urlscan.io logo urlscan.io
SecurityTrails logo

portal.office.com Open in urlscan Pro
2620:1ec:a92::156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://esofiuyrddfedd.xyz/cgi-bin/othtr.php
Effective URL: https://portal.office.com/servicestatus
Submission: On July 27 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 2620:1ec:a92::156, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal.office.com. The Cisco Umbrella rank of the primary domain is 4706.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on May 3rd 2022. Valid for: a year.
This is the only time portal.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 111.90.158.76 45839 (SHINJIRU-...)
8 2620:1ec:a92:... 8068 (MICROSOFT...)
14 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
22 2
Apex Domain
Subdomains		 Transfer
14 msocdn.com
prod.msocdn.com — Cisco Umbrella Rank: 15053
242 KB
8 office.com
portal.office.com — Cisco Umbrella Rank: 4706
30 KB
1 esofiuyrddfedd.xyz
esofiuyrddfedd.xyz
424 B
22 3
Domain Requested by
14 prod.msocdn.com portal.office.com
prod.msocdn.com
8 portal.office.com portal.office.com
prod.msocdn.com
1 esofiuyrddfedd.xyz 1 redirects
22 3

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
portal.office.com
DigiCert Cloud Services CA-1		 2022-05-03 -
2023-05-02		 a year crt.sh
*.msocdn.com
Microsoft Azure TLS Issuing CA 02		 2022-07-14 -
2023-07-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.office.com/servicestatus
Frame ID: 10ABB11843E9D5BE81F3AD7C84603940
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dienststatus

Page URL History Show full URLs

  1. https://esofiuyrddfedd.xyz/cgi-bin/othtr.php HTTP 302
    https://portal.office.com/servicestatus Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

