%22perfDuration%22%3A113.69999694824219%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22office%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22de-DE%22%2C%22ptn%22%3A%22office%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.authentication-microsoft.com%2F%22%2C%22accts%22%3A%220-0%22%7D%27
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 01:30:02 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
iHz5HKj1R0+SBQfd9xRGjQ.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/
43 B
714 B
Image
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-07-21T01%3A30%3A02.575Z%27&appId=%27JS%3AMeControl%27&cV=%27v8XIg3dZErI47aJ9.5%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.authentication-microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27office%27&*controlVersion=%2710.22108.2%27&*market=%27de-DE%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=126.5&*details=%27loadV1%27
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 01:30:02 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
/KdVV5sFvkS6/rYXWdu1Aw.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/
43 B
714 B
Image
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-07-21T01%3A30%3A02.587Z%27&appId=%27JS%3AMeControl%27&cV=%27v8XIg3dZErI47aJ9.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.authentication-microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27office%27&*controlVersion=%2710.22108.2%27&*market=%27de-DE%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=138.8000030517578&*details=%27Web%20header%27
Requested by
Host: www.authentication-microsoft.com
URL: https://www.authentication-microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 01:30:02 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
iHvnXu8ccEOZnLubfPfUzQ.0
Content-Type
image/gif
Content-Length
43
Expires
0
MeControl_ElKZE4ed_XLXPO_uIZXhFQ2.js
logincdn.msauth.net/16.000/content/js/ Frame 63B9
17 KB
6 KB
Script
General
Full URL
https://logincdn.msauth.net/16.000/content/js/MeControl_ElKZE4ed_XLXPO_uIZXhFQ2.js
Requested by
Host: login.live.com
URL: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.authentication-microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA4) /
Resource Hash
d77162038ea7d0bd11f0af0ab1dbd76a00b12456da33897c077d45bfbab6af15

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 21 Jul 2022 01:30:02 GMT
content-encoding
gzip
content-md5
rQLYvaa9OguUDHrhCZkkQg==
age
1789672
x-cache
HIT
content-length
6037
x-ms-lease-status
unlocked
last-modified
Wed, 29 Jun 2022 05:17:13 GMT
server
ECAcc (frc/8EA4)
etag
0x8DA598EA025399F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f722bfa1-201e-007d-1d5a-8cd1d0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
truncated
/
358 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16ee9e65eecb22edde02df0c0b971edf9d6f72b4b0401606eb8052cc39c446cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a22f01d97ff4ddde37b0ba8b2d934cf8a88d5239bdd44e158776ca646b667a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a82c6e3878d9522fde6caa3a4daf0a049b7cec0cf979bc1cb5e14da19013f6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4bd80e92ce90b7824e08d7e54e2b73d4e71207fe21fd6066f388810ec458351

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
768 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e1b1da7a21e6051f74370893d904c910272cf815f5188e528648ae0301f6008

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df62c7a1b123bee0a4f986dcab7b3af1b37fc4fd09895cf1cf6e56bce449be32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca321c1e1ca9b03c8fa8391108aade2a4807fe2c428cefde4b75903a06dcc373

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/
33 KB
34 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/bd-97baf6/ef-a24652?ver=2.0&_cf=20210618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:29d::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:03 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=548671
accept-ranges
bytes
content-length
34052
expires
Wed, 27 Jul 2022 09:54:34 GMT
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/
26 KB
26 KB
Font
General
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/bd-97baf6/ef-a24652?ver=2.0&_cf=20210618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/bd-97baf6/ef-a24652?ver=2.0&_cf=20210618
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

ms-operation-id
2a1e50ed457aef4ca6cebbccb2d3d52e
date
Thu, 21 Jul 2022 01:30:03 GMT
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
eec62f7b-5bea-4e40-9877-6a3e37a74630
tls_version
tls1.3
ms-cv
51fq2OUUEkOlxmIz.0
content-length
26288
x-xss-protection
1; mode=block
last-modified
Mon, 11 Apr 2022 10:00:35 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=22840232
x-appversion
1.0.8125.42964
expires
Tue, 11 Apr 2023 10:00:35 GMT
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd

Request headers

Referer
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7fd86ae31b712bbd8cc7108a0a0661ecf7c4eda429a36fde5c5c899cb81565b

