urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
20.140.232.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://office365.us.admin-mcas-gov.us/
Effective URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On March 16 via automatic, source rescanner — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 24 HTTP transactions. The main IP is 20.140.232.135, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 9116.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 11th 2022. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.72.27.220 8075 (MICROSOFT...)
3 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2 40.66.16.194 8075 (MICROSOFT...)
2 20.140.232.135 8070 (MICROSOFT...)
9 152.199.4.44 15133 (EDGECAST)
1 20.190.151.9 8075 (MICROSOFT...)
1 2603:1036:302... 8075 (MICROSOFT...)
7 2600:1400:d:4... 20940 (AKAMAI-ASN1)
24 7
1    13.72.27.220 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
office365.us.admin-mcas-gov.us
3    2600:141b:13::17d7:827a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
2    40.66.16.194 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
office365.us
2    20.140.232.135 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
9    152.199.4.44 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.151.9 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    2603:1036:302:40e0::2 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com
7    2600:1400:d:49e::753 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
r4.res.office365.com
Apex Domain
Subdomains		 Transfer
9 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1271
197 KB
8 office365.com
outlook.office365.com — Cisco Umbrella Rank: 53
r4.res.office365.com — Cisco Umbrella Rank: 175
692 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 51333
44 KB
2 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 9116
100 KB
2 office365.us
office365.us — Cisco Umbrella Rank: 9030
6 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 76
1 admin-mcas-gov.us
office365.us.admin-mcas-gov.us
859 B
24 7
Domain Requested by
9 aadcdn.msftauth.net login.microsoftonline.us
aadcdn.msftauth.net
7 r4.res.office365.com outlook.office365.com
3 mcasproxy.azureedge.net office365.us.admin-mcas-gov.us
mcasproxy.azureedge.net
2 login.microsoftonline.us login.microsoftonline.us
2 office365.us 2 redirects
1 outlook.office365.com aadcdn.msftauth.net
1 login.live.com login.microsoftonline.us
1 office365.us.admin-mcas-gov.us
24 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.mcas-gov.us
Microsoft Azure TLS Issuing CA 06		 2021-12-22 -
2022-12-17		 a year crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2022-01-11 -
2023-01-11		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2021-05-13 -
2022-05-13		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-02-15 -
2023-02-15		 a year crt.sh
outlook.com
DigiCert Cloud Services CA-1		 2021-12-22 -
2022-12-22		 a year crt.sh
*.res.outlook.com
Microsoft RSA TLS CA 01		 2022-02-02 -
2023-02-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true
Frame ID: EF3A5D8E7861CF99AB0A59C3D4F7F23C
Requests: 14 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
Frame ID: 488E883EE0638003FF41D57BE5F74991
Requests: 2 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 38559DCFC00F74A053E38D17B9A751C0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Outlook

Page URL History Show full URLs

  1. https://office365.us.admin-mcas-gov.us/ Page URL
  2. https://office365.us/ HTTP 302
    https://office365.us/owa/ HTTP 302
    https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
  3. https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

24
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

1035 kB
Transfer

3701 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://office365.us.admin-mcas-gov.us/ Page URL
  2. https://office365.us/ HTTP 302
    https://office365.us/owa/ HTTP 302
    https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB Page URL
  3. https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://office365.us/ HTTP 302
  • https://office365.us/owa/ HTTP 302
  • https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
office365.us.admin-mcas-gov.us/ 		1 KB
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://office365.us.admin-mcas-gov.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.72.27.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
9d3c96bb023a614525d895791fd2680a7b24b082b0e6daaa3aedd6d126deb3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
openresty
date
Wed, 16 Mar 2022 22:47:38 GMT
x-mcas-request-id
b5916bb5328e335e0b6433226670fed3
cache-control
max-age=0, no-cache, no-store
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
x-mcas-upstream-time
n/a
x-mcas-processing-time
1
content-encoding
gzip
x-mcas-cache-status
MISS
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.11.33/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.11.33/js/session-context-store-helper.min.js
Requested by
Host: office365.us.admin-mcas-gov.us
URL: https://office365.us.admin-mcas-gov.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
769e376a16fa420b6ea5802aef3f2e2aaa37b7898eda4d9f5745eea336176c2e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://office365.us.admin-mcas-gov.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:39 GMT
last-modified
Thu, 03 Feb 2022 12:00:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
VbIsdsRwQ4Bhve/8+YswXw==
etag
0x8D9E70CC446914E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
33a8b6b0-e01e-0006-169b-2c3853000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30115241
x-ms-version
2009-09-19
content-length
5356
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.11.33/html/ Frame 488E 		281 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://office365.us.admin-mcas-gov.us/

