urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com.office.prod.marvell.myshn.net Open in urlscan Pro
52.52.9.238  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail
Effective URL: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On March 01 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 36 HTTP transactions. The main IP is 52.52.9.238, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is login.microsoftonline.com.office.prod.marvell.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 24th 2022. Valid for: a year.
This is the only time login.microsoftonline.com.office.prod.marvell.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 36 52.52.9.238 16509 (AMAZON-02)
2 54.183.76.102 16509 (AMAZON-02)
36 3
36    52.52.9.238 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-9-238.us-west-1.compute.amazonaws.com
outlook.office.com.office.prod.marvell.myshn.net
res.cdn.office.net.office.prod.marvell.myshn.net
browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net
login.microsoftonline.com.office.prod.marvell.myshn.net
static2.sharepointonline.com.office.prod.marvell.myshn.net
aadcdn.msauth.net.office.prod.marvell.myshn.net
outlook.office365.com.office.prod.marvell.myshn.net
2    54.183.76.102 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-76-102.us-west-1.compute.amazonaws.com
csp.microsoft.com.office.prod.marvell.myshn.net
login.live.com.office.prod.marvell.myshn.net
Domain Requested by
17 res.cdn.office.net.office.prod.marvell.myshn.net outlook.office.com.office.prod.marvell.myshn.net
9 aadcdn.msauth.net.office.prod.marvell.myshn.net login.microsoftonline.com.office.prod.marvell.myshn.net
aadcdn.msauth.net.office.prod.marvell.myshn.net
5 outlook.office.com.office.prod.marvell.myshn.net 3 redirects outlook.office.com.office.prod.marvell.myshn.net
2 login.microsoftonline.com.office.prod.marvell.myshn.net outlook.office.com.office.prod.marvell.myshn.net
login.microsoftonline.com.office.prod.marvell.myshn.net
1 outlook.office365.com.office.prod.marvell.myshn.net aadcdn.msauth.net.office.prod.marvell.myshn.net
1 login.live.com.office.prod.marvell.myshn.net login.microsoftonline.com.office.prod.marvell.myshn.net
1 static2.sharepointonline.com.office.prod.marvell.myshn.net
1 browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net outlook.office.com.office.prod.marvell.myshn.net
1 csp.microsoft.com.office.prod.marvell.myshn.net outlook.office.com.office.prod.marvell.myshn.net
0 r4.res.office365.com.office.prod.marvell.myshn.net Failed outlook.office365.com.office.prod.marvell.myshn.net
36 10
Subject Issuer Validity Valid
office.prod.marvell.myshn.net
GlobalSign RSA OV SSL CA 2018		 2022-02-24 -
2023-03-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true
Frame ID: D46871122912FABBC4B21AAD45AFAD09
Requests: 34 HTTP requests in this frame

Frame: https://outlook.office365.com.office.prod.marvell.myshn.net/owa/prefetch.aspx
Frame ID: B3826C21B503325F192ACFF3C51F9829
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Outlook anmelden

Page URL History Show full URLs

  1. https://outlook.office.com.office.prod.marvell.myshn.net/mail HTTP 301
    https://outlook.office.com.office.prod.marvell.myshn.net/mail/ Page URL
  2. https://outlook.office.com.office.prod.marvell.myshn.net/mail/?authRedirect=true&state=0 HTTP 302
    https://outlook.office.com.office.prod.marvell.myshn.net/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8 HTTP 302
    https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
  3. https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