Request headers

Referer
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/octet-stream
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/
29 KB
29 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/bd-97baf6/ef-a24652?ver=2.0&_cf=20210618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:29d::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:03 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"5b68d583e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=388434
accept-ranges
bytes
content-length
29388
expires
Mon, 25 Jul 2022 13:23:57 GMT
v1
web.vortex.data.microsoft.com/collect/
0
0
Ping
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.authentication-microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

css
fonts.googleapis.com/ Frame 790D
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1373de8f39707667d63fef9e887d023283d24dafe3fbbb68a47742d997039e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 01:30:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 01:30:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 01:30:03 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 790D
27 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
7697823
cdn-cachedat
2021-04-23 00:57:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6fd55a5acd176e269a69edc3257a66da
cf-ray
72e02b4a98b423c7-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
style.css
o365blog.com/css/ Frame 790D
21 KB
5 KB
Stylesheet
General
Full URL
https://o365blog.com/css/style.css
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
4841e535c487241e6780a25e0e2537d3c98af905e240e0d79bf35b8adfd26ede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
a92d3835445c25de0c1d40818618a7bb81a8e21b
date
Thu, 21 Jul 2022 01:30:03 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
5012
x-served-by
cache-hhn4046-HHN
access-control-allow-origin
*
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
8E5C:64A1:53988D:57EE0C:62D8AC1B
x-timer
S1658367003.264223,VS0,VE87
etag
W/"62c7ed90-525e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
scripts.js
o365blog.com/js/ Frame 790D
6 KB
2 KB
Script
General
Full URL
https://o365blog.com/js/scripts.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
9300c5d77122bc84923ec654e3ff94c0e49e7ce0a983da5f4ef46ffb1a76db21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
fd2cf33a633411969801b08a947e08e02efa00d2
date
Thu, 21 Jul 2022 01:30:03 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
2350
x-served-by
cache-hhn4046-HHN
access-control-allow-origin
*
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
B43E:131E8:2851DA:2B9CCF:62D8AC1B
x-timer
S1658367003.264383,VS0,VE88
etag
W/"62c7ed90-19af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
tools.js
o365blog.com/js/ Frame 790D
4 KB
2 KB
Script
General
Full URL
https://o365blog.com/js/tools.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
819f0cd62ecd0c4b0200ec6454b0766be28a5bd830b49f4b3a34efaad041c262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
3d8faec23693875295febccb89c7ab92e0745f1b
date
Thu, 21 Jul 2022 01:30:03 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
1398
x-served-by
cache-hhn4046-HHN
access-control-allow-origin
*
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
4A44:66F4:BEAF4:E8392:62D8AC1B
x-timer
S1658367003.264375,VS0,VE85
etag
W/"62c7ed90-fc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
analytics.js
www.google-analytics.com/ Frame 790D
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1683
date
Thu, 21 Jul 2022 01:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Jul 2022 03:02:00 GMT
favicon-96x96.png
o365blog.com/images/ Frame 790D
4 KB
5 KB
Image
General
Full URL
https://o365blog.com/images/favicon-96x96.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
e124fe1b3a5e21095e4c0e828938c8467773b3eb0274b0d865146a3861622e10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
8f18af788a47d7133d5c3cd600efc968e8349e38
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
4317
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
5674:C388:5A57FB:5EC99C:62D8AC1B
x-timer
S1658367003.360830,VS0,VE86
etag
"62c7ed90-10dd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
deviceidentity.png
o365blog.com/images/posts/ Frame 790D
182 KB
183 KB
Image
General
Full URL
https://o365blog.com/images/posts/deviceidentity.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
41549e3dfec24f162688b7ddc91605ed188cefd718a7619877386e2e902bfece

