login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net Open in urlscan Pro
3.104.62.117 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
Effective URL:
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%...
Submission: On July 07 via manual (July 7th 2020, 1:06:04 am UTC) from PH

Summary HTTP 27 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 27 HTTP transactions. The main IP is 3.104.62.117, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 6th 2020. Valid for: a year.

This is the only time login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
3 16	3.104.62.117 3.104.62.117	16509 (AMAZON-02) (AMAZON-02)
8	54.153.138.115 54.153.138.115	16509 (AMAZON-02) (AMAZON-02)
6	2.18.234.44 2.18.234.44	16625 (AKAMAI-AS) (AKAMAI-AS)
27	3

16 3.104.62.117 (Sydney, Australia) 3 redirects

ASN16509 (AMAZON-02, US)

login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.office.com.office.prodo365test.mvisionsup.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
outlook.office365.com.office.prodo365test.mvisionsup.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.153.138.115 (Sydney, Australia)

ASN16509 (AMAZON-02, US)

login.live.com.office.prodo365test.mvisionsup.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.44 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

blobs.officehome.msocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	myshn.net 3 redirects login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net www.office.com.office.prodo365test.mvisionsup.myshn.net login.live.com.office.prodo365test.mvisionsup.myshn.net aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net outlook.office365.com.office.prodo365test.mvisionsup.myshn.net r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net	985 KB
6	msocdn.com blobs.officehome.msocdn.com	272 KB
27	2

	Domain	Requested by
10	aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net	login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net
7	r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net	outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
6	blobs.officehome.msocdn.com	www.office.com.office.prodo365test.mvisionsup.myshn.net
3	login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net	2 redirects
2	www.office.com.office.prodo365test.mvisionsup.myshn.net	1 redirects aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net
1	outlook.office365.com.office.prodo365test.mvisionsup.myshn.net	www.office.com.office.prodo365test.mvisionsup.myshn.net
1	login.live.com.office.prodo365test.mvisionsup.myshn.net	login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
27	7

This site contains links to these domains. Also see Links.

Domain
login.live.com.office.prodo365test.mvisionsup.myshn.net
www.microsoft.com.office.prodo365test.mvisionsup.myshn.net
privacy.microsoft.com.office.prodo365test.mvisionsup.myshn.net

Subject Issuer	Validity	Valid
office.prodo365test.mvisionsup.myshn.net GlobalSign RSA OV SSL CA 2018	`2020-07-06` - `2021-07-07`	a year	crt.sh
*.officehome.msocdn.com Microsoft IT TLS CA 4	`2019-10-17` - `2021-10-17`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Frame ID: E713FEAC45B06C5FAFD02AC4E154A7DD
Requests: 12 HTTP requests in this frame

Frame: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Frame ID: C57E6325A4319F9A485B55BE942C1158
Requests: 7 HTTP requests in this frame

Frame: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
Frame ID: 52C1B4C1C048D842F331D0BBAFE345F5
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/ HTTP 302
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/ HTTP 302
https://www.office.com.office.prodo365test.mvisionsup.myshn.net/login HTTP 302
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redir... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