36
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

10
Subdomains

3
IPs

1
Countries

1462 kB
Transfer

6440 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://outlook.office.com.office.prod.marvell.myshn.net/mail HTTP 301
    https://outlook.office.com.office.prod.marvell.myshn.net/mail/ Page URL
  2. https://outlook.office.com.office.prod.marvell.myshn.net/mail/?authRedirect=true&state=0 HTTP 302
    https://outlook.office.com.office.prod.marvell.myshn.net/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8 HTTP 302
    https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw Page URL
  3. https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://outlook.office.com.office.prod.marvell.myshn.net/mail HTTP 301
  • https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Request Chain 18
  • https://outlook.office.com.office.prod.marvell.myshn.net/mail/?authRedirect=true&state=0 HTTP 302
  • https://outlook.office.com.office.prod.marvell.myshn.net/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8 HTTP 302
  • https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
outlook.office.com.office.prod.marvell.myshn.net/mail/
Redirect Chain
  • https://outlook.office.com.office.prod.marvell.myshn.net/mail
  • https://outlook.office.com.office.prod.marvell.myshn.net/mail/
175 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
a5a168e5b37970bbf1ee3bd188942b10c6d4bea6968a57948f61830c232105da
Security Headers
Name Value
Content-Security-Policy default-src *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net swx.cdn.skype.com.office.prod.marvell.myshn.net 'self' *.prod.marvell.myshn.net; script-src 'nonce-k3nfDJxZFAQKVHuo8pMrcA==' *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net wss://*.delve.office.com.office.prod.marvell.myshn.net:443 shellprod.msocdn.com.office.prod.marvell.myshn.net amcdn.msauth.net.office.prod.marvell.myshn.net amcdn.msftauth.net.office.prod.marvell.myshn.net *.bing.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.skypeassets.com *.delve.office.com.office.prod.marvell.myshn.net *.cdn.office.net.office.prod.marvell.myshn.net static.teams.microsoft.com.office.prod.marvell.myshn.net *.googleapis.com teams.microsoft.com.office.prod.marvell.myshn.net shn--cdn--shn--forms.office.net.office.prod.marvell.myshn.net blob: 'report-sample' 'self' 'unsafe-inline' 'wasm-unsafe-eval' *.yammer.com.office.prod.marvell.myshn.net fabriciss.azureedge.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; style-src *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net shellprod.msocdn.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net fonts.googleapis.com *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com.office.prod.marvell.myshn.net 'unsafe-inline' *.prod.marvell.myshn.net; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net *.services.web.outlook.com login.live.com.office.prod.marvell.myshn.net spoprod-a.akamaihd.net shellprod.msocdn.com.office.prod.marvell.myshn.net *.bing.com.office.prod.marvell.myshn.net *.office.net.office.prod.marvell.myshn.net *.office.com.office.prod.marvell.myshn.net *.office365.com.office.prod.marvell.myshn.net *.officeapps.live.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com substrate.office.de *.office365-net.de *.office.de browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com.office.prod.marvell.myshn.net wss://*.augloop.office.com outlook.live.com.office.prod.marvell.myshn.net graph.microsoft.com.office.prod.marvell.myshn.net *.graph.microsoft.com graph.microsoft.de *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com.office.prod.marvell.myshn.net *.storage.msn.com asgsmsproxyapi.azurewebsites.net.office.prod.marvell.myshn.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms.office.prod.marvell.myshn.net nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com.office.prod.marvell.myshn.net *.sharepoint-df.com *.sharepoint.com.office.prod.marvell.myshn.net *.sharepoint.de wss://*.delve.office.com.office.prod.marvell.myshn.net:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com.office.prod.marvell.myshn.net *.loki.delve.office.com shn--web--shn--vortex--shn--data.microsoft.com.office.prod.marvell.myshn.net *shn----shn--events--shn--data.microsoft.com.office.prod.marvell.myshn.net *shn----shn--online.lync.com.office.prod.marvell.myshn.net *shn----shn--infra.lync.com.office.prod.marvell.myshn.net wss://*.cortana.ai *.cortana.ai fs.microsoft.com.office.prod.marvell.myshn.net 'self' login.microsoftonline.com.office.prod.marvell.myshn.net outlook.office365.com.office.prod.marvell.myshn.net teams.microsoft.com.office.prod.marvell.myshn.net *.teams.microsoft.com.office.prod.marvell.myshn.net *.yammer.com.office.prod.marvell.myshn.net *.svc.ms.office.prod.marvell.myshn.net *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com.office.prod.marvell.myshn.net wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com.office.prod.marvell.myshn.net wss://*.augloop-gcc.office.com aesir.office.com.office.prod.marvell.myshn.net r3.res.outlook.com.office.prod.marvell.myshn.net *.oscs.protection.outlook.com arc.msn.com.office.prod.marvell.myshn.net *.msedge.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; base-uri browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net 'self' *.prod.marvell.myshn.net; form-action *.officeapps.live.com.office.prod.marvell.myshn.net *.sharepoint-df.com *.sharepoint.com.office.prod.marvell.myshn.net *.sharepoint.de *.odwebp.svc.ms; object-src *.office.net.office.prod.marvell.myshn.net 'self' attachments.office.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; frame-ancestors 'self' teams.microsoft.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; font-src data: *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net spoprod-a.akamaihd.net *.skype.com.office.prod.marvell.myshn.net fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com.office.prod.marvell.myshn.net *.delve.office.com.office.prod.marvell.myshn.net fs.microsoft.com.office.prod.marvell.myshn.net 'self' *.yammer.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; media-src blob: *.res.office365.com.office.prod.marvell.myshn.net *.cdn.office.net.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.office.net.office.prod.marvell.myshn.net *.office365.net *.office365-net.de *.office365-net.us *.office.com.office.prod.marvell.myshn.net ssl.gstatic.com 'self' *.yammer.com.office.prod.marvell.myshn.net attachments.office.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; frame-src * data: mailto: blob:; manifest-src 'self' *.prod.marvell.myshn.net; worker-src 'self' blob: *.office.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; child-src 'self' blob: *.office.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; report-uri https://csp.microsoft.com.office.prod.marvell.myshn.net/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 01 Mar 2022 15:05:58 GMT