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
080eff4c74ad0ce37755ddf8765ca9eee0cee511
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
186852
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
336E:12B52:EF73A:11A400:62D8AC1B
x-timer
S1658367003.364530,VS0,VE88
etag
"62c7ed90-2d9e4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 21 Jul 2022 01:40:03 GMT
partners.png
o365blog.com/images/posts/ Frame 790D
76 KB
76 KB
Image
General
Full URL
https://o365blog.com/images/posts/partners.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
bd06ca7c8b4c13a43e52b863fc674efe97af33d0ae68063b4c19518eeabb775c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
ad942a4dcb065841d6270eb22940af8e2df487f4
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
77684
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
DFF2:64A0:28BC86:2C0C49:62D8AC1B
x-timer
S1658367003.365517,VS0,VE168
etag
"62c7ed90-12f74"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 21 Jul 2022 01:40:03 GMT
admintools.png
o365blog.com/images/posts/ Frame 790D
159 KB
159 KB
Image
General
Full URL
https://o365blog.com/images/posts/admintools.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
55ffa27bbc4b9029512f6b59058f6d1819954b47db4cc75d76496413260402fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
49d1f5c530c424e748e3eac582bf3474528d552f
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
162864
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
D690:66F5:270524:2A3DF0:62D8AC1B
x-timer
S1658367003.365755,VS0,VE92
etag
"62c7ed90-27c30"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
hhealth.png
o365blog.com/images/posts/ Frame 790D
81 KB
81 KB
Image
General
Full URL
https://o365blog.com/images/posts/hhealth.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
6f4e99ce5c1acb166eea29c55c990538b3e4a3bc79c66af29f9b39712ebe1759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
d1f16c0234be562fba8f14156260b7d1ca39f3f3
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
83054
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
D616:6DD6:55F289:5A57E4:62D8AC1B
x-timer
S1658367003.365726,VS0,VE91
etag
"62c7ed90-1446e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
ADFS.png
o365blog.com/images/posts/ Frame 790D
339 KB
340 KB
Image
General
Full URL
https://o365blog.com/images/posts/ADFS.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
2692ea91011efaebdb2e082f87c060b8707f323a19321cf3285929f61371d328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
1077be4fae36cd13bf6ebb3be7010fa3100c728c
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
347496
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
D308:6DD6:55F289:5A57E3:62D8AC1B
x-timer
S1658367003.365722,VS0,VE89
etag
"62c7ed90-54d68"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 21 Jul 2022 01:40:03 GMT
devices.png
o365blog.com/images/posts/ Frame 790D
144 KB
145 KB
Image
General
Full URL
https://o365blog.com/images/posts/devices.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
1ab4ca69f623c941e816c65d6f16abfaf710b33dc34f74b28ec37f1a51f71221