3
IPs

2
Countries

1253 kB
Transfer

3767 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com.office.prodo365test.mvisionsup.myshn.net/oauth20_authorize.srf?response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&scope=openid+profile+email+offline_access&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net%2fcommon%2ffederation%2foauth2&state=rQIIAYWSzWvTcACGm27tPg5zypCdpKAHcaT95bspeEibdv1KuqxJ0wQktEnapE2aNEmbrSePHgeChx09DvQgguJZUYaHnad_gHiQ6UXxZPUfEF7ew_Me32dzjcwSWZAF91aQLFK4g2M40aP6NEz3SAzGaQTAPRwlYYzASAwFiEEALLixuf2M_pS7vfGNOfl59f7th_n3U2hDc-y5mdU99wy6ZUWRHxZyuTiOs95gYOv_hpzTmxj2ZPgagi4g6AsEnSZT5gSW2mfJkMQolCbzgMJRgFEUIIgshyqxIkooJyoRh5Zx1QagxXbcpjgmOJmLOLFi8QsmVhZ6zLscUPe5hSqqjjqqRS2546ptAJYcb4qWo4rDSBVrR6q4JGzR5VnDuUxeazGzyEL_lhfYC_NHcmPgBa7me2F0uvIkGeJzfCprcd1VS4LCYzCQzGrksEVuWsEG5bGkyGOy0zEdJYhkXy93WRoeIn5g-PP6vod3D-zgqDEdlTVhIIOyTVUiNrRoIxhaoaMb9aCiIfX8cDYSqzXN5PudIjwJDuBiHxHy3XGPLOsRPm63WyUGF0qH1QEvtaR4VmVdcQZjcmsI3JpxSOpNqtpudIYzunQEz2O01hj3YOOY1YkmN2PbdsutCcc6ZdI9O98Hc0Po0zK935hPmwutHTG8IJVUV8Zncx-RLT3Oq6WyPmN1uG-pRnPkctqYG4WSBI5ERqmbbF14sZJenul6k_OVLc83J7aR8QNvYDvmxSr0dfXmeno7tZvIJO7ugFRhfX1ze2s3lUn8WoWeppbm7L76-PDd78_s4-cP9Jf5UuI8lVOcjr-nC4dMCW_6RNUauWG_uEBjstHtdmQFJSv8QRju7QEuvo8WkJM0dJJOn6ev11iNL4ttkeFZ5pBFNXCVhh6tJd5s_Me_y80dFKAABtQyGYAUAFHAUfUP0&estsfed=1&uaid=2fdb39ad092341ee90f7f0c7c4c876f1&signup=1&lw=1&fl=easi2&fci=4345a7b9-9a63-4910-a426-35363201d503&mkt=en-US
Title: Create one!

Search URL Search Domain Scan URL

URL: https://www.microsoft.com.office.prodo365test.mvisionsup.myshn.net/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com.office.prodo365test.mvisionsup.myshn.net/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/ HTTP 302
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/ HTTP 302
https://www.office.com.office.prodo365test.mvisionsup.myshn.net/login HTTP 302
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set authorize Show response
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/
Redirect Chain

http://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
https://www.office.com.office.prodo365test.mvisionsup.myshn.net/login
https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.pr...

180 KB
48 KB

674ms
674ms

Document
text/html

3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a605f87ecd8438c800880e99dbf80486bcffa177cb9cd7bb49de02ba0f9fda9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Tue, 07 Jul 2020 01:05:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 46929
Connection: keep-alive
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: buid=AQABAAEAAAAGV_bv21oQQ4ROqh0_1-tAr22wvDZDh9y4PyBgFEKTWPyPV3TXHfaAc58S-xVzmKLBGCBbMf8odnJ81BRNyPaqzk6v1X38q9OkrCbFarfQx_vsAshRIbz_9HjA0wbYe3QgAA; Expires=Thu, 06-Aug-2020 01:05:42 GMT; Path=/; Secure; HTTPOnly SameSite=None fpc=As2qAtygvzlKkuCD7qQvMEPsYIXWAQAAAGXBldYOAAAA; Expires=Thu, 06-Aug-2020 01:05:42 GMT; Path=/; Secure; HTTPOnly SameSite=None esctx=AQABAAAAAAAGV_bv21oQQ4ROqh0_1-tAiHxPypYG0jZWzsMuBa-ku4rqlUEMD9P3ofrI4mDz4iYAwD6OOywJ1TOe4x1CsfxUuYBYOIFaOqgpG5K-4fvAWgtaf1yMMeCpM9dNTLbwhtlZ3ycsV8znSr2d7sJZJgnO-zmBkD5vCD_3GWR9kHHMuPDYZmggmzh7t2Q0xiUuccogAA; Path=/; Domain=.login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net; Secure; HTTPOnly SameSite=None x-ms-gateway-slice=prod; Path=/ SameSite=None; Secure; HTTPOnly stsservicecookie=ests; Path=/ SameSite=None; Secure; HTTPOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
x-ms-clitelem: 1,0,0,,
x-ms-ests-server: 2.1.10761.16 - AUE1 ProdSlices
x-ms-request-id: 80ccb718-fac5-44dc-93ae-5d63b4384300
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31