Content-Type
text/html
Content-Length
52468
Connection
keep-alive
Alt-Svc
h3=":443",h3-29=":443"
Cache-Control
no-cache
Content-Encoding
gzip
Content-Security-Policy
default-src *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net swx.cdn.skype.com.office.prod.marvell.myshn.net 'self' *.prod.marvell.myshn.net; script-src 'nonce-k3nfDJxZFAQKVHuo8pMrcA==' *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net wss://*.delve.office.com.office.prod.marvell.myshn.net:443 shellprod.msocdn.com.office.prod.marvell.myshn.net amcdn.msauth.net.office.prod.marvell.myshn.net amcdn.msftauth.net.office.prod.marvell.myshn.net *.bing.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.skypeassets.com *.delve.office.com.office.prod.marvell.myshn.net *.cdn.office.net.office.prod.marvell.myshn.net static.teams.microsoft.com.office.prod.marvell.myshn.net *.googleapis.com teams.microsoft.com.office.prod.marvell.myshn.net shn--cdn--shn--forms.office.net.office.prod.marvell.myshn.net blob: 'report-sample' 'self' 'unsafe-inline' 'wasm-unsafe-eval' *.yammer.com.office.prod.marvell.myshn.net fabriciss.azureedge.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; style-src *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net shellprod.msocdn.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net fonts.googleapis.com *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com.office.prod.marvell.myshn.net 'unsafe-inline' *.prod.marvell.myshn.net; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net *.services.web.outlook.com login.live.com.office.prod.marvell.myshn.net spoprod-a.akamaihd.net shellprod.msocdn.com.office.prod.marvell.myshn.net *.bing.com.office.prod.marvell.myshn.net *.office.net.office.prod.marvell.myshn.net *.office.com.office.prod.marvell.myshn.net *.office365.com.office.prod.marvell.myshn.net *.officeapps.live.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com substrate.office.de *.office365-net.de *.office.de browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com.office.prod.marvell.myshn.net wss://*.augloop.office.com outlook.live.com.office.prod.marvell.myshn.net graph.microsoft.com.office.prod.marvell.myshn.net *.graph.microsoft.com graph.microsoft.de *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com.office.prod.marvell.myshn.net *.storage.msn.com asgsmsproxyapi.azurewebsites.net.office.prod.marvell.myshn.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms.office.prod.marvell.myshn.net nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com.office.prod.marvell.myshn.net *.sharepoint-df.com *.sharepoint.com.office.prod.marvell.myshn.net *.sharepoint.de wss://*.delve.office.com.office.prod.marvell.myshn.net:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com.office.prod.marvell.myshn.net *.loki.delve.office.com shn--web--shn--vortex--shn--data.microsoft.com.office.prod.marvell.myshn.net *shn----shn--events--shn--data.microsoft.com.office.prod.marvell.myshn.net *shn----shn--online.lync.com.office.prod.marvell.myshn.net *shn----shn--infra.lync.com.office.prod.marvell.myshn.net wss://*.cortana.ai *.cortana.ai fs.microsoft.com.office.prod.marvell.myshn.net 'self' login.microsoftonline.com.office.prod.marvell.myshn.net outlook.office365.com.office.prod.marvell.myshn.net teams.microsoft.com.office.prod.marvell.myshn.net *.teams.microsoft.com.office.prod.marvell.myshn.net *.yammer.com.office.prod.marvell.myshn.net *.svc.ms.office.prod.marvell.myshn.net *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com.office.prod.marvell.myshn.net wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com.office.prod.marvell.myshn.net wss://*.augloop-gcc.office.com aesir.office.com.office.prod.marvell.myshn.net r3.res.outlook.com.office.prod.marvell.myshn.net *.oscs.protection.outlook.com arc.msn.com.office.prod.marvell.myshn.net *.msedge.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; base-uri browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net 'self' *.prod.marvell.myshn.net; form-action *.officeapps.live.com.office.prod.marvell.myshn.net *.sharepoint-df.com *.sharepoint.com.office.prod.marvell.myshn.net *.sharepoint.de *.odwebp.svc.ms; object-src *.office.net.office.prod.marvell.myshn.net 'self' attachments.office.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; frame-ancestors 'self' teams.microsoft.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; font-src data: *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net spoprod-a.akamaihd.net *.skype.com.office.prod.marvell.myshn.net fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com.office.prod.marvell.myshn.net *.delve.office.com.office.prod.marvell.myshn.net fs.microsoft.com.office.prod.marvell.myshn.net 'self' *.yammer.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; media-src blob: *.res.office365.com.office.prod.marvell.myshn.net *.cdn.office.net.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.office.net.office.prod.marvell.myshn.net *.office365.net *.office365-net.de *.office365-net.us *.office.com.office.prod.marvell.myshn.net ssl.gstatic.com 'self' *.yammer.com.office.prod.marvell.myshn.net attachments.office.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; frame-src * data: mailto: blob:; manifest-src 'self' *.prod.marvell.myshn.net; worker-src 'self' blob: *.office.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; child-src 'self' blob: *.office.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; report-uri https://csp.microsoft.com.office.prod.marvell.myshn.net/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Expires
-1
MS-CV
ikC54FDGCDAE01/XiAWaHw.1.1
Pragma
no-cache
Referrer-Policy
no-referrer
request-id
e0b9408a-c650-3008-04d3-5fd788059a1f
RUNTIME_MODEL
B2
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
x-app-name
Mail
X-BackEndHttpStatus
200 200
X-BEPartition
CLNAMPRD13CO203
X-BEServer
CO3PR13MB5784
x-besku
UNKNOWN
X-CalculatedBETarget
CO3PR13MB5784.NAMPRD13.PROD.OUTLOOK.COM
X-CalculatedFETarget
MW2PR16CU001.internal.outlook.com
X-Client-Version
20220218005.02
X-Clique
CLNAMPRD13CO203
X-FEProxyInfo
MW2PR16CA0005.NAMPRD16.PROD.OUTLOOK.COM
X-FEServer
MW2PR16CA0005 SJ0PR13CA0043
X-FirstHopCafeEFZ
SJC
X-Powered-By
ASP.NET
X-Proxy-BackendServerStatus
200
X-Proxy-RoutingCorrectness
1
X-Robots-Tag
none
X-RUM-Validated
1
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
x-web-server-version
22.2.22.1