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
8649fef531cfdc6b00324203d4ba8dcce580a9a9
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
147822
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
7A7C:A42A:59CD41:5E4DD4:62D8AC1B
x-timer
S1658367003.365996,VS0,VE88
etag
"62c7ed90-2416e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 21 Jul 2022 01:40:03 GMT
bprt.png
o365blog.com/images/posts/ Frame 790D
123 KB
123 KB
Image
General
Full URL
https://o365blog.com/images/posts/bprt.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
650373ab4c5721f19ae9fda797e685c28a3ea40915c9470e43df882374dfa6cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
89d6c5f452685ac6d0d93572ab473d4316525989
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
125610
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
A4D2:983C:1AA3CA:1C8E2B:62D8AC1B
x-timer
S1658367003.365983,VS0,VE90
etag
"62c7ed90-1eaaa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
teams-policies.png
o365blog.com/images/posts/ Frame 790D
41 KB
41 KB
Image
General
Full URL
https://o365blog.com/images/posts/teams-policies.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
f1b5151ec549d5a4850a6a1485e435c471dc24bfe069a1d887de60d7f6b810ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
4b4a1bae5263082c9411b824d68783ca116f4f7d
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
41504
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
D55E:C387:272CB3:2A6B20:62D8AC1B
x-timer
S1658367003.366293,VS0,VE87
etag
"62c7ed90-a220"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
AADInt_CloudIdentitySummit2020.png
o365blog.com/images/posts/ Frame 790D
29 KB
30 KB
Image
General
Full URL
https://o365blog.com/images/posts/AADInt_CloudIdentitySummit2020.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
ef33e7882ea4e0a7fe5f666d736eea6fed5f7981fa7b7e3fa65fdeb6964786bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
3d2a51344dcb099b983c43710bd8b1f63329cca2
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
30125
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
7BBE:A42A:59CD41:5E4DD5:62D8AC1B
x-timer
S1658367003.365975,VS0,VE86
etag
"62c7ed90-75ad"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
phishing.png
o365blog.com/images/posts/ Frame 790D
28 KB
28 KB
Image
General
Full URL
https://o365blog.com/images/posts/phishing.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
027a19b2a6dbaf1ab44ff33b22cf99be3e3ec88ac2e6a384f749a1a4dc42380e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
7d5340e74301f0f39a76f470a10bacc8849c6a1d
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
28672
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
2B1C:4A79:45D7AC:49904F:62D8AC1B
x-timer
S1658367003.367242,VS0,VE86
etag
"62c7ed90-7000"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
cloudshell.png
o365blog.com/images/posts/ Frame 790D
24 KB
24 KB
Image
General
Full URL
https://o365blog.com/images/posts/cloudshell.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
ac4b438e505a63183038383398852daed193a9dbf391511d822d159841de0832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
9728101725fa131144a3bb288f50ee9ade2d7fe0
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
24256
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
46C8:4A79:45D7AC:499050:62D8AC1B
x-timer
S1658367003.367226,VS0,VE167
etag
"62c7ed90-5ec0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
MDM.png
o365blog.com/images/posts/ Frame 790D
142 KB
142 KB
Image
General
Full URL
https://o365blog.com/images/posts/MDM.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
d987b3af3d06482d5c5042d1a16afaa97451cd3f072428f78c38cd87d5469a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
5ef5f497bbe9cd65d5b4439ea6bf2a510017a729
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
145391
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
CAA6:66F6:5BB16B:6044E0:62D8AC1B
x-timer
S1658367003.367210,VS0,VE88
etag
"62c7ed90-237ef"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
PRT.png
o365blog.com/images/posts/ Frame 790D
69 KB
69 KB
Image
General
Full URL
https://o365blog.com/images/posts/PRT.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
95eb5487b47c248351106a847a2e665aeecb5b04da9c273e8e1e51c0a96dbe27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
afe3994d0c9c2ff642e93cd34ea6f186d425c4a8
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
70594
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
F62E:4A79:45D7AC:49904E:62D8AC1B
x-timer
S1658367003.367197,VS0,VE86
etag
"62c7ed90-113c2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
MFA.png
o365blog.com/images/posts/ Frame 790D
36 KB
36 KB
Image
General
Full URL
https://o365blog.com/images/posts/MFA.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
210abf156015681112e87b90d80d22ac2fbbd2ca6767e4ab877befe4a56820b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
6e41e9ce089fbaf977736f037b6899d356c48c4d
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
36940
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
6D84:23A1:5BCCA4:605285:62D8AC1B
x-timer
S1658367003.367182,VS0,VE87
etag
"62c7ed90-904c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
on-prem_admin.png
o365blog.com/images/posts/ Frame 790D
31 KB
31 KB
Image
General
Full URL
https://o365blog.com/images/posts/on-prem_admin.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
cba02100db783c636faf54adb67f25189f5da41acb074ebaf9eb1006d226a12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
67929616780042f491c91d5b17934d0325752f96
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
31672
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
9352:D068:466583:4A03E7:62D8AC1B
x-timer
S1658367003.367163,VS0,VE86
etag
"62c7ed90-7bb8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
admin.png
o365blog.com/images/posts/ Frame 790D
107 KB
107 KB
Image
General
Full URL
https://o365blog.com/images/posts/admin.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
6be980c544f794717d08f61300e777bdae80c3c9def5d21572cb3b76baad9770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
b314edb7b6da4d4096610fa4968bcba38f50119d
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
109091
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
520A:6DD4:D384C:FDBA0:62D8AC1B
x-timer
S1658367003.367148,VS0,VE487
etag
"62c7ed90-1aa23"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
insider.png
o365blog.com/images/posts/ Frame 790D
140 KB
140 KB
Image
General
Full URL
https://o365blog.com/images/posts/insider.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
08519f444b9ff2eeb8db9228289568cbcb8bcc2da16ca3ed6b7969b780750207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
b48198aac77cefea44bf0c70587357444bd348ba
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
143261
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
B7BA:74EA:4349BE:46C1AC:62D8AC1B
x-timer
S1658367003.367134,VS0,VE325
etag
"62c7ed90-22f9d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
QuestForGuest.png
o365blog.com/images/posts/ Frame 790D
122 KB
123 KB
Image
General
Full URL
https://o365blog.com/images/posts/QuestForGuest.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
27d39bc160e49a2cc409d8622d7c88fe576e0cbc396d88edebb424029960d585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
5a3e1b03f90df407c3eac7e34ba8d8b126fcc572
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
125434
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
36C2:81D5:F451C:11F7A9:62D8AC1B
x-timer
S1658367003.367124,VS0,VE89
etag
"62c7ed90-1e9fa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
justlooking.png
o365blog.com/images/posts/ Frame 790D
152 KB
152 KB
Image
General
Full URL
https://o365blog.com/images/posts/justlooking.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
63b42028e91d1d83644fa77954aeed3abd857ae2d1049b3ceedb8fe71b37e1aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
35b51ac88ef9fce85b2c800573de116bddaf9cbd
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
155708
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
BB1C:1195B:28B49B:2BFAB4:62D8AC1B
x-timer
S1658367003.367108,VS0,VE149
etag
"62c7ed90-2603c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
AzureVMs.png
o365blog.com/images/posts/ Frame 790D
75 KB
76 KB
Image
General
Full URL
https://o365blog.com/images/posts/AzureVMs.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
65b47f3a49958be7f2f03cfca4b96c8ebe6e58d02d22205140dc2b355596b571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
29fda67df75dfdbde56a5aa6b6c5c85c33abb289
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
77248
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
E784:BBFF:56341D:5AAEF0:62D8AC1B
x-timer
S1658367003.367097,VS0,VE99
etag
"62c7ed90-12dc0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 21 Jul 2022 01:40:03 GMT
CC-BY.png
o365blog.com/images/ Frame 790D
1 KB
1 KB
Image
General
Full URL
https://o365blog.com/images/CC-BY.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o365blog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id
d29b87cbf7985785ec4ae353808efb8d505247b6
date
Thu, 21 Jul 2022 01:30:03 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
1283
x-served-by
cache-hhn4046-HHN
last-modified
Fri, 08 Jul 2022 08:40:48 GMT
server
GitHub.com
x-github-request-id
47E2:BBFC:44222:6B468:62D8AC1B
x-timer
S1658367003.367071,VS0,VE83
etag
"62c7ed90-503"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 21 Jul 2022 01:40:03 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/
0
442 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=ea6758984c4b43529f9929667d8d3198-c52d4a8b-47fe-4fdf-99b8-5f897ff4e33b-7365&client-time-epoch-millis=1658367003425&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/sharedscripts-c77f7edec8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 21 Jul 2022 01:30:03 GMT
time-delta-millis
158
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.22108.2/de-DE/
100 KB
16 KB
Script
General
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/de-DE/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a844c7e1662d261a31706cbe0bd5a1c9e8f37cd72cbae09ed84941f75a34e756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Jun 2022 23:09:34 GMT
x-azure-ref-originshield
0DnPYYgAAAABtUoMLCq6qTIPPcy09VJr8RlJBMjMxMDUwNDE3MDM1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d87c90a7d1b35b"
x-azure-ref
0G6zYYgAAAAAKiHxF1fH5T627OzJsvZZ2RlJBRURHRTEwMjIAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Thu, 21 Jul 2022 01:30:03 GMT
x-ua-compatible
IE=edge
v1
web.vortex.data.microsoft.com/collect/
0
0
Ping
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.authentication-microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