272 kB
Transfer

844 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://esofiuyrddfedd.xyz/cgi-bin/othtr.php HTTP 302
    https://portal.office.com/servicestatus Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request servicestatus
portal.office.com/
Redirect Chain
  • https://esofiuyrddfedd.xyz/cgi-bin/othtr.php
  • https://portal.office.com/servicestatus
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
76027df738649b7f347e8a73131f6935070b524f12886dbb7f1af3e0d390eb94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
8792
content-type
text/html; charset=utf-8
date
Wed, 27 Jul 2022 12:21:47 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=63072000
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: BC1D5DCE8DCF44A294C7476E17464D88 Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:47Z
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 12:21:47 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://portal.office.com/servicestatus
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
embeddedfonts.css
prod.msocdn.com/2022.7.21.1/de-de/css/ 		2 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/css/embeddedfonts.css
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8999c55b80accf27366024ae9307140ef2f4103c2ccc01fa7aca01e2ebd5626d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86358
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838150, 1658859025, 1658861100, 1658893595
content-length
296
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:55:24 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:30 GMT
o365themedefault.css
prod.msocdn.com/2022.7.21.1/de-de/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/css/o365themedefault.css
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
65523
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658858985, 1658859067, 1658861100, 1658904726
content-length
1067
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 18:12:34 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 18:09:45 GMT
masterstyles15.css
prod.msocdn.com/2022.7.21.1/de-de/css/ 		91 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/css/masterstyles15.css
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b725bec76e0078ac3516790cc75d44399663bd4471b6fde1cf857b2af4792e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86358
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838150, 1658861100, 1658893595
content-length
25623
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:55:51 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:30 GMT
masterstyles15mvc.css
prod.msocdn.com/2022.7.21.1/de-de/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/css/masterstyles15mvc.css
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc5a8dffdb985886c5124b568646cf19e4718720ab8f9dd701b040423c323af5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86357
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838151, 1658859026, 1658861100, 1658893595
content-length
3232
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:55:54 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:31 GMT
bootstrap.min.css
prod.msocdn.com/2022.7.21.1/de-de/support/oss/bootstrap_3.0.2/css/ 		100 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/support/oss/bootstrap_3.0.2/css/bootstrap.min.css
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4db89a390d5366fa24d6f439c1aea9fe7f17386b4c38e0031f15876cb3b0c1e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
57374
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658867134, 1658899014, 1658905576, 1658905576
content-length
16984
x-ua-compatible
IE=Edge
last-modified
Sun, 17 Jul 2022 14:30:06 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 20:25:34 GMT
servicepulse.css
prod.msocdn.com/2022.7.21.1/de-de/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/css/servicepulse.css
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
784080871aabf43c7472d71be52f7c7557193fb5611d1a3e8ab80050bbf1cf0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
57374
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658867134, 1658905576
content-length
770
x-ua-compatible
IE=Edge
last-modified
Sun, 17 Jul 2022 14:30:09 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 20:25:34 GMT
msftlogo.png
portal.office.com/images/servicepulse/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.office.com/images/servicepulse/msftlogo.png
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3dd1e07183c9f15543c2ada00a5770c86b6cff2b00ec87e7fef0557848735c16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/servicestatus
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Tue, 19 Jul 2022 20:55:21 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-type
image/png
expires
Thu, 27 Jul 2023 12:21:48 GMT
cache-control
max-age=31536000, public
date
Wed, 27 Jul 2022 12:21:47 GMT
x-msedge-ref
Ref A: D6864B5819BF445F801D10E84F35FE28 Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
1441
x-ua-compatible
IE=Edge
microsoftajaxcombined.js
prod.msocdn.com/2022.7.21.1/de-de/jsc/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/jsc/microsoftajaxcombined.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e8859f136956ce2ae0c5330bf402a9cf673b6a5191e394232fa2cc6364c3c43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86355
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838153, 1658861100, 1658893596
content-length
56341
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:55:01 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:33 GMT
jquery-1_10_2_min.js
prod.msocdn.com/2022.7.21.1/de-de/js/jquery/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/js/jquery/jquery-1_10_2_min.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86358
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838150, 1658859025, 1658861100, 1658893595
content-length
33304
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:54:13 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:30 GMT
commoncontrolbundle.js
prod.msocdn.com/2022.7.21.1/de-de/jsc/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/jsc/commoncontrolbundle.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4b5f7a0bc620c6d49d3ef94aa1419569bd453116ee40c100a2685aebe2a2443f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86357
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838151, 1658859025, 1658864515, 1658893595
content-length
15176
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:54:02 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:31 GMT
headbundle.js
prod.msocdn.com/2022.7.21.1/de-de/jsc/ 		81 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/jsc/headbundle.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bed5ab2ecdc262ded93c4c8fe49f77e0b0512005662ab548a550f4854c45160
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
86356
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658838152, 1658859026, 1658861100, 1658893595
content-length
16676
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 19:30:46 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:22:32 GMT
angular.min.js