Redirect headers

Server: nginx
Date: Tue, 07 Jul 2020 01:05:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 20
Connection: keep-alive
Content-Encoding: gzip
Location: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: OH.SID=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1; Path=/; Secure samesite=none; HTTPOnly OH.DCAffinity=OH-eau; Path=/; Secure samesite=none; HTTPOnly .AspNetCore.OpenIdConnect.Nonce._E-LbyXUExwgSjzIEMIWYm1MP5wPnoAD3QoEE4Da05DYKLB7xfToN4s7jRX99FpZZ_vgtJ3pkQz-2ENDYNc55gFiAS9hnftqiqzzr44JHQ2lnNZPTWevqVic_UBHk2Lzh3qSKkhfoQi-Yg4PDrkoqfzAIhBEE0hX4ZldLakiqmwgs33N8yb-lxcJWibi62vZ4YahO8Xn3gl1FYbOrDB2HMQjTRiLyBtZYVdvFKpRwcpM2xo3_3teHS5hgAYROnqY=N; Expires=Tue, 07 Jul 2020 01:20:42 GMT; Path=/; Secure samesite=none; HTTPOnly .AspNetCore.Correlation.OpenIdConnect.OylhhWHQyIpVzl-aJQChsq7SKfTqvvYsPthXjUDK9cs=N; Expires=Tue, 07 Jul 2020 01:20:42 GMT; Path=/; Secure samesite=none; HTTPOnly MUID=21D56BAC3960684902FF64AC38F0690C; Expires=Sun, 01-Aug-2021 01:05:42 GMT; Path=/; Domain=office.com.office.prodo365test.mvisionsup.myshn.net; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-MSEdge-Ref: Ref A: A3B625B515A54A2C96C315E28C5D87DA Ref B: SYD03EDGE0315 Ref C: 2020-07-07T01:05:42Z
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
X-UA-Compatible: IE=edge,chrome=1
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Me.htm
login.live.com.office.prodo365test.mvisionsup.myshn.net/ 0
0 1702ms
839ms Other
text/html 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com.office.prodo365test.mvisionsup.myshn.net/Me.htm?v=3
Requested by: Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
URL: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK ux.old.converged.login.pcore.min_kp-yzdrkctxa0mu6ju1u_q2.js Show response
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ 602 KB
153 KB 1361ms
401ms Script
application/x-javascript 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_kp-yzdrkctxa0mu6ju1u_q2.js
Requested by: Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
URL: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 26b8be444b08aff6839b839a90f84a92c94eda5a040bce6c181df6614cd4337b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
Origin: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:44 GMT
Content-Encoding: gzip
Content-MD5: OhWrWeq0cR55ZXJzRF7l3w==
Age: 2681806
X-Cache: HIT
Connection: keep-alive
Content-Length: 156183
x-ms-lease-status: unlocked
Last-Modified: Fri, 05 Jun 2020 06:18:12 GMT
Server: nginx
Etag: 0x8D809183978B5EE
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: a1a575c1-e01e-003f-0896-3b201f000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK Cookie set prefetch Show response
www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/ Frame C57E 1008 B
1 KB 339ms
337ms Document
text/html 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch

Requested by

Host: aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net
URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_kp-yzdrkctxa0mu6ju1u_q2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4ca90f626fa4047b228a29bcd47cdb407d964bb19a796881ab68fb409ef9ade2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: OH.SID=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1; samesite=none; OH.DCAffinity=OH-eau; .AspNetCore.OpenIdConnect.Nonce._E-LbyXUExwgSjzIEMIWYm1MP5wPnoAD3QoEE4Da05DYKLB7xfToN4s7jRX99FpZZ_vgtJ3pkQz-2ENDYNc55gFiAS9hnftqiqzzr44JHQ2lnNZPTWevqVic_UBHk2Lzh3qSKkhfoQi-Yg4PDrkoqfzAIhBEE0hX4ZldLakiqmwgs33N8yb-lxcJWibi62vZ4YahO8Xn3gl1FYbOrDB2HMQjTRiLyBtZYVdvFKpRwcpM2xo3_3teHS5hgAYROnqY=N; .AspNetCore.Correlation.OpenIdConnect.OylhhWHQyIpVzl-aJQChsq7SKfTqvvYsPthXjUDK9cs=N; MUID=21D56BAC3960684902FF64AC38F0690C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/