c.gif
c1.microsoft.com/
Redirect Chain
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=7CEE407C60874BA8B6CC6E1CEB7A95E4&RedC=c1.microsoft.com&MXFR=0C518D254B29621E25899CCD4F296419
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=7CEE407C60874BA8B6CC6E1CEB7A95E4&MUID=2AE84D40A40C68120AE45CA8A5676949
42 B
476 B
Image
General
Full URL
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=7CEE407C60874BA8B6CC6E1CEB7A95E4&MUID=2AE84D40A40C68120AE45CA8A5676949
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 01:30:03 GMT
last-modified
Wed, 13 Jul 2022 17:48:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"96611cd5e096d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 01:30:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D1615C1BFF9240C09F979FB1DC082D3C Ref B: FRAEDGE1408 Ref C: 2022-07-21T01:30:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=7CEE407C60874BA8B6CC6E1CEB7A95E4&MUID=2AE84D40A40C68120AE45CA8A5676949
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
t.gif
web.vortex.data.microsoft.com/collect/v1/
43 B
392 B
Image
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-21T01%3A30%3A03.888Z%27&appId=%27JS%3AMeControl%27&cV=%27v8XIg3dZErI47aJ9.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.authentication-microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=13&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22108.2%2Fde-DE%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%27b6698ab2-8343-491f-55b1-75577115e4c5%27&*market=%27de-DE%27&*customData=%27%7B%22computedDuration%22%3A16.199996948242188%2C%22perfDuration%22%3A13%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22office%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22de-DE%22%2C%22ptn%22%3A%22office%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.authentication-microsoft.com%2F%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 01:30:03 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
G2sg3dJm4U694VJTMptGzg.0
Content-Type
image/gif
Content-Length
43
Expires
0
ms.shared.analytics-3.1.11.gbl.min.js
js.monitor.azure.com/scripts/c/
80 KB
29 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a