prod.msocdn.com/2022.7.21.1/de-de/support/oss/angular_1.3.0/ 		120 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/support/oss/angular_1.3.0/angular.min.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5674ed4e42c820aa1883db2f3e87a887d5107489577ab71f8a6f8a2161172066
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
57373
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658867135, 1658905576, 1658905576
content-length
44417
x-ua-compatible
IE=Edge
last-modified
Sun, 17 Jul 2022 14:30:06 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 20:25:35 GMT
servicepulse.js
prod.msocdn.com/2022.7.21.1/de-de/js/ 		500 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/js/servicepulse.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d3043db97f13467c45541621b5676e28643a318f0f96a5053c90ae72d93c5894
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
57374
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658867134, 1658905576, 1658905576
content-length
281
x-ua-compatible
IE=Edge
last-modified
Sun, 17 Jul 2022 14:30:10 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 20:25:34 GMT
instrument.js
prod.msocdn.com/2022.7.21.1/de-de/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/2022.7.21.1/de-de/js/instrument.js
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
15387fa8e875bdee67b20e163b1a7b90bc42e47da85e4e5326bf80f7e87fcc01
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
65478
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658859030, 1658859104, 1658896509, 1658905576
content-length
1428
x-ua-compatible
IE=Edge
last-modified
Mon, 25 Jul 2022 17:59:29 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Wed, 26 Jul 2023 18:10:30 GMT
segoeui-semilight-final.woff
prod.msocdn.com/de-de/css/webfonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod.msocdn.com/de-de/css/webfonts/segoeui-semilight-final.woff
Requested by
Host: prod.msocdn.com
URL: https://prod.msocdn.com/2022.7.21.1/de-de/css/embeddedfonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:29c::38f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prod.msocdn.com/2022.7.21.1/de-de/css/embeddedfonts.css
Origin
https://portal.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
862036
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache-start
1658062472, 1658062472, 1658113577
content-length
25664
x-ua-compatible
IE=Edge
last-modified
Mon, 11 Jul 2022 17:57:16 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
date
Wed, 27 Jul 2022 12:21:48 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
timing-allow-origin
*
expires
Mon, 17 Jul 2023 12:54:32 GMT
index
portal.office.com/api/servicestatus/ 		899 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.office.com/api/servicestatus/index
Requested by
Host: prod.msocdn.com
URL: https://prod.msocdn.com/2022.7.21.1/de-de/support/oss/angular_1.3.0/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
836cee6e209ca78375f81d7d3ee4c6f13a7c5bca3b082bb0bb37560cf45c31ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.office.com/servicestatus
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
expires
-1
cache-control
no-cache
x-ms-correlation-id
f6a9d6fe-03dc-499d-9b81-fcdee25248a4
x-msedge-ref
Ref A: 9D521BB16A1E41A187967694693AD11D Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
899
date
Wed, 27 Jul 2022 12:21:47 GMT
x-ua-compatible
IE=Edge
icon-alertoutline.png
portal.office.com/images/servicepulse/ 		539 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.office.com/images/servicepulse/icon-alertoutline.png
Requested by
Host: portal.office.com
URL: https://portal.office.com/servicestatus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
945b8a9d1fc9d3f0297595ffe13789ff37f3af4993c153379a091061d16e88e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/servicestatus
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Tue, 19 Jul 2022 20:55:24 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-type
image/png
expires
Thu, 27 Jul 2023 12:21:48 GMT
cache-control
max-age=31536000, public
date
Wed, 27 Jul 2022 12:21:47 GMT
x-msedge-ref
Ref A: 74C11A9275C44CBAA37D03EC414C35DB Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
539
x-ua-compatible
IE=Edge
pp.l
portal.office.com/ 		813 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.office.com/pp.l?CID=61914f41-c475-4d29-a884-9a3917b2ba1b&pageId=servicestatus&d={B:{S:%27L%27,LT:315,UT:-1,MT:248},A:{ET:-1,OT:2,DT:139,CT:179,RT:237,ST:239,MT:519,LT:586},C:{LT:1658924514119}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9397d5506d9bb44184a4bd44001382209441bd80d8c5fb4f3dffdb1f966b7995
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/servicestatus
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-type
text/html
expires
Wed, 27 Jul 2022 12:20:48 GMT
cache-control
private
date
Wed, 27 Jul 2022 12:21:47 GMT
x-msedge-ref
Ref A: 7740E92B70AD4987B6B03D68FD765C65 Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
813
x-ua-compatible
IE=Edge
icon-check.png
portal.office.com/images/servicepulse/ 		442 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.office.com/images/servicepulse/icon-check.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
812d976fb0cb581ea1b0e09a1c1c3d803f5dec1e490eabc6169b9652b0915e25
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/servicestatus
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Tue, 19 Jul 2022 20:55:35 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-type
image/png
expires
Thu, 27 Jul 2023 12:21:48 GMT
cache-control
max-age=31536000, public
date
Wed, 27 Jul 2022 12:21:47 GMT
x-msedge-ref
Ref A: 7967EAE74AB8401FBBF65482E5DDD3AB Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
442
x-ua-compatible
IE=Edge
banner_up.png
portal.office.com/images/ServicePulse/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.office.com/images/ServicePulse/banner_up.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2cc735c3c00cfeac791764b49e14a9306c013267e9dbdc77305c6a905fba010e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/servicestatus
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 19 Jul 2022 20:55:21 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
image/png
expires
Thu, 27 Jul 2023 12:21:48 GMT
cache-control
max-age=31536000, public
date
Wed, 27 Jul 2022 12:21:47 GMT
x-msedge-ref
Ref A: A5B00F7A9B7F45B6A06606CD7E2F73BA Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
15428
x-ua-compatible
IE=Edge
good.png
portal.office.com/images/servicepulse/ 		557 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.office.com/images/servicepulse/good.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7b3dd648df5a61cc893d6414a85cf449392747a8d4b348251f6a1d443f1f14fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.office.com/servicestatus
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
x-content-type-options
nosniff
last-modified
Tue, 19 Jul 2022 20:55:19 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-type
image/png
expires
Thu, 27 Jul 2023 12:21:48 GMT
cache-control
max-age=31536000, public
date
Wed, 27 Jul 2022 12:21:47 GMT
x-msedge-ref
Ref A: DC4D7EF3A3B44FEDBDEB42CACD020E23 Ref B: AMS04EDGE3012 Ref C: 2022-07-27T12:21:48Z
content-length
557
x-ua-compatible
IE=Edge