Response headers

Server: nginx
Date: Tue, 07 Jul 2020 01:05:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 401
Connection: keep-alive
Cache-Control: no-store,no-cache
Content-Encoding: gzip
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: SHN-VH-session=1700073a-1421-4bf5-a40d-1693216aca20|1594085746523; Path=/; Domain=.office.prodo365test.mvisionsup.myshn.net
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-MSEdge-Ref: Ref A: 608EA41F1514403497E9540DD8393313 Ref B: SYD03EDGE0315 Ref C: 2020-07-07T01:05:46Z
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
X-UA-Compatible: IE=edge,chrome=1
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ 4 KB
2 KB 1324ms
332ms Image
image/svg+xml 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: nzaLxFgP7ZB3dfMcaybWzw==
Age: 216035
X-Cache: HIT
Connection: keep-alive
Content-Length: 1435
x-ms-lease-status: unlocked
Last-Modified: Fri, 02 Nov 2018 20:25:22 GMT
Server: nginx
Etag: 0x8D64101507E84BD
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: d13279c2-801e-0029-0803-5279f6000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=604800
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ 915 B
1011 B 1325ms
333ms Image
image/svg+xml 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: HMwsHhNXdtrfirQDkzcqMA==
Age: 145572
X-Cache: HIT
Connection: keep-alive
Content-Length: 263
x-ms-lease-status: unlocked
Last-Modified: Fri, 02 Nov 2018 20:25:15 GMT
Server: nginx
Etag: 0x8D641014CC1CD9F
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 74ac4ee6-f01e-0070-4ca7-52e35e000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=604800
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ 915 B
1011 B 1368ms
299ms Image
image/svg+xml 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: /a3y/mpA+HRaVAiPACrsog==
Age: 369950
X-Cache: HIT
Connection: keep-alive
Content-Length: 263
x-ms-lease-status: unlocked
Last-Modified: Fri, 02 Nov 2018 20:25:14 GMT
Server: nginx
Etag: 0x8D641014C1EFD89
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 173ee3c0-001e-004e-5c9d-50e3c9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=604800
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK converged.v2.login.min_pgw2vnernam2rjvlxnx7mw2.css
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ 0
19 KB 1247ms
301ms Other
text/css 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_pgw2vnernam2rjvlxnx7mw2.css
Requested by: Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
URL: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: JVQUhIIjeiAIQnmB+QOqbg==
Age: 2342180
X-Cache: HIT
Connection: keep-alive
Content-Length: 18794
x-ms-lease-status: unlocked
Last-Modified: Mon, 08 Jun 2020 21:54:05 GMT
Server: nginx
Etag: 0x8D80BF67700C8A3
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 2534fa5b-001e-0048-36ad-3e0508000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK ux.converged.login.strings-en.min_calotga3gvkon1a05tdvqw2.js
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ 0
12 KB 1338ms
341ms Other
application/x-javascript 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_calotga3gvkon1a05tdvqw2.js
Requested by: Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
URL: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: 2pprj7pBck3fRACbp73EhA==
Age: 2681802
X-Cache: HIT
Connection: keep-alive
Content-Length: 11287
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Jun 2020 21:16:26 GMT
Server: nginx
Etag: 0x8D808CC8A9CB6B4
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 8e79168c-301e-009f-0a96-3ba60b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/backgrounds/ 2 KB
1 KB 1169ms
296ms Image
image/svg+xml 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by: Host: aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net
URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_kp-yzdrkctxa0mu6ju1u_q2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: DhdidjYrlCeaRJJRG/y9mA==
Age: 8224480
X-Cache: HIT
Connection: keep-alive
Content-Length: 673
x-ms-lease-status: unlocked
Last-Modified: Thu, 13 Feb 2020 02:09:09 GMT
Server: nginx
Etag: 0x8D7B029B6833F84
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: f024dbec-d01e-0043-482d-09d147000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ 900 B
1000 B 866ms
296ms Image
image/svg+xml 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Encoding: gzip
Content-MD5: GapJ5vNFgRzr6JUAPI/Pxw==
Age: 562451
X-Cache: HIT
Connection: keep-alive
Content-Length: 252
x-ms-lease-status: unlocked
Last-Modified: Fri, 02 Nov 2018 20:25:14 GMT
Server: nginx
Etag: 0x8D641014BCAFCCD
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 96adc191-e01e-005d-64dd-4eaf81000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=604800
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H2 200 polyfills-bundle-f1b483e65ab4c27c9b2d.js
blobs.officehome.msocdn.com/bundles/ Frame C57E 0
32 KB 69ms
19ms Other