Redirect headers

Server
nginx
Date
Tue, 01 Mar 2022 15:05:57 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache
Location
https://outlook.office.com.office.prod.marvell.myshn.net/mail/
MS-CV
4TiLFO7DnHAT/xIH0ua02A.0
Pragma
no-cache
request-id
148b38e1-c3ee-709c-13ff-1207d2e6b4d8
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-FEServer
SJ0PR13CA0050 SJ0PR13CA0050
X-Powered-By
ASP.NET
X-RequestId
a12f0dfc-bd43-4cdb-b4bd-d3d8b92b6ebc
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
OutlookWeb-Mail-PROD
csp.microsoft.com.office.prod.marvell.myshn.net/report/ 		2 B
477 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.microsoft.com.office.prod.marvell.myshn.net/report/OutlookWeb-Mail-PROD
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.183.76.102 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-76-102.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Tue, 01 Mar 2022 15:05:58 GMT
Server
nginx
X-Azure-Ref
0VjYeYgAAAADBkMXboB0TRrKA2OnYOHA8U0pDRURHRTAzMDgAODRiZmQzM2ItM2NiYy00YWQzLTk4NmMtMGRkZmI1NzljOGQ0
X-Cache
CONFIG_NOCACHE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
Content-Length
2
Request-Context
appId=cid-v1:5c791ad2-9c50-4271-a8a5-5c74d929f3ed
owa.0.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.0.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7d43dd2ba353579e6c4f49f6a1d5d5a5749c1dd4e6e0ec5043e79063dc0b6100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4577
Last-Modified
Wed, 23 Feb 2022 06:34:54 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
5e92f2d4-f01e-002a-19ca-2815d1000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.5.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.5.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d6cd86b0cd5086be5068a0bc62f663f52e2b54937f4cfda7d05c3d1c18b0ede6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
17045
Last-Modified
Wed, 23 Feb 2022 06:34:54 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
fff60ba6-701e-0056-06ca-283b2e000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.8.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.8.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9f8cf4a1078dc54bd99a9410758d6593f9f971bd67d15065ce67b76365355a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3730
Last-Modified
Wed, 23 Feb 2022 06:34:53 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
8e6e9508-d01e-0070-53c9-287336000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.16.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.16.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d31dfb7e34ce709f8d0bf6dbb88de41d55565138d7fa42a783e09646177d53e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9842
Last-Modified
Wed, 23 Feb 2022 06:34:32 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
ab655e2d-801e-0020-1bca-28b166000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.SharedBoot.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		1 MB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.SharedBoot.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ec42dd8af71c7c745ebff25cf2545ba8259211cf39df831152eaab1c5e76fa25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Azure-Ref-OriginShield
0E7UXYgAAAAD3OwUc+OWbQY2LwGBZSdLtU0pDRURHRTA1MjEAOTI2NTVlZWEtZTJjMy00ODJmLWFiMGUtNjVhYTU5YmZjMjk3
X-Cache
TCP_HIT
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Connection
keep-alive
Content-Length
409947
Timing-Allow-Origin
*
Last-Modified
Wed, 23 Feb 2022 06:34:50 GMT
Server
nginx
X-Azure-Ref
0VzYeYgAAAABsKXNxoYhMQ7w3BaXWWIdLU0pDRURHRTAzMTAAOTI2NTVlZWEtZTJjMy00ODJmLWFiMGUtNjVhYTU5YmZjMjk3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
82817b4d-301e-001a-749b-29ab1e000000
Access-Control-Expose-Headers
date
Cache-Control
public, max-age=31536000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
Access-Control-Allow-Headers
*
owa.1.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.1.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0d1ec49e2a1dab020ac61f8e852afafaa8af643864fbd243656bff6d66b21903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20723
Last-Modified
Wed, 23 Feb 2022 06:34:41 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
6ced639e-e01e-0019-15ca-284a7a000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.2.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.2.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39e8b266d83228c56bf6a041c5e6d9fe2535eeb05a5b065f18371ae29bc177e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
7383
Last-Modified
Wed, 23 Feb 2022 06:34:47 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
51089f96-e01e-006b-35c9-284d35000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.3.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.3.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1f0a55c3ae33721ab67cbbaf4df0a7485d6e18fe6d269a3df1b0d442d7211233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9430
Last-Modified
Wed, 23 Feb 2022 06:34:51 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
6ced63a7-e01e-0019-1eca-284a7a000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.4.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.4.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3d3133d541b74d15d6aba5af76e9ecdf7c2f4f349f4262f3c61c11c54cf8c356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4639
Last-Modified
Wed, 23 Feb 2022 06:34:49 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
5e92f2ec-f01e-002a-30ca-2815d1000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.MailBoot.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		2 MB
544 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.MailBoot.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
556469
Last-Modified
Wed, 23 Feb 2022 06:34:41 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
fff60bb7-701e-0056-17ca-283b2e000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.vendors~OfflineResolvers~ResolversWeb.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.vendors~OfflineResolvers~ResolversWeb.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2477b210b897ca623504779cdf1a83ff85920e9045e8944842139863a4471577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3934
Last-Modified
Wed, 23 Feb 2022 06:34:54 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
8ba1d58b-801e-0030-43c9-28740e000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.ResolversWeb.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.ResolversWeb.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ce8fb91c32f55f469ca0ae2a54c516d9565c5f8d2cee26eeb68b33a571c53293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
10172
Last-Modified
Wed, 23 Feb 2022 06:34:39 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
6a61f332-a01e-0045-10ca-281f22000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.LocalStateResolvers.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		313 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.LocalStateResolvers.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6139c9fa8e81fd8608efa3021159cc0cc46992425f2b5d93a20bb205cb9a2241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
222
Last-Modified
Wed, 23 Feb 2022 06:34:46 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
4d00854f-401e-002f-1fca-28c70a000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
startupdata.ashx
outlook.office.com.office.prod.marvell.myshn.net/owa/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outlook.office.com.office.prod.marvell.myshn.net/owa/startupdata.ashx?app=Mail&n=0
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-message-count
32
x-owa-sessionid
7aea5a3c-b108-429a-b2ae-489e55800acb
x-req-source
Mail
x-owa-canary
X-OWA-CANARY_cookie_is_null_or_empty
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
action
StartupData
Referer
x-owa-correlationid
4a576871-3158-949e-47aa-1d4f7496fb38
ms-cv
i0fEnmxrM5aM2pt06P81sV.0
x-js-experiment
5

Response headers

X-BEServer
MWHPR13MB1487
WWW-Authenticate
Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", authorization_uri="https://login.windows.net.office.prod.marvell.myshn.net/common/oauth2/authorize"
X-BackEndHttpStatus
401, 401
X-Proxy-BackendServerStatus
401
X-FEServer
MW4PR03CA0211, SJ0PR13CA0058
X-FEProxyInfo
MW4PR03CA0211.NAMPRD03.PROD.OUTLOOK.COM
Connection
keep-alive
request-id
02313a9e-4426-3f85-9fb5-b576422d0be1
X-OWA-DAG
NAMPR13DG093
X-CalculatedBETarget
MWHPR13MB1487.namprd13.prod.outlook.com
X-IIDs
0
X-FirstHopCafeEFZ
SJC
X-DiagInfo
MWHPR13MB1487
X-BeSku
Gen9
X-OWA-CorrelationId
4a576871-3158-949e-47aa-1d4f7496fb38
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Proxy-RoutingCorrectness
1
X-Robots-Tag
none
Date
Tue, 01 Mar 2022 15:05:58 GMT
X-Content-Type-Options
nosniff
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-OWA-Forest
namprd13.prod.outlook.com
X-CalculatedFETarget
MW4PR03CU008.internal.outlook.com
X-RUM-Validated
1
Alt-Svc
h3=":443",h3-29=":443"
Content-Length
0
X-BackEnd-Begin
2022-03-01T15:05:58.694
X-UA-Compatible
IE=EmulateIE7
Server
nginx
X-BackEnd-End
2022-03-01T15:05:58.694
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SJC"}],"include_subdomains":true}
X-OWA-DiagnosticsInfo
10;3;0
analytics-ping.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/resources/ 		34 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/resources/analytics-ping.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:05:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
54
Last-Modified
Wed, 23 Feb 2022 06:34:21 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
8ba1d84d-801e-0030-4ac9-28740e000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
/
browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net/Collector/3.0/ 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=3b1ea01450be48f29759d868931e225d-7167685b-f6ff-421c-aa64-8ae16fe92128-7283
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:06:00 GMT
Server
nginx
time-delta-millis
893
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
authorize
login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/
Redirect Chain
  • https://outlook.office.com.office.prod.marvell.myshn.net/mail/?authRedirect=true&state=0
  • https://outlook.office.com.office.prod.marvell.myshn.net/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8
  • https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marv...
150 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5882b71b025752dff31d48fba775d38fe922259252dd1d53fc55151f41d5fc92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://outlook.office.com.office.prod.marvell.myshn.net/mail/