Request headers

Referer
https://www.authentication-microsoft.com/
Origin
https://www.authentication-microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 01:30:03 GMT
content-encoding
br
x-ms-meta-jssdkver
3.1.11
last-modified
Wed, 02 Mar 2022 00:34:01 GMT
x-azure-ref-originshield
0KCfYYgAAAAACx8FuXUNuTJZUg5Isl8NuRlJBMjMxMDUwNDE3MDM5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
DIZ9SGzozvDW8TjfsqXTcw==
etag
0x8D9FBE45937B34A
x-azure-ref
0G6zYYgAAAACO1744ILgQRJF6IL695GnMRlJBRURHRTEwMTEAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
54bb29db-d01e-00a2-18d7-97d26c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19
v1
web.vortex.data.microsoft.com/collect/
0
0
Ping
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/de-DE/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.authentication-microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

/
browser.pipe.aria.microsoft.com/Collector/3.0/
0
440 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=ea6758984c4b43529f9929667d8d3198-c52d4a8b-47fe-4fdf-99b8-5f897ff4e33b-7365&client-time-epoch-millis=1658367004427&time-delta-to-apply-millis=158
Requested by
Host: res.cdn.office.net
URL: https://res.cdn.office.net/officehub/bundles/sharedscripts-c77f7edec8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.authentication-microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 21 Jul 2022 01:30:04 GMT
time-delta-millis
0
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/
202 B
656 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1658367005979&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.71.136 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a6bb5684e551664262544f637232d81e20a2bc294a585ad7d6d6396d2fde9027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.authentication-microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 21 Jul 2022 01:30:05 GMT
time-delta-millis
89
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.authentication-microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
202

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| isSessionStorageAvailable function| dismissBanner function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| isValidMsaUser function| isValidAadUser function| getAadData function| getMsaData function| getAadMsaData function| getAccount object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions boolean| enableConsoleLog boolean| msaFedEnabled function| $ function| jQuery object| StandaloneAriaLogger object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| __awaiter function| __generator object| HomePage object| awa string| behaviorKey object| DefaultSignInHandler object| el object| config string| signInUrl string| viewType object| myConfigOptions function| setShellOptions function| SendMeControlSignInEvent function| SetConsent object| shellOptions object| onShellReadyToLoad string| aadUserForgetUrlFormat function| clearStorage function| clearStorageWithExceptions object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| lazyImages number| lazyLoadAnimationId object| msCommonShell object| oneDS