application/x-javascript 2.18.234.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blobs.officehome.msocdn.com/bundles/polyfills-bundle-f1b483e65ab4c27c9b2d.js
Requested by: Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.44 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Jul 2020 01:05:46 GMT
content-encoding: gzip
x-cdn: 355948
content-md5: xcR5n+pMOgEqCVjn8GsH4A==
status: 200
x-cache-start: 1593727998, 1593739710
content-length: 31811
x-ms-lease-status: unlocked
last-modified: Mon, 15 Jun 2020 22:30:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8117BC451629A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6ebf70a-301e-00a1-60bd-50b977000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 sharedscripts-efe073ff3f.js
blobs.officehome.msocdn.com/bundles/ Frame C57E 0
15 KB 84ms
34ms Other
application/x-javascript 2.18.234.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blobs.officehome.msocdn.com/bundles/sharedscripts-efe073ff3f.js
Requested by: Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.44 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Jul 2020 01:05:46 GMT
content-encoding: gzip
content-md5: 7+Bz/z/DrO9bBDMi9KAO2g==
status: 200
x-cache-start: 1591140998
content-length: 14935
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jun 2020 03:00:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D806A11CD27D09
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8bd516ad-f01e-013b-3b36-3973e7000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 staticscripts-fe65105f5b.js
blobs.officehome.msocdn.com/bundles/ Frame C57E 0
5 KB 87ms
38ms Other
application/x-javascript 2.18.234.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blobs.officehome.msocdn.com/bundles/staticscripts-fe65105f5b.js
Requested by: Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.44 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Jul 2020 01:05:46 GMT
content-encoding: gzip
x-cdn: 344689
content-md5: /mUQX1v41beLBDIzePob4w==
status: 200
x-cache-start: 1593739257
content-length: 4429
x-ms-lease-status: unlocked
last-modified: Thu, 02 Jul 2020 22:29:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D81ED761BC8509
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2328d0d5-301e-0029-76d8-5001ae000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 app-bundle-ca125c5643707422d62c.js
blobs.officehome.msocdn.com/bundles/ Frame C57E 0
206 KB 88ms
39ms Other
application/x-javascript 2.18.234.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blobs.officehome.msocdn.com/bundles/app-bundle-ca125c5643707422d62c.js
Requested by: Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.44 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Jul 2020 01:05:46 GMT
content-encoding: gzip
x-cdn: 344689
content-md5: eKhvDSD2FwuO6zK0mc6fTQ==
status: 200
x-cache-start: 1593739257
content-length: 210397
x-ms-lease-status: unlocked
last-modified: Thu, 02 Jul 2020 22:29:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D81ED761FB9541
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ce0815b9-401e-0100-0cd8-5031b9000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 app-bundle-65766f137f511b61b74b.css
blobs.officehome.msocdn.com/bundles/ Frame C57E 0
13 KB 112ms
63ms Other
text/css 2.18.234.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blobs.officehome.msocdn.com/bundles/app-bundle-65766f137f511b61b74b.css
Requested by: Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.44 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Jul 2020 01:05:46 GMT
content-encoding: gzip
x-cdn: 344689
content-md5: GWvdqWL8vxf1F9ZoMymfGw==
status: 200
x-cache-start: 1593739257
content-length: 12478
x-ms-lease-status: unlocked
last-modified: Thu, 02 Jul 2020 22:29:18 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D81ED75C450F76
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ec1f5d1f-e01e-0009-38d8-506d62000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 header-default-desktop-652cc04392.svg
blobs.officehome.msocdn.com/images/content/images/fluent-background-sources/ Frame C57E 0
2 KB 112ms
63ms Other
image/svg+xml 2.18.234.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blobs.officehome.msocdn.com/images/content/images/fluent-background-sources/header-default-desktop-652cc04392.svg
Requested by: Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.44 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Jul 2020 01:05:46 GMT
content-encoding: gzip
content-md5: ZSzAQ5INxvBl0mlCRZzVdA==
status: 200
x-cache-start: 1581139645, 1586294557
content-length: 1403
x-ms-lease-status: unlocked
last-modified: Tue, 24 Sep 2019 20:19:50 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7412C8D872257
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4029251a-a01e-00a4-6a40-de4d08000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19
timing-allow-origin: *
x-ms-meta-cloudbuildid: c26d3444-9354-d941-cc81-c4d5dcbbad4e