Response headers

Server
nginx
Date
Tue, 01 Mar 2022 15:06:01 GMT
Content-Type
text/html; charset=utf-8
Content-Length
54436
Connection
keep-alive
Cache-Control
no-store, no-cache
Content-Encoding
gzip
Expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
x-ms-ests-server
2.1.12470.13 - EUS ProdSlices
x-ms-request-id
bdbaa829-c8be-4358-ae99-a7dfbec50301
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37

Redirect headers

Server
nginx
Date
Tue, 01 Mar 2022 15:06:00 GMT
Content-Type
text/html; charset=utf-8
Content-Length
929
Connection
keep-alive
Alt-Svc
h3=":443",h3-29=":443"
Location
https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SJC"}],"include_subdomains":true}
request-id
c68e9444-0140-41f6-a417-39c771129c2b
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BackEnd-Begin
2022-03-01T15:06:00.648
X-BackEnd-End
2022-03-01T15:06:00.648
X-BackEndHttpStatus
302 302
X-BEServer
DM6PR13MB3868
X-BeSku
WCS6
X-CalculatedBETarget
DM6PR13MB3868.namprd13.prod.outlook.com
X-CalculatedFETarget
DS7PR03CU001.internal.outlook.com
X-Content-Type-Options
nosniff
X-DiagInfo
DM6PR13MB3868
X-FEProxyInfo
DS7PR03CA0009.NAMPRD03.PROD.OUTLOOK.COM
X-FEServer
DS7PR03CA0009 SJ0PR13CA0058
X-FirstHopCafeEFZ
SJC
X-IIDs
0
X-OWA-DiagnosticsInfo
1;0;0
X-Proxy-BackendServerStatus
302
X-Proxy-RoutingCorrectness
1
X-Robots-Tag
none
X-RUM-Validated
1
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-UA-Compatible
IE=EmulateIE7
owa.41.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.41.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:06:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4284
Last-Modified
Wed, 23 Feb 2022 06:34:18 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
fff60db0-701e-0056-79ca-283b2e000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
owa.vendors~MailRoutes.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.vendors~MailRoutes.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:06:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Azure-Ref-OriginShield
07DgZYgAAAAAA4Udp7ituQ7P8z/guKRpDU0pDRURHRTA1MjEAOTI2NTVlZWEtZTJjMy00ODJmLWFiMGUtNjVhYTU5YmZjMjk3
X-Cache
TCP_HIT
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Connection
keep-alive
Content-Length
5962
Timing-Allow-Origin
*
Last-Modified
Wed, 23 Feb 2022 06:34:32 GMT
Server
nginx
X-Azure-Ref
0WDYeYgAAAAC1sYcLUVcCRId0tMe/soreU0pDRURHRTAzMTAAOTI2NTVlZWEtZTJjMy00ODJmLWFiMGUtNjVhYTU5YmZjMjk3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
a87371b3-701e-0024-28ed-293c61000000
Access-Control-Expose-Headers
date
Cache-Control
public, max-age=31536000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
Access-Control-Allow-Headers
*
owa.MailRibbon.js
res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/ 		2 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net.office.prod.marvell.myshn.net/owamail/20220218005.02/scripts/owa.MailRibbon.js
Requested by
Host: outlook.office.com.office.prod.marvell.myshn.net
URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 15:06:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
831184
Last-Modified
Wed, 23 Feb 2022 06:34:26 GMT
Server
nginx
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
a8be7341-901e-0061-31ca-28e982000000
Access-Control-Expose-Headers
date
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Timing-Allow-Origin
*
segoeui-regular.woff2
static2.sharepointonline.com.office.prod.marvell.myshn.net/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com.office.prod.marvell.myshn.net/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://outlook.office.com.office.prod.marvell.myshn.net/
Origin
https://outlook.office.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:01 GMT
Connection
keep-alive
Content-Length
36344
x-ms-lease-status
unlocked
Last-Modified
Mon, 22 Jun 2020 16:25:01 GMT
Server
nginx
ETag
0x8D816C8CFFC1B0C
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-ms-request-id
5810dda7-001e-014b-58ac-72917c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=10755878
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
Primary Request authorize
login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/ 		196 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true
Requested by
Host: login.microsoftonline.com.office.prod.marvell.myshn.net
URL: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64b0054f15ed558fb011442e9a6e9e8aea403d224cbbb84221d2b6aa7de4d913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw

Response headers

Server
nginx
Date
Tue, 01 Mar 2022 15:06:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
50560
Connection
keep-alive
Cache-Control
no-store, no-cache
Content-Encoding
gzip
Expires
-1
Link
<https://aadcdn.msauth.net.office.prod.marvell.myshn.net>; rel=preconnect; crossorigin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
x-ms-ests-server
2.1.12470.13 - NCUS ProdSlices
x-ms-request-id
8cc200ec-7d7b-46c1-a211-ad263639be00
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
Me.htm
login.live.com.office.prod.marvell.myshn.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com.office.prod.marvell.myshn.net/Me.htm?v=3
Requested by
Host: login.microsoftonline.com.office.prod.marvell.myshn.net
URL: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.183.76.102 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-76-102.us-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ConvergedLogin_PCore_DzSOUEvrcCbogVJQe7hGlg2.js
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/js/ 		371 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_DzSOUEvrcCbogVJQe7hGlg2.js
Requested by
Host: login.microsoftonline.com.office.prod.marvell.myshn.net
URL: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f5985411c9f65ff538947070babf324e064b5a8607b22475a3f39f6f5e95258

Request headers

Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
Origin
https://login.microsoftonline.com.office.prod.marvell.myshn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:03 GMT
Content-Encoding
gzip
Content-MD5
sHgLuRF09PC+korVPyQIsQ==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
108398
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Dec 2021 18:31:34 GMT
Server
nginx
ETag
0x8D9C18B7440C621
X-Azure-Ref
0WzYeYgAAAAAjGMKPn/CiQKrMPFZWk7KlU0pDRURHRTA1MTUAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
f98cb296-d01e-002a-23de-2aa855000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
prefetch.aspx
outlook.office365.com.office.prod.marvell.myshn.net/owa/ Frame B382 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com.office.prod.marvell.myshn.net/owa/prefetch.aspx
Requested by
Host: aadcdn.msauth.net.office.prod.marvell.myshn.net
URL: https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_DzSOUEvrcCbogVJQe7hGlg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
033db18c4bad08e61e1bca96bc01ca880575e0395b7dc4a3caab445cf06ab962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/