17 Cookies

Domain/Path Name / Value
www.authentication-microsoft.com/ Name: OH.SID
Value: f0308f61-194f-4dd4-abe8-52f31b1d7936
www.authentication-microsoft.com/ Name: OH.DCAffinity
Value: OH-ncu
www.authentication-microsoft.com/ Name: OH.FLID
Value: 9078409a-fb3d-4486-9c16-b54603ae58e9
.authentication-microsoft.com/ Name: MUID
Value: 369FCD6DA1DF6B803F80DC85A0396A03
www.authentication-microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 6ffea76d-7bc9-4ce7-949b-186104ab26ff
www.authentication-microsoft.com/ Name: MicrosoftApplicationsTelemetryFirstLaunchTime
Value: 2022-07-21T01:30:02.422Z
.login.live.com/ Name: uaid
Value: 636a3ad6abd040e2b4b4bd2427a718fe
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1658367002&co=1
.microsoft.com/ Name: MC1
Value: GUID=2b964a784a6041519110858809714416&HASH=2b96&LV=202207&V=4&LU=1658367002994
.microsoft.com/ Name: MS0
Value: 552296b11458429aaa31ba626b8229a7
.c.bing.com/ Name: SRM_B
Value: 2AE84D40A40C68120AE45CA8A5676949
.c.bing.com/ Name: SRM_I
Value: 2AE84D40A40C68120AE45CA8A5676949
.c1.microsoft.com/ Name: SM
Value: C
.microsoft.com/ Name: MUID
Value: 2AE84D40A40C68120AE45CA8A5676949
.c1.microsoft.com/ Name: SRM_I
Value: 2AE84D40A40C68120AE45CA8A5676949
.c1.microsoft.com/ Name: ANONCHK
Value: 0
www.authentication-microsoft.com/ Name: MSFPC
Value: GUID=2b964a784a6041519110858809714416&HASH=2b96&LV=202207&V=4&LU=1658367002994