GET
H/1.1 200
OK Cookie set prefetch.aspx Show response
outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/ Frame 52C1 3 KB
2 KB 1210ms
318ms Document
text/html 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Requested by

Host: www.office.com.office.prodo365test.mvisionsup.myshn.net
URL: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/prefetch/prefetch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

644ebe61a8423269f32b439c799a55085bf2154e88d0b0fecc2cd4db95ea5c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: SHN-VH-session=1700073a-1421-4bf5-a40d-1693216aca20|1594085746523
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.office.com.office.prodo365test.mvisionsup.myshn.net/

Response headers

Server: nginx
Date: Tue, 07 Jul 2020 01:05:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1055
Connection: keep-alive
Cache-Control: private, no-store
Content-Encoding: gzip
request-id: 2c9fbfec-dee8-4676-b443-66f6d9607e64
Set-Cookie: ClientId=97BA4F3C0E5A46A2A67A004DC4499625; Expires=Wed, 07-Jul-2021 01:05:47 GMT; Path=/ SameSite=None; Secure ClientId=97BA4F3C0E5A46A2A67A004DC4499625; Expires=Wed, 07-Jul-2021 01:05:47 GMT; Path=/ SameSite=None; Secure OIDC=1; Expires=Thu, 07-Jan-2021 01:05:47 GMT; Path=/ SameSite=None; Secure; HTTPOnly OWAPF=v:16.3744.0.2744821&l:mouse; Path=/
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-BackEnd-Begin: 2020-07-07T01:05:47.735
X-BackEnd-End: 2020-07-07T01:05:47.737
X-BackEndHttpStatus: 200
X-BEServer: SYCPR01MB3774
X-BeSku: WCS5
X-CalculatedBETarget: SYCPR01MB3774.ausprd01.prod.outlook.com
X-Content-Type-Options: nosniff
X-DiagInfo: SYCPR01MB3774
X-FEServer: SYBPR01CA0008
X-OWA-DiagnosticsInfo: 1;0;0
X-OWA-Version: 15.20.3153.29
X-Proxy-BackendServerStatus: 200
X-Proxy-RoutingCorrectness: 1
X-Robots-Tag: none
X-RUM-Validated: 1
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
X-UA-Compatible: IE=EmulateIE7

GET
H/1.1 200
OK boot.worldwide.0.mouse.js
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/ Frame 52C1 648 KB
176 KB 1375ms
418ms Stylesheet
application/x-javascript 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/boot.worldwide.0.mouse.js

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

30bc3ba126e91f95d7480a073785a1d477006db381f181da67d29644674ba142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 08:40:45 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 179729

GET
H/1.1 200
OK boot.worldwide.1.mouse.js
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/ Frame 52C1 644 KB
160 KB 394ms
394ms Stylesheet
application/x-javascript 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/boot.worldwide.1.mouse.js

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2c8d7452cec941a942d7edeed6ac7ccbf64492685c815611989a707a5b049101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 08:40:59 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 163132