Response headers

Server
nginx
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1043
Connection
keep-alive
Alt-Svc
h3=":443",h3-29=":443"
Cache-Control
private, no-store
Content-Encoding
gzip
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SJC"}],"include_subdomains":true}
request-id
7300d2b2-5f37-2cb6-fecb-5f6c37762ceb
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-BackEnd-Begin
2022-03-01T15:06:04.297
X-BackEnd-End
2022-03-01T15:06:04.297
X-BackEndHttpStatus
200 200
X-BEServer
BN6PR05MB2977
X-BeSku
Gen9
X-CalculatedBETarget
BN6PR05MB2977.namprd05.prod.outlook.com
X-CalculatedFETarget
BN9PR03CU032.internal.outlook.com
X-Content-Type-Options
nosniff
X-DiagInfo
BN6PR05MB2977
X-FEProxyInfo
BN9PR03CA0918.NAMPRD03.PROD.OUTLOOK.COM
X-FEServer
BN9PR03CA0918 SJ0PR05CA0201
X-FirstHopCafeEFZ
SJC
X-IIDs
0
X-OWA-DiagnosticsInfo
2;0;0
X-OWA-Version
15.20.5038.14
X-Proxy-BackendServerStatus
200
X-Proxy-RoutingCorrectness
1
X-Robots-Tag
none
X-RUM-Validated
1
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-UA-Compatible
IE=EmulateIE7
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net.office.prod.marvell.myshn.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
Requested by
Host: login.microsoftonline.com.office.prod.marvell.myshn.net
URL: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0yDkdYgAAAABvS2hMVuHQR5Qife2930fjU0pDRURHRTA1MTMAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-MD5
gQeGSiXz86BaUj7ZBvfbVQ==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
19946
x-ms-lease-status
unlocked
Last-Modified
Wed, 15 Dec 2021 19:03:05 GMT
Server
nginx
ETag
0x8D9BFFD86C8E13C
X-Azure-Ref
0XDYeYgAAAACM0TKnDRbmQIZdp959FXf2U0pDRURHRTAzMTkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
e026fccb-301e-0034-75cb-29ba6a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
ux.converged.login.strings-de.min_gsymqmfnae1zxws3kgirua2.js
aadcdn.msauth.net.office.prod.marvell.myshn.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_gsymqmfnae1zxws3kgirua2.js
Requested by
Host: login.microsoftonline.com.office.prod.marvell.myshn.net
URL: https://login.microsoftonline.com.office.prod.marvell.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com.office.prod.marvell.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=c68e9444-0140-41f6-a417-39c771129c2b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439&state=FYuxDoIwFABb_Re3SmlL2zcQB41hwAVNNGztoyQSCQYajH9vHe6mO0oI2SY2CcqTiNHS2NwoCZprZbUyfO9AYY-5YBKxZ6orCgZgHLMIUtrA_zVN7ymbPi47LNHFUOa7OXTPOWC8TaWrGo7VRddfWLtHs3gBcz3C2I6vob0Wgxd89ffz2x_tDw&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0FyYYYgAAAABTkZciYRxYSpxo99cNiMuTU0pDRURHRTA1MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-MD5
EoH+tvE2PLC2BPMV/FMzow==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
14132
x-ms-lease-status
unlocked
Last-Modified
Thu, 23 Dec 2021 17:59:33 GMT
Server
nginx
ETag
0x8D9C63DF9CB2A6F
X-Azure-Ref
0XDYeYgAAAACdzufOtR0VR56zuv/qMAdKU0pDRURHRTAzMDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
754d6eac-e01e-0075-64d8-294279000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
convergedlogin_pcustomizationloader_2d5349c802e39db6c134.js
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_2d5349c802e39db6c134.js
Requested by
Host: aadcdn.msauth.net.office.prod.marvell.myshn.net
URL: https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_DzSOUEvrcCbogVJQe7hGlg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
91ee570b46cc3a74af78e56591dbd2d0ed5d147ea0d80ae50c65b77e063b4c53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0nD0dYgAAAABaWvzd1maeQLgOH8cXFu4JU0pDRURHRTA1MTcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-MD5
02E9UTXquD+8OqpVDVhtxA==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
31952
x-ms-lease-status
unlocked
Last-Modified
Sat, 04 Dec 2021 01:51:54 GMT
Server
nginx
ETag
0x8D9B6C8A6246A36
X-Azure-Ref
0XDYeYgAAAAB1HHIZJ8HoSLp+AAPmXZnSU0pDRURHRTAzMTkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
2819d7cf-701e-0020-27e9-2ca640000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/appbackgrounds/ 		987 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
X-Azure-Ref-OriginShield
0BjkdYgAAAABaNvVRyXPDQI9HDCM+kEWwU0pDRURHRTA1MjEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-MD5
5YqvyYBhSpzXeWvqe16o8A==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
987
x-ms-lease-status
unlocked
Last-Modified
Fri, 27 Mar 2020 19:41:47 GMT
Server
nginx
ETag
0x8D7D286E322A911
X-Azure-Ref
0XDYeYgAAAACgfPUEE7foT7Vco0zPnESsU0pDRURHRTAzMDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
c82bcf35-f01e-0038-521a-2a4e73000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
49_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/appbackgrounds/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-MD5
eRaolOvefSnCzCmyZ/Epnw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
17453
x-ms-lease-status
unlocked
Last-Modified
Fri, 27 Mar 2020 19:41:47 GMT
Server
nginx
ETag
0x8D7D286E30A1202
X-Azure-Ref
0XDYeYgAAAAATAQLdMhRrQ7ApLSvq4cgAU0pDRURHRTA1MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
f98da4be-d01e-002a-29df-2aa855000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
53_8b36337037cff88c3df203bb73d58e41.png
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/applogos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
X-Azure-Ref-OriginShield
0KzkdYgAAAAAOip1TXIt0RqCWZA02IBecU0pDRURHRTA1MTMAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-MD5
izYzcDfP+Iw98gO7c9WOQQ==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
5139
x-ms-lease-status
unlocked
Last-Modified
Wed, 12 Feb 2020 03:12:12 GMT
Server
nginx
ETag
0x8D7AF695A8C44DC
X-Azure-Ref
0XDYeYgAAAAD2r96yXs4fQKSYXPQK+U8tU0pDRURHRTAzMTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
8ba251cf-e01e-0059-25a2-2a2753000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0zjkdYgAAAABoB6Xb5qnKQok/uJKIPnspU0pDRURHRTA1MDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
Server
nginx
ETag
0x8D79B8373CB2849
X-Azure-Ref
0XDYeYgAAAAC0iveXJ7VMQ53dElrvkE0KU0pDRURHRTAzMTkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
252a03cd-001e-0047-7ad0-29356c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.prod.marvell.myshn.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.52.9.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com.office.prod.marvell.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 01 Mar 2022 15:06:04 GMT
Content-Encoding
gzip
Content-MD5
R2FAVxfpONfnQAuxVxXbHg==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
621
x-ms-lease-status
unlocked
Last-Modified
Tue, 10 Nov 2020 03:41:24 GMT
Server
nginx
ETag
0x8D8852A7FA6B761
X-Azure-Ref
0XDYeYgAAAACDgJIQ9H+0S6ZnFBy+YOrXU0pDRURHRTA1MDgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
a3554760-901e-006a-58ad-297b44000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=19, BuildDate=2022-01-03 10:37
X-Robots-Tag
none
boot.worldwide.0.mouse.js
r4.res.office365.com.office.prod.marvell.myshn.net/owa/prem/15.20.5038.10/scripts/ Frame B382 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r4.res.office365.com.office.prod.marvell.myshn.net
URL
https://r4.res.office365.com.office.prod.marvell.myshn.net/owa/prem/15.20.5038.10/scripts/boot.worldwide.0.mouse.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp