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
fonts.googleapis.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.authentication-microsoft.com
login.live.com
logincdn.msauth.net
maxcdn.bootstrapcdn.com
mem.gfx.ms
o365blog.com
res.cdn.office.net
statics-marketingsites-eus-ms-com.akamaized.net
web.vortex.data.microsoft.com
www.authentication-microsoft.com
www.google-analytics.com
www.microsoft.com
185.199.110.153
192.229.221.185
2.19.126.148
20.190.159.68
20.234.93.27
20.50.73.9
20.80.72.81
23.96.225.71
2606:4700::6812:acf
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:82f::200a
2a02:26f0:480:297::1e0f
2a02:26f0:480:29d::356e
2a02:26f0:6c00:2ae::356e
2a02:26f0:f7::5c7b:e0f8
51.105.71.136
027a19b2a6dbaf1ab44ff33b22cf99be3e3ec88ac2e6a384f749a1a4dc42380e
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
08519f444b9ff2eeb8db9228289568cbcb8bcc2da16ca3ed6b7969b780750207
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
16ee9e65eecb22edde02df0c0b971edf9d6f72b4b0401606eb8052cc39c446cb
1ab4ca69f623c941e816c65d6f16abfaf710b33dc34f74b28ec37f1a51f71221
1c5ddebccecacdff567eedde0759b63f30697908938a4e3d2d3be7e2620f58c9
207f50299063fbb1f3b17bc02663cc5e8fb3b385e8ea29919d1af13a7baa6247
210abf156015681112e87b90d80d22ac2fbbd2ca6767e4ab877befe4a56820b6
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
25a22f01d97ff4ddde37b0ba8b2d934cf8a88d5239bdd44e158776ca646b667a
2692ea91011efaebdb2e082f87c060b8707f323a19321cf3285929f61371d328
27d39bc160e49a2cc409d8622d7c88fe576e0cbc396d88edebb424029960d585
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2faed8a5b8611ced29bd53267d47173058b5a448b3ff65b0fdf2fdb047cbf0da
38ccec1fc395d0e037e0898297a0fecb652dfefab7f5fbd110d468757f0681f5
41549e3dfec24f162688b7ddc91605ed188cefd718a7619877386e2e902bfece
4841e535c487241e6780a25e0e2537d3c98af905e240e0d79bf35b8adfd26ede
4b50168cd38eaae902d0c0a404c2ae0e03979656d81d2cc6716a6b981b3662e3
4e1b1da7a21e6051f74370893d904c910272cf815f5188e528648ae0301f6008
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a
55ffa27bbc4b9029512f6b59058f6d1819954b47db4cc75d76496413260402fc
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
5eecee06d474645944c6c0f552679df4dd4f7cedf6482a9073b8cc1c598d34e3
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
63b42028e91d1d83644fa77954aeed3abd857ae2d1049b3ceedb8fe71b37e1aa
650373ab4c5721f19ae9fda797e685c28a3ea40915c9470e43df882374dfa6cc
65b47f3a49958be7f2f03cfca4b96c8ebe6e58d02d22205140dc2b355596b571
6be980c544f794717d08f61300e777bdae80c3c9def5d21572cb3b76baad9770
6f4e99ce5c1acb166eea29c55c990538b3e4a3bc79c66af29f9b39712ebe1759
71edbbdac41799addbc0f83b2286b4544e98215614a132708bcbd4f618cdcb80
819f0cd62ecd0c4b0200ec6454b0766be28a5bd830b49f4b3a34efaad041c262
81dd42197f137d54b0833fb24aab0c9a05ac07bd4aecec3f79ac281bbc46b64a
83062f16548b16267876a6b3e86d7321bc400a97d9766bb2f35c123b56e8a64f
9300c5d77122bc84923ec654e3ff94c0e49e7ce0a983da5f4ef46ffb1a76db21
95eb5487b47c248351106a847a2e665aeecb5b04da9c273e8e1e51c0a96dbe27
971f209bf1eda08fa1ce4381bc8dfe81702e8866e2e1e303991e3f6135808caa
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ede85d6c2139703e1a1dfa94105f6063607bc0f2f53cfb98d30daf90134bc51
a1373de8f39707667d63fef9e887d023283d24dafe3fbbb68a47742d997039e6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd
a6bb5684e551664262544f637232d81e20a2bc294a585ad7d6d6396d2fde9027
a7fd86ae31b712bbd8cc7108a0a0661ecf7c4eda429a36fde5c5c899cb81565b
a82c6e3878d9522fde6caa3a4daf0a049b7cec0cf979bc1cb5e14da19013f6e9
a844c7e1662d261a31706cbe0bd5a1c9e8f37cd72cbae09ed84941f75a34e756
ac4b438e505a63183038383398852daed193a9dbf391511d822d159841de0832
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
bd06ca7c8b4c13a43e52b863fc674efe97af33d0ae68063b4c19518eeabb775c
c41a0700fe51c75a3ed77460b8cdeba4d4cc86de24c0302a9b4e3b52ef2508b2
c8ad9c22eb148de817a1b86bcfc7ccef2151f798c0d8f26a7534ee0b9465ea34
ca321c1e1ca9b03c8fa8391108aade2a4807fe2c428cefde4b75903a06dcc373
cba02100db783c636faf54adb67f25189f5da41acb074ebaf9eb1006d226a12d
d6022483a43ae32ec56995126315b808b05735aa7508e8ade3b6c4c21a14f283
d77162038ea7d0bd11f0af0ab1dbd76a00b12456da33897c077d45bfbab6af15
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
d975a54bf52f400d4fc61667eb5e2580ef80a4ea4657ed01ca6a2628a85e6c86
d987b3af3d06482d5c5042d1a16afaa97451cd3f072428f78c38cd87d5469a63
dba7358b4506f14d0b7634193470a33531fc9da93cb3aee9031c7b30252f9723
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df62c7a1b123bee0a4f986dcab7b3af1b37fc4fd09895cf1cf6e56bce449be32
e124fe1b3a5e21095e4c0e828938c8467773b3eb0274b0d865146a3861622e10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
ead46caac003896735edae621ee4c3d439d82ca8d84f1a61cc81fab6aafb3174
eb4506c6341c8bed31416f698406b26cadf9773b1a70f65a6115bedf88960b02
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ee74532919b86d147a917a5c87d7b3002fff7f7287693c7d1908b9bcd6556f61
ef33e7882ea4e0a7fe5f666d736eea6fed5f7981fa7b7e3fa65fdeb6964786bb
f1b5151ec549d5a4850a6a1485e435c471dc24bfe069a1d887de60d7f6b810ad
f4bd80e92ce90b7824e08d7e54e2b73d4e71207fe21fd6066f388810ec458351
f5888af9e7759a8aaa8c11cbd5804debf7d84c758d95a06af791fc48e85ffd4f
f5e98e2373c741c7a3d6f1c3a4b114e3f0f022c41e24ee6ba022de985eac773b
f7eb4a6e059d1265c204a61a13c7c309304e5d2aa02962fa6627f6ede3da5096