urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1046:2000:188::4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/
Effective URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On November 04 via api from JP — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2603:1046:2000:188::4, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 9.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 210.16.65.122 395092 (SHOCK-1)
2 2 2603:1046:3:1... 8075 (MICROSOFT...)
1 2603:1046:200... 8075 (MICROSOFT...)
11 2606:2800:247... 15133 (EDGECAST)
1 40.126.16.166 8075 (MICROSOFT...)
1 2603:1046:c01... 8075 (MICROSOFT...)
15 5
1    210.16.65.122 (Singapore, Singapore)

ASN395092 (SHOCK-1, US)
arc.microsoftonline.com.outlook.office365.live.login.out-mail.live
2    2603:1046:3:18::2 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office.com
1    2603:1046:2000:188::4 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
11    2606:2800:247:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    40.126.16.166 (Seoul, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    2603:1046:c01:908::2 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com
Apex Domain
Subdomains		 Transfer
11 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 866
348 KB
2 office.com
outlook.office.com — Cisco Umbrella Rank: 58
4 KB
1 office365.com
outlook.office365.com — Cisco Umbrella Rank: 36
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9
17 KB
1 out-mail.live
arc.microsoftonline.com.outlook.office365.live.login.out-mail.live
285 B
15 6
Domain Requested by
11 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
2 outlook.office.com 2 redirects
1 outlook.office365.com aadcdn.msftauth.net
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com arc.microsoftonline.com.outlook.office365.live.login.out-mail.live
1 arc.microsoftonline.com.outlook.office365.live.login.out-mail.live
15 6

This site contains links to these domains. Also see Links.

Domain
outlook.office.com
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid

E5		 2024-11-04 -
2025-02-02		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-09-03 -
2025-03-03		 6 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-08-28 -
2025-02-28		 6 months crt.sh
outlook.com
DigiCert Cloud Services CA-1		 2024-06-27 -
2025-06-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Frame ID: 3E28B80F1BC237899433225C3208BEB8
Requests: 14 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 612DE57AFB371A7E34A990352F04879F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Outlook

Page URL History Show full URLs

  1. https://arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/ Page URL
  2. https://outlook.office.com/ HTTP 301
    https://outlook.office.com/owa/ HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

365 kB
Transfer

1198 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/ Page URL
  2. https://outlook.office.com/ HTTP 301
    https://outlook.office.com/owa/ HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/ 		148 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
210.16.65.122 Singapore, Singapore, ASN395092 (SHOCK-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html
Transfer-Encoding
chunked
Primary Request authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • https://outlook.office.com/
  • https://outlook.office.com/owa/
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0000...
38 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Requested by
Host: arc.microsoftonline.com.outlook.office365.live.login.out-mail.live
URL: https://arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1046:2000:188::4 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a284ed9b7f3f54b169aff057c006431586d514d66137f31153f4a3692cb0d275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://arc.microsoftonline.com.outlook.office365.live.login.out-mail.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15062
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Nov 2024 06:30:58 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+sin"}]}
x-ms-ests-server
2.1.19343.4 - KRC ProdSlices
x-ms-request-id
bb271a35-58d1-4ae7-a1ba-bc29db779e00
x-ms-srs
1.P

Redirect headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
783
content-type
text/html; charset=utf-8
date
Mon, 04 Nov 2024 06:30:58 GMT
location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=XSP&RemoteIP=2001:df1:800::&Environment=MT"}],"include_subdomains":true}
request-id
eeffbc5e-7855-30eb-a961-4e52ae5121be
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-11-04T06:30:58.898
x-backend-end
2024-11-04T06:30:58.914
x-backendhttpstatus
302 302
x-beserver
TYZPR02MB8474
x-besku
WCS7
x-calculatedbetarget
TYZPR02MB8474.apcprd02.prod.outlook.com
x-calculatedfetarget
TYCP301CU002.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
TYZPR02MB8474
x-feefzinfo
XSP
x-feproxyinfo
SG2PR02CA0047.APCPRD02.PROD.OUTLOOK.COM
x-feserver
TYCP301CA0018 SG2PR02CA0047
x-firsthopcafeefz
XSP
x-owa-diagnosticsinfo
6;0;0;
x-proxy-backendserverstatus
302
x-proxy-routingcorrectness
1
x-responseorigin
OwaAppPool
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/5693) /
Resource Hash
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
8N6amNvfqMAnQs5tkvslJA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCDDAB171F8006
age
3342060
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
text/css
last-modified
Wed, 25 Sep 2024 21:43:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
845482cb-a01e-00a5-551d-109c56000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20400
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/5693)
ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		439 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/5685) /
Resource Hash
6379d57694ecb499626f889744fb47d1979dde32c9f95bcaf48e318642a8c292