15 Cookies

Domain/Path Name / Value
outlook.office.com.office.prod.marvell.myshn.net/ Name: ClientId
Value: F049760B85ED4B3EBA42877A4C331FFD
outlook.office.com.office.prod.marvell.myshn.net/ Name: OIDC
Value: 1
.office.prod.marvell.myshn.net/ Name: SHN-VH-session
Value: 1d27d19f-66b7-4166-ae15-9eaa976838ba|1646148958664
outlook.office.com.office.prod.marvell.myshn.net/ Name: OpenIdConnect.nonce.v3.SuErEX2yi7b_NBiLEP9gNUEolH4xsC9u8m5lkwpC7FY
Value: 637817439606486470.a94cfc12-3ccf-4d55-997a-8c9338e07439
outlook.office.com.office.prod.marvell.myshn.net/ Name: X-OWA-RedirectHistory
Value: ArLym14BxjVL_5T72Qg
login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: buid
Value: 0.ASgAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevroSXoOelDMo76hgJ_dIyneObhvWnoe3rnp0KwePSLwB_1_225vR8ZaI1e_YqI3gQOfxU7uE0pvJ2-I_cZauZWqSoFUWzLxNgJXUhHS1AnO_ggAA
login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: fpc
Value: AjmjQBB73GhGqYqcymAQTDaerOTJAQAAAFotsNkOAAAA
.login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrxY3CGCnngNEAml1aF74VknLjvPm4cCDZNzbBocPLNAA13r-nHZBtlKSIJakq_IWV_DoS6ZkqrENIAa9oPUpg_1klBQP0JPXG6kRJmeJbGYGeZ7d9AGSxVqN1WUjWMO2m08iapT4ZU5sG0qkumGbG8iV29_IyZFEYtr9fylkxdnMgAA
.login.live.com.office.prod.marvell.myshn.net/ Name: uaid
Value: 34a4948a4d7044b5b053ee4942923cfa
.login.live.com.office.prod.marvell.myshn.net/ Name: MSPRequ
Value: id=N&lt=1646147163&co=1
.login.microsoftonline.com.office.prod.marvell.myshn.net/ Name: brcap
Value: 0