Response headers

content-length
281
content-type
text/html
content-md5
vDuuGHIdcY/gQtnraxH9qw==
last-modified
Thu, 03 Feb 2022 12:00:25 GMT
etag
0x8D9E70CC3B532E9
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
8decfede-f01e-0012-415f-1afb37000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cache-control
public, max-age=28110035
date
Wed, 16 Mar 2022 22:47:39 GMT
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.11.33/js/ Frame 488E 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.11.33/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ba180f768ddbd3aa1ff075ffb8bb543c4c176c976b6f6fd2d3d2a7c64e1ea16c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.11.33/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:39 GMT
last-modified
Thu, 03 Feb 2022 12:00:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
8Oe/SXRVi/PhDQo93/MvWQ==
etag
0x8D9E70CC46031A8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
828382df-301e-0062-7629-1c88f3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=28306830
x-ms-version
2009-09-19
content-length
38378
authorize
login.microsoftonline.us/common/oauth2/
Redirect Chain
  • https://office365.us/?
  • https://office365.us/owa/
  • https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-00000000000...
149 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.232.135 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6fa09564d4bd86ce5423a30506d6df6c8547354d45ce01f900cece411d7fe3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://office365.us.admin-mcas-gov.us/

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
5bf029f4-7c16-4ae0-81b9-233af32e1800
x-ms-ests-server
2.1.12529.19 - BNO1 ProdSlices
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 16 Mar 2022 22:47:39 GMT
Content-Length
54359

Redirect headers

Content-Length
776
Content-Type
text/html; charset=utf-8
Location
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB
Server
Microsoft-IIS/10.0
request-id
dcf7efc9-9707-27b1-9753-8926b28272fb
X-CalculatedBETarget
BN1P110MB0940.NAMP110.PROD.OUTLOOK.COM
X-BackEndHttpStatus
302
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-RUM-Validated
1
X-Content-Type-Options
nosniff
X-BeSku
WCS5
X-OWA-DiagnosticsInfo
1;0;0
X-IIDs
0
X-BackEnd-Begin
2022-03-16T22:47:39.635
X-BackEnd-End
2022-03-16T22:47:39.635
X-DiagInfo
BN1P110MB0940
X-BEServer
BN1P110MB0940
X-UA-Compatible
IE=EmulateIE7
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Proxy-RoutingCorrectness
1
X-Proxy-BackendServerStatus
302
X-FirstHopCafeEFZ
SAT
X-FEServer
SN5P110CA0004
Date
Wed, 16 Mar 2022 22:47:39 GMT
Primary Request authorize
login.microsoftonline.us/common/oauth2/ 		185 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.232.135 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c5346dd4e87dc3237bc051d0662554f05ddae8170e0f88b75b2a8143f4d55c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control
on
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
6a6af525-8b54-4e32-925e-cc07768a1900
x-ms-ests-server
2.1.12529.19 - BNO1 ProdSlices
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 16 Mar 2022 22:47:39 GMT
Content-Length
45728
ConvergedLogin_PCore_SdrJFAkNJd_B8kX711WxRg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		373 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SdrJFAkNJd_B8kX711WxRg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7984) /
Resource Hash
ed64009f2b5d53ba00fa1d8702afaf7047849c5ac4e5f7baf1ac7c9818b929a4

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
content-md5
4XRp9wzO5b02KEKNPEKoDA==
age
1639391
x-cache
HIT
content-length
108954
x-ms-lease-status
unlocked
last-modified
Wed, 09 Feb 2022 17:32:36 GMT
server
ECAcc (nya/7984)
etag
0x8D9EBF229D95FBF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b91fa528-901e-0004-379e-2a3529000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.9 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
prefetch.aspx
outlook.office365.com/owa/ Frame 3855 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SdrJFAkNJd_B8kX711WxRg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:302:40e0::2 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
db47ed4041b856c5fb80bae6d22b91bf192af5fbe8f77bd23ded2fcfc3ce3f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/