GET
H/1.1 200
OK converged.v2.login.min_pgw2vnernam2rjvlxnx7mw2.css Show response
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ 99 KB
19 KB 1174ms
307ms Fetch
text/css 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_pgw2vnernam2rjvlxnx7mw2.css
Requested by: Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
URL: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a0e3abc59f8224331d57b56f1c0bf64c1f89f335f79ef0853a7955aa5e12f8e

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:52 GMT
Content-Encoding: gzip
Content-MD5: JVQUhIIjeiAIQnmB+QOqbg==
Age: 2342185
X-Cache: HIT
Connection: keep-alive
Content-Length: 18794
x-ms-lease-status: unlocked
Last-Modified: Mon, 08 Jun 2020 21:54:05 GMT
Server: nginx
Etag: 0x8D80BF67700C8A3
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 2534fa5b-001e-0048-36ad-3e0508000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK ux.converged.login.strings-en.min_calotga3gvkon1a05tdvqw2.js Show response
aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ 37 KB
12 KB 1166ms
298ms Fetch
application/x-javascript 3.104.62.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_calotga3gvkon1a05tdvqw2.js
Requested by: Host: login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
URL: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&redirect_uri=https%3A%2F%2Fwww.office.com.office.prodo365test.mvisionsup.myshn.net%2Flanding&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637296807420377055.M2YwYTU2MTYtM2E4Zi00ODVmLTk5MWMtMTFhNzAwYzcwNmM0ZGMzZTZlZjItOWVmZS00NmM4LThlZTgtZTIxZTNmMDBmNDdl&ui_locales=en-US&mkt=en-US&client-request-id=2fdb39ad-0923-41ee-90f7-f0c7c4c876f1&state=s4v4qW_wJmZCQYN3-0UeHtlDBMqF3fEkUYWk6VVelYrtWpcEXD9-g1prdpvJGo4XPirxKqjE_QfW0Ei7FtDsh9drghslcdJrF_1J8gujTHI_eNbVB-nrP-Bb1Q8Xka6Ect4kSSOCA4QCRHfNUOUwuHDmTu-3WOg0mIdR6cL7HSKVgu9Cx-vw2IKka-dyDc5LMuDSiOmIQyc7e9ai8b0vdQb9W9GKvqLz_StANQUCZmW4uvp1Whcw8ZCEcuDc-bhZdLjmM_kMjsUU0xTAYJeDJQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.5.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.104.62.117 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fcfe28e9fd8ae50e167c5420513085bdc9e084eb5fbd94e3434749f4b8d39f4b

Request headers

Referer: https://login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 07 Jul 2020 01:05:52 GMT
Content-Encoding: gzip
Content-MD5: 2pprj7pBck3fRACbp73EhA==
Age: 2681807
X-Cache: HIT
Connection: keep-alive
Content-Length: 11287
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Jun 2020 21:16:26 GMT
Server: nginx
Etag: 0x8D808CC8A9CB6B4
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 8e79168c-301e-009f-0a96-3ba60b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK boot.worldwide.2.mouse.js
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/ Frame 52C1 647 KB
167 KB 400ms
400ms Stylesheet
application/x-javascript 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/boot.worldwide.2.mouse.js

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ae115876c2d9faea72f3b423c8d3de5734584f5bcfe6910b6808cd55ca37905b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 08:40:46 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 170088

GET
H/1.1 200
OK boot.worldwide.3.mouse.js
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/ Frame 52C1 646 KB
143 KB 396ms
395ms Stylesheet
application/x-javascript 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/scripts/boot.worldwide.3.mouse.js

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b6f737fa50d343880bb80b21033a6b045476789076497d5f2fa6214c9af61953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 08:40:59 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 145878

GET
H/1.1 200
OK sprite1.mouse.png
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/resources/images/0/ Frame 52C1 16 KB
17 KB 303ms
302ms Stylesheet
image/png 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/resources/images/0/sprite1.mouse.png

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:54 GMT
Last-Modified: Sat, 13 Jun 2020 08:37:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 16664