4 Console Messages

Source Level URL
Text
security error URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: '*shn----shn--events--shn--data.microsoft.com.office.prod.marvell.myshn.net'. It will be ignored.
security error URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: '*shn----shn--online.lync.com.office.prod.marvell.myshn.net'. It will be ignored.
security error URL: https://outlook.office.com.office.prod.marvell.myshn.net/mail/
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: '*shn----shn--infra.lync.com.office.prod.marvell.myshn.net'. It will be ignored.
network error URL: https://outlook.office.com.office.prod.marvell.myshn.net/owa/startupdata.ashx?app=Mail&n=0
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net swx.cdn.skype.com.office.prod.marvell.myshn.net 'self' *.prod.marvell.myshn.net; script-src 'nonce-k3nfDJxZFAQKVHuo8pMrcA==' *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net wss://*.delve.office.com.office.prod.marvell.myshn.net:443 shellprod.msocdn.com.office.prod.marvell.myshn.net amcdn.msauth.net.office.prod.marvell.myshn.net amcdn.msftauth.net.office.prod.marvell.myshn.net *.bing.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.skypeassets.com *.delve.office.com.office.prod.marvell.myshn.net *.cdn.office.net.office.prod.marvell.myshn.net static.teams.microsoft.com.office.prod.marvell.myshn.net *.googleapis.com teams.microsoft.com.office.prod.marvell.myshn.net shn--cdn--shn--forms.office.net.office.prod.marvell.myshn.net blob: 'report-sample' 'self' 'unsafe-inline' 'wasm-unsafe-eval' *.yammer.com.office.prod.marvell.myshn.net fabriciss.azureedge.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; style-src *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net shellprod.msocdn.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net fonts.googleapis.com *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com.office.prod.marvell.myshn.net 'unsafe-inline' *.prod.marvell.myshn.net; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net *.services.web.outlook.com login.live.com.office.prod.marvell.myshn.net spoprod-a.akamaihd.net shellprod.msocdn.com.office.prod.marvell.myshn.net *.bing.com.office.prod.marvell.myshn.net *.office.net.office.prod.marvell.myshn.net *.office.com.office.prod.marvell.myshn.net *.office365.com.office.prod.marvell.myshn.net *.officeapps.live.com.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com substrate.office.de *.office365-net.de *.office.de browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com.office.prod.marvell.myshn.net wss://*.augloop.office.com outlook.live.com.office.prod.marvell.myshn.net graph.microsoft.com.office.prod.marvell.myshn.net *.graph.microsoft.com graph.microsoft.de *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com.office.prod.marvell.myshn.net *.storage.msn.com asgsmsproxyapi.azurewebsites.net.office.prod.marvell.myshn.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms.office.prod.marvell.myshn.net nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com.office.prod.marvell.myshn.net *.sharepoint-df.com *.sharepoint.com.office.prod.marvell.myshn.net *.sharepoint.de wss://*.delve.office.com.office.prod.marvell.myshn.net:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com.office.prod.marvell.myshn.net *.loki.delve.office.com shn--web--shn--vortex--shn--data.microsoft.com.office.prod.marvell.myshn.net *shn----shn--events--shn--data.microsoft.com.office.prod.marvell.myshn.net *shn----shn--online.lync.com.office.prod.marvell.myshn.net *shn----shn--infra.lync.com.office.prod.marvell.myshn.net wss://*.cortana.ai *.cortana.ai fs.microsoft.com.office.prod.marvell.myshn.net 'self' login.microsoftonline.com.office.prod.marvell.myshn.net outlook.office365.com.office.prod.marvell.myshn.net teams.microsoft.com.office.prod.marvell.myshn.net *.teams.microsoft.com.office.prod.marvell.myshn.net *.yammer.com.office.prod.marvell.myshn.net *.svc.ms.office.prod.marvell.myshn.net *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com.office.prod.marvell.myshn.net wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com.office.prod.marvell.myshn.net wss://*.augloop-gcc.office.com aesir.office.com.office.prod.marvell.myshn.net r3.res.outlook.com.office.prod.marvell.myshn.net *.oscs.protection.outlook.com arc.msn.com.office.prod.marvell.myshn.net *.msedge.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; base-uri browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net 'self' *.prod.marvell.myshn.net; form-action *.officeapps.live.com.office.prod.marvell.myshn.net *.sharepoint-df.com *.sharepoint.com.office.prod.marvell.myshn.net *.sharepoint.de *.odwebp.svc.ms; object-src *.office.net.office.prod.marvell.myshn.net 'self' attachments.office.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; frame-ancestors 'self' teams.microsoft.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; font-src data: *.res.office365.com.office.prod.marvell.myshn.net *.fluidpreview.office.net *.cdn.office.net.office.prod.marvell.myshn.net spoprod-a.akamaihd.net *.skype.com.office.prod.marvell.myshn.net fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com.office.prod.marvell.myshn.net *.delve.office.com.office.prod.marvell.myshn.net fs.microsoft.com.office.prod.marvell.myshn.net 'self' *.yammer.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; media-src blob: *.res.office365.com.office.prod.marvell.myshn.net *.cdn.office.net.office.prod.marvell.myshn.net *.skype.com.office.prod.marvell.myshn.net *.office.net.office.prod.marvell.myshn.net *.office365.net *.office365-net.de *.office365-net.us *.office.com.office.prod.marvell.myshn.net ssl.gstatic.com 'self' *.yammer.com.office.prod.marvell.myshn.net attachments.office.net.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; frame-src * data: mailto: blob:; manifest-src 'self' *.prod.marvell.myshn.net; worker-src 'self' blob: *.office.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; child-src 'self' blob: *.office.com.office.prod.marvell.myshn.net *.prod.marvell.myshn.net; report-uri https://csp.microsoft.com.office.prod.marvell.myshn.net/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net.office.prod.marvell.myshn.net
browser.pipe.aria.microsoft.com.office.prod.marvell.myshn.net
csp.microsoft.com.office.prod.marvell.myshn.net
login.live.com.office.prod.marvell.myshn.net
login.microsoftonline.com.office.prod.marvell.myshn.net
outlook.office.com.office.prod.marvell.myshn.net
outlook.office365.com.office.prod.marvell.myshn.net
r4.res.office365.com.office.prod.marvell.myshn.net
res.cdn.office.net.office.prod.marvell.myshn.net
static2.sharepointonline.com.office.prod.marvell.myshn.net
r4.res.office365.com.office.prod.marvell.myshn.net
52.52.9.238
54.183.76.102
033db18c4bad08e61e1bca96bc01ca880575e0395b7dc4a3caab445cf06ab962
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0d1ec49e2a1dab020ac61f8e852afafaa8af643864fbd243656bff6d66b21903
1f0a55c3ae33721ab67cbbaf4df0a7485d6e18fe6d269a3df1b0d442d7211233
2477b210b897ca623504779cdf1a83ff85920e9045e8944842139863a4471577
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
39e8b266d83228c56bf6a041c5e6d9fe2535eeb05a5b065f18371ae29bc177e9
3d3133d541b74d15d6aba5af76e9ecdf7c2f4f349f4262f3c61c11c54cf8c356
5882b71b025752dff31d48fba775d38fe922259252dd1d53fc55151f41d5fc92
6139c9fa8e81fd8608efa3021159cc0cc46992425f2b5d93a20bb205cb9a2241
64b0054f15ed558fb011442e9a6e9e8aea403d224cbbb84221d2b6aa7de4d913
7d43dd2ba353579e6c4f49f6a1d5d5a5749c1dd4e6e0ec5043e79063dc0b6100
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8f5985411c9f65ff538947070babf324e064b5a8607b22475a3f39f6f5e95258
91ee570b46cc3a74af78e56591dbd2d0ed5d147ea0d80ae50c65b77e063b4c53
9f8cf4a1078dc54bd99a9410758d6593f9f971bd67d15065ce67b76365355a9b
a5a168e5b37970bbf1ee3bd188942b10c6d4bea6968a57948f61830c232105da
ce8fb91c32f55f469ca0ae2a54c516d9565c5f8d2cee26eeb68b33a571c53293
d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5
d31dfb7e34ce709f8d0bf6dbb88de41d55565138d7fa42a783e09646177d53e7
d6cd86b0cd5086be5068a0bc62f663f52e2b54937f4cfda7d05c3d1c18b0ede6
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
ec42dd8af71c7c745ebff25cf2545ba8259211cf39df831152eaab1c5e76fa25