Response headers

Cache-Control
private, no-store
Content-Length
1236
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
request-id
e396d2cb-253e-80ee-edf8-480aefffdcc0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Alt-Svc
h3=":443",h3-29=":443"
X-CalculatedFETarget
CY4PR01CU001.internal.outlook.com
X-BackEndHttpStatus
200 200
X-FEProxyInfo
CY4PR01CA0006.PROD.EXCHANGELABS.COM
X-CalculatedBETarget
CY4PR07MB3176.namprd07.prod.outlook.com
X-RUM-Validated
1
X-Content-Type-Options
nosniff
X-BeSku
Gen9
X-OWA-Version
15.20.5061.28
X-OWA-DiagnosticsInfo
1;0;0
X-IIDs
0
X-BackEnd-Begin
2022-03-16T22:47:40.369
X-BackEnd-End
2022-03-16T22:47:40.369
X-DiagInfo
CY4PR07MB3176
X-BEServer
CY4PR07MB3176
X-UA-Compatible
IE=EmulateIE7
X-Proxy-RoutingCorrectness
1
X-Proxy-BackendServerStatus
200
X-FEServer
CY4PR01CA0006 MN2PR07CA0015
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ"}],"include_subdomains":true}
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ
MNZ
Date
Wed, 16 Mar 2022 22:47:40 GMT
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79B9) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
content-md5
gQeGSiXz86BaUj7ZBvfbVQ==
age
7855305
x-cache
HIT
content-length
19946
x-ms-lease-status
unlocked
last-modified
Wed, 15 Dec 2021 19:03:11 GMT
server
ECAcc (nya/79B9)
etag
0x8D9BFFD8A59586D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1ea9943d-401e-000f-0716-f2e166000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_7m2giy7nkefhpjsjnukmza2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_7m2giy7nkefhpjsjnukmza2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foffice365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=dcf7efc9-9707-27b1-9753-8926b28272fb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14&state=DctBFoAgCABRzNdxSBAFPY6Zblt2_Vj82U0AgOgOF8gDpmJNSE1rV6nEVS57yPbIgtN0Y2lTsTF3zOteQkJlcgn-nun9RvoB&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C5B) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
content-md5
M64DfXqwlGaBtgpj75msbQ==
age
1639386
x-cache
HIT
content-length
13055
x-ms-lease-status
unlocked
last-modified
Tue, 08 Feb 2022 00:54:26 GMT
server
ECAcc (nya/1C5B)
etag
0x8D9EA9D8DF1E359
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6d88fb29-601e-001d-489e-2a5323000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_2a4182e4b053971e74a8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_2a4182e4b053971e74a8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SdrJFAkNJd_B8kX711WxRg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C20) /
Resource Hash
34bf3e7060a142c2f926d7052e3ce48cbb697649163590e4ec73493ff70b8139

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
content-md5
KTqlpp/umJx0ufW3DtQIzA==
age
3047595
x-cache
HIT
content-length
31979
x-ms-lease-status
unlocked
last-modified
Mon, 07 Feb 2022 19:42:32 GMT
server
ECAcc (nya/1C20)
etag
0x8D9EA71FB9AAB83
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0d1e4a6f-801e-002f-6ad0-1d9f37000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799B) /
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-md5
5YqvyYBhSpzXeWvqe16o8A==
age
22773751
x-cache
HIT
content-length
987
x-ms-lease-status
unlocked
last-modified
Fri, 27 Mar 2020 19:42:36 GMT
server
ECAcc (nya/799B)
etag
0x8D7D287001BC861
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3e4d9bd0-d01e-0000-7667-6ade85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
49_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6F) /
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-md5
eRaolOvefSnCzCmyZ/Epnw==
age
13350396
x-cache
HIT
content-length
17453
x-ms-lease-status
unlocked
last-modified
Fri, 27 Mar 2020 19:42:36 GMT
server
ECAcc (nya/1C6F)
etag
0x8D7D2870015D3DE
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8880bf85-101e-0044-7c1c-c0c98b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
53_8b36337037cff88c3df203bb73d58e41.png
aadcdn.msftauth.net/shared/1.0/content/images/applogos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D4) /
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-md5
izYzcDfP+Iw98gO7c9WOQQ==
age
19053017
x-cache
HIT
content-length
5139
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 03:12:17 GMT
server
ECAcc (nya/79D4)
etag
0x8D7AF695D6C58F2
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
fa21085e-a01e-0096-2e3e-8c7f29000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/797F) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
20554971
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (nya/797F)
etag
0x8D79A1B9F5E121A
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d8aa4904-c01e-000a-0a95-7ef4c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.5061.25/scripts/ Frame 3855 		648 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/scripts/boot.worldwide.0.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 21:02:07 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
179692
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799D) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
20803958
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (nya/799D)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e70e7384-401e-0083-6251-7cd5a0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.5061.25/scripts/ Frame 3855 		644 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/scripts/boot.worldwide.1.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c7bcfcd2305204dd3ded9a440c9a0a67b14f8d63224ed72795b23243d90a6771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 21:02:03 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
163086
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.5061.25/scripts/ Frame 3855 		647 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/scripts/boot.worldwide.2.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8533d0f21e61506e6a8e9517b63019a16b2af69805c6f2c86c02f6319e14de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:40 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 21:02:07 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
169702
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.5061.25/scripts/ Frame 3855 		645 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/scripts/boot.worldwide.3.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0928a2dbc5c2d273a98451dad73921cf89f0966e783010b83559629c8533ba60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 21:02:03 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
145619
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.5061.25/resources/images/0/ Frame 3855 		132 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/resources/images/0/sprite1.mouse.png
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:41 GMT
last-modified
Thu, 10 Mar 2022 21:11:59 GMT
server
AkamaiNetStorage
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
132
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.5061.25/resources/images/0/ Frame 3855 		994 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/resources/images/0/sprite1.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 21:11:59 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
288
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.5061.25/resources/styles/0/ Frame 3855 		227 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.5061.25/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:49e::753 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:47:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 21:12:24 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
44144