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| O365 function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| $common object| CommonToolkitScripts object| $AA object| Sys function| Type function| $removeHandler object| _events function| $find function| $ function| jQuery function| __extends function| oldShow object| Namespace object| Shared object| O365Tracking object| WebTracking object| Hyperlink function| PortalThemesHandler function| ApplyPlaceHolderBehaviour function| AutoFitFontSize function| ApplyAutoFontSizeBehaviour function| ApplyPolling function| getUserToken function| clearcache object| LocalizedMonths object| LocalizedDayNumbers object| LocalizedDays object| XmlHttpRequestService object| Microsoft object| _s function| HtmlEncode function| InsertHiddenFrame function| PrintMosa object| ClientLogService object| AjaxService object| ViewModel object| angular object| servicePulseApp

5 Cookies

Domain/Path Name / Value
esofiuyrddfedd.xyz/ Name: PHPSESSID
Value: 25dc4bbdaad75ac35eb5a4cab46daf43
portal.office.com/ Name: s.SessID
Value: 56278edc-3983-47c2-8a9a-12d247c6cdb2
portal.office.com/ Name: s.cachemap
Value: 20
portal.office.com/ Name: s.ImpressionId
Value: 61914f41-c475-4d29-a884-9a3917b2ba1b
portal.office.com/ Name: x-portal-routekey
Value: weu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

esofiuyrddfedd.xyz
portal.office.com
prod.msocdn.com
111.90.158.76
2620:1ec:a92::156
2a02:26f0:ea:29c::38f3
15387fa8e875bdee67b20e163b1a7b90bc42e47da85e4e5326bf80f7e87fcc01
1bed5ab2ecdc262ded93c4c8fe49f77e0b0512005662ab548a550f4854c45160
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
2cc735c3c00cfeac791764b49e14a9306c013267e9dbdc77305c6a905fba010e
2e8859f136956ce2ae0c5330bf402a9cf673b6a5191e394232fa2cc6364c3c43
3dd1e07183c9f15543c2ada00a5770c86b6cff2b00ec87e7fef0557848735c16
4b5f7a0bc620c6d49d3ef94aa1419569bd453116ee40c100a2685aebe2a2443f
4db89a390d5366fa24d6f439c1aea9fe7f17386b4c38e0031f15876cb3b0c1e0
5674ed4e42c820aa1883db2f3e87a887d5107489577ab71f8a6f8a2161172066
76027df738649b7f347e8a73131f6935070b524f12886dbb7f1af3e0d390eb94
784080871aabf43c7472d71be52f7c7557193fb5611d1a3e8ab80050bbf1cf0b
7b3dd648df5a61cc893d6414a85cf449392747a8d4b348251f6a1d443f1f14fc
812d976fb0cb581ea1b0e09a1c1c3d803f5dec1e490eabc6169b9652b0915e25
836cee6e209ca78375f81d7d3ee4c6f13a7c5bca3b082bb0bb37560cf45c31ff
8999c55b80accf27366024ae9307140ef2f4103c2ccc01fa7aca01e2ebd5626d
8b725bec76e0078ac3516790cc75d44399663bd4471b6fde1cf857b2af4792e5
9397d5506d9bb44184a4bd44001382209441bd80d8c5fb4f3dffdb1f966b7995
945b8a9d1fc9d3f0297595ffe13789ff37f3af4993c153379a091061d16e88e8
bc5a8dffdb985886c5124b568646cf19e4718720ab8f9dd701b040423c323af5
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
d3043db97f13467c45541621b5676e28643a318f0f96a5053c90ae72d93c5894
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c