GET
H/1.1 200
OK sprite1.mouse.css
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/resources/images/0/ Frame 52C1 7 KB
2 KB 303ms
302ms Stylesheet
text/css 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/resources/images/0/sprite1.mouse.css

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 08:37:40 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 1124

GET
H/1.1 200
OK boot.worldwide.mouse.css
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/resources/styles/0/ Frame 52C1 227 KB
44 KB 328ms
328ms Stylesheet
text/css 54.153.138.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prem/16.3744.0.2744821/resources/styles/0/boot.worldwide.mouse.css

Requested by

Host: outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
URL: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.153.138.115 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook.office365.com.office.prodo365test.mvisionsup.myshn.net/owa/prefetch.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 07 Jul 2020 01:05:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 08:39:09 GMT
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
X-SkyHigh-Version: BuildNumber=10, BuildDate=2020-05-20 11:31
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 44146

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/	1970-01-19 20:09:39	Name: brcap Value: 0
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/	1969-12-31 23:59:59	Name: stsservicecookie Value: ests
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: prod
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/	1970-01-19 11:31:15	Name: fpc Value: As2qAtygvzlKkuCD7qQvMEPsYIXWAQAAAGXBldYOAAAA
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/common/oauth2	1969-12-31 23:59:59	Name: SameSite Value: None
.login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAAGV_bv21oQQ4ROqh0_1-tAiHxPypYG0jZWzsMuBa-ku4rqlUEMD9P3ofrI4mDz4iYAwD6OOywJ1TOe4x1CsfxUuYBYOIFaOqgpG5K-4fvAWgtaf1yMMeCpM9dNTLbwhtlZ3ycsV8znSr2d7sJZJgnO-zmBkD5vCD_3GWR9kHHMuPDYZmggmzh7t2Q0xiUuccogAA
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net/	1970-01-19 11:31:15	Name: buid Value: AQABAAEAAAAGV_bv21oQQ4ROqh0_1-tAr22wvDZDh9y4PyBgFEKTWPyPV3TXHfaAc58S-xVzmKLBGCBbMf8odnJ81BRNyPaqzk6v1X38q9OkrCbFarfQx_vsAshRIbz_9HjA0wbYe3QgAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net.office.prodo365test.mvisionsup.myshn.net
blobs.officehome.msocdn.com
login.live.com.office.prodo365test.mvisionsup.myshn.net
login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net
outlook.office365.com.office.prodo365test.mvisionsup.myshn.net
r4.res.office365.com.office.prodo365test.mvisionsup.myshn.net
www.office.com.office.prodo365test.mvisionsup.myshn.net
2.18.234.44
3.104.62.117
54.153.138.115
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
26b8be444b08aff6839b839a90f84a92c94eda5a040bce6c181df6614cd4337b
2a0e3abc59f8224331d57b56f1c0bf64c1f89f335f79ef0853a7955aa5e12f8e
2c8d7452cec941a942d7edeed6ac7ccbf64492685c815611989a707a5b049101
30bc3ba126e91f95d7480a073785a1d477006db381f181da67d29644674ba142
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
4ca90f626fa4047b228a29bcd47cdb407d964bb19a796881ab68fb409ef9ade2
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942
644ebe61a8423269f32b439c799a55085bf2154e88d0b0fecc2cd4db95ea5c93
8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
a605f87ecd8438c800880e99dbf80486bcffa177cb9cd7bb49de02ba0f9fda9a
ae115876c2d9faea72f3b423c8d3de5734584f5bcfe6910b6808cd55ca37905b
b6f737fa50d343880bb80b21033a6b045476789076497d5f2fa6214c9af61953
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcfe28e9fd8ae50e167c5420513085bdc9e084eb5fbd94e3434749f4b8d39f4b

login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net Open in urlscan Pro 3.104.62.117 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

2 Domains

7 Subdomains

3 IPs

2 Countries

1253 kBTransfer

3767 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

login.microsoftonline.com.office.prodo365test.mvisionsup.myshn.net Open in urlscan Pro
3.104.62.117 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

3
IPs

2
Countries

1253 kB
Transfer

3767 kB
Size

7
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!