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pcustomizationloader_2a4182e4b053971e74a8

16 Cookies

Domain/Path Name / Value
office365.us/ Name: ClientId
Value: 51F71489312844EF888E172B19D70A68
office365.us/ Name: OIDC
Value: 1
office365.us/ Name: OpenIdConnect.nonce.v3.dVrTyKGf3rQgfKa0gXc6q8MCeEHc8Dkaa5Z3serGW5g
Value: 637830676596350153.7d07fa23-c76f-48c6-8119-2ebe30304c14
office365.us/ Name: X-OWA-RedirectHistory
Value: Ale6VTEByVxf-Z4H2gg
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: 001
login.microsoftonline.us/ Name: stsservicecookie
Value: estsusgov
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.AAAAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAgBXxJ9NxOLiQKGXj-vdb8BdX52B3o_fPPt1JEyxl4l0zHFnBJpt59TFh_Mxo2HGH-XZ6cd3Mn73S4yqK-iv28ck-BPYVloBxUgmx7H8XzYDf0BKbtr2RaqdGyAkjqGc2QwgAA
login.microsoftonline.us/ Name: fpc
Value: AjrH1sQUde9DqEh1bEiMbHaerOTJAQAAAAtgxNkOAAAA
.login.microsoftonline.us/ Name: esctx
Value: AQABAAAAAgBXxJ9NxOLiQKGXj-vdb8Bd8eNieetio5hOXCAwY1bo4Do3vo4tqEpUtBgKFvMcQu5RyvELIETpz8b7dRcR_gCbc0BOyBDsGIUPKRx686wVRGKwe49zwcK3gUEOQBmr_rpw5vo5rF6_wSUYcK2E8v0MisexX2rSSNoJV8tKiDP1ekL-KEdV0Z5sVvlJzdEccsAgAA
.login.live.com/ Name: uaid
Value: 919658bcfdd24c529902d4a89bee5038
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1647470860&co=1
.login.microsoftonline.us/ Name: brcap
Value: 0
outlook.office365.com/ Name: ClientId
Value: 5AF6FC81CD1348A8ABE9BB7C8724CE90
outlook.office365.com/ Name: OIDC
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
login.live.com
login.microsoftonline.us
mcasproxy.azureedge.net
office365.us
office365.us.admin-mcas-gov.us
outlook.office365.com
r4.res.office365.com
13.72.27.220
152.199.4.44
20.140.232.135
20.190.151.9
2600:1400:d:49e::753
2600:141b:13::17d7:827a
2603:1036:302:40e0::2
40.66.16.194
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0928a2dbc5c2d273a98451dad73921cf89f0966e783010b83559629c8533ba60
34bf3e7060a142c2f926d7052e3ce48cbb697649163590e4ec73493ff70b8139
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
5c5346dd4e87dc3237bc051d0662554f05ddae8170e0f88b75b2a8143f4d55c4
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
6fa09564d4bd86ce5423a30506d6df6c8547354d45ce01f900cece411d7fe3f5
769e376a16fa420b6ea5802aef3f2e2aaa37b7898eda4d9f5745eea336176c2e
8533d0f21e61506e6a8e9517b63019a16b2af69805c6f2c86c02f6319e14de5d
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9d3c96bb023a614525d895791fd2680a7b24b082b0e6daaa3aedd6d126deb3f4
ba180f768ddbd3aa1ff075ffb8bb543c4c176c976b6f6fd2d3d2a7c64e1ea16c
c7bcfcd2305204dd3ded9a440c9a0a67b14f8d63224ed72795b23243d90a6771
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
db47ed4041b856c5fb80bae6d22b91bf192af5fbe8f77bd23ded2fcfc3ce3f5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
ed64009f2b5d53ba00fa1d8702afaf7047849c5ac4e5f7baf1ac7c9818b929a4