edu-onedrivelti-prod.westeurope.cloudapp.azure.com
Open in
urlscan Pro
20.101.119.147
Public Scan
Submission: On April 05 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on January 8th 2023. Valid for: a year.
This is the only time edu-onedrivelti-prod.westeurope.cloudapp.azure.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 20.101.119.147 20.101.119.147 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2a02:26f0:480... 2a02:26f0:480:1e::217:d1b1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 20.189.173.9 20.189.173.9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 40.79.141.152 40.79.141.152 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
12 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
edu-onedrivelti-prod.westeurope.cloudapp.azure.com |
ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 251 eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 1516 |
3 KB |
3 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 511 |
372 KB |
1 |
azure.com
edu-onedrivelti-prod.westeurope.cloudapp.azure.com |
3 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
4 | eu-mobile.events.data.microsoft.com |
res-1.cdn.office.net
|
4 | browser.events.data.microsoft.com |
res-1.cdn.office.net
|
3 | res-1.cdn.office.net |
edu-onedrivelti-prod.westeurope.cloudapp.azure.com
|
1 | edu-onedrivelti-prod.westeurope.cloudapp.azure.com | |
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
edu-onedrivelti-prod.trafficmanager.net Microsoft Azure TLS Issuing CA 05 |
2023-01-08 - 2024-01-03 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2023-03-23 - 2024-03-23 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2023-03-08 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Frame ID: 3A1E2E5A9FA80B053754650BC0B43D9B
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ |
977 B 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.354351b69ca5f53d7806.bundle.js
res-1.cdn.office.net/onedrivelti/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.aa96dd4366ebfd95df6d.bundle.js
res-1.cdn.office.net/onedrivelti/ |
1 MB 321 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.3a3d3b69eaa00c445b63.bundle.js
res-1.cdn.office.net/onedrivelti/ |
244 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 627 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
153 B 625 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 626 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| __CSP_NONCE object| webpackJsonp object| FabricConfig object| CSPSettings object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl number| __currentId__5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: a7776f82-cc93-447b-91de-602392b7ab1c |
|
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ | Name: ai_session Value: 5vk10v/yEKn1r3gufoBQCO|1680658539798|1680658539802 |
|
.microsoft.com/ | Name: MC1 Value: GUID=b58d2df2c9584995b99445f1a0ba1a42&HASH=b58d&LV=202304&V=4&LU=1680658541071 |
|
.microsoft.com/ | Name: MS0 Value: 8984b8265f5d44068b876e9e0fb855dd |
|
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ | Name: MSFPC Value: GUID=b58d2df2c9584995b99445f1a0ba1a42&HASH=b58d&LV=202304&V=4&LU=1680658541071 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-X7BKkRyelFVVi8WO/I/y7omigazug42/Tx/XMMLFL/M='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-X7BKkRyelFVVi8WO/I/y7omigazug42/Tx/XMMLFL/M='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode = block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
edu-onedrivelti-prod.westeurope.cloudapp.azure.com
eu-mobile.events.data.microsoft.com
res-1.cdn.office.net
20.101.119.147
20.189.173.9
2a02:26f0:480:1e::217:d1b1
40.79.141.152
31c976b29cf8d207a419e535d4f1defbbbb412ca058a55b657c8411923441bf4
45ef0b526142e695530e2a6accef236ae1977de330e5bc8f21300aca5a7b056c
473c72ac0e0237de3d34a8df374b2b912e870980b71d7af073a51cf2b4642798
60e697b457dc61f24c4b6b981a7423e27a2364ed1a80fe13d242979c11070111
aa32f147f444c5fecf53b5b45818f528f53174bc11c870f5779deae236c913de
e7126f0fd85f3753b57a7cd4098c611a7626719f7b06e08c08610c4b698fa04e
f65fc1e113de5668403f413004f0a756f8a4aa36bfb62edde2af34f19e3a1685