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
FH5pMpu6b85N3p947XewnA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCE4DDC9563CC2
age
2284048
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
application/x-javascript
last-modified
Sat, 05 Oct 2024 01:33:59 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
139c6bcf-401e-00cf-42bd-19447e000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
122342
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/5685)
ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/568A) /
Resource Hash
81188e8a76162c79db4a5c10ac933c9e874c5b9eae10e47956ad9df704e01b28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
wheuNbhZLcnx5oBIfa0JTw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCC6D4DD76DEA7
age
5865288
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
application/x-javascript
last-modified
Tue, 27 Aug 2024 20:14:33 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
22b261c5-401e-0001-022a-f90b12000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
16326
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/568A)
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.16.166 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/5689) /
Resource Hash
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
LT++1t3XGfzBv7UAthL87A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCBD52F37806EC
age
6894280
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:51:54 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
8dc084cc-201e-0065-05cf-effa8a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
116365
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/5689)
prefetch.aspx
outlook.office365.com/owa/ Frame 612D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1046:c01:908::2 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
private, no-store
content-encoding
gzip
content-length
1234
content-type
text/html; charset=utf-8
date
Mon, 04 Nov 2024 06:30:58 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=XSP&RemoteIP=2001:df1:800::&Environment=MT"}],"include_subdomains":true}
request-id
62948377-01ee-5cde-f1cd-dd3af5bc2122
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-backend-begin
2024-11-04T06:30:59.279
x-backend-end
2024-11-04T06:30:59.295
x-backendhttpstatus
200
x-beserver
SI2PR02MB5513
x-besku
WCS7
x-calculatedbetarget
SI2PR02MB5513.apcprd02.PROD.OUTLOOK.COM
x-content-type-options
nosniff
x-diaginfo
SI2PR02MB5513
x-feefzinfo
XSP
x-feproxyinfo
SG2PR02CA0137.APCPRD02.PROD.OUTLOOK.COM
x-feserver
SG2PR02CA0137
x-firsthopcafeefz
XSP
x-owa-diagnosticsinfo
7;0;0;
x-owa-version
15.20.8114.28
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-responseorigin
OwaAppPool
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/569F) /
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
5YqvyYBhSpzXeWvqe16o8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F41C14038
age
19299174
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
image/jpeg
last-modified
Wed, 24 May 2023 10:11:35 GMT
cache-control
public, max-age=31536000
x-ms-request-id
755ddb37-801e-0017-64fc-7e3b0a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
987
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/569F)
49_6ffe0a92d779c878835b40171ffc2e13.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/5696) /
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
eRaolOvefSnCzCmyZ/Epnw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F41AC335E
age
19301457
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
image/jpeg
last-modified
Wed, 24 May 2023 10:11:35 GMT
cache-control
public, max-age=31536000
x-ms-request-id
996bf9ab-801e-00bf-17f7-7ea57d000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17453
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/5696)
53_7a3c80bf9694448bac31a9589d2e9e92.png
aadcdn.msftauth.net/shared/1.0/content/images/applogos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/56B8) /
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
izYzcDfP+Iw98gO7c9WOQQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F457C234F
age
19389079
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
image/png
last-modified
Wed, 24 May 2023 10:11:42 GMT
cache-control
public, max-age=31536000
x-ms-request-id
535020e9-c01e-00ab-492b-7eb957000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
5139
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/56B8)
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/56A2) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
nzaLxFgP7ZB3dfMcaybWzw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DB5C3F495F4B8C
age
192372
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
image/svg+xml
last-modified
Wed, 24 May 2023 10:11:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
8acfecf6-201e-0028-09c3-2c3566000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
1435
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/56A2)
convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/56E1) /
Resource Hash
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
07aumYbfJEqwNBLMcAM10A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCBD52F42903D2
age
6894278
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:51:56 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
3e001297-c01e-0057-2fcf-ef641f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
35168
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/56E1)
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/5706) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
EuPayFgGHQiAI7K9SOL6lg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D8731240E548EB
age
19475271
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
image/x-icon
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
cache-control
public, max-age=31536000
x-ms-request-id
36f800b1-401e-00e7-4362-7d9e5f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17174
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/5706)
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/5697) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
R2FAVxfpONfnQAuxVxXbHg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DB5C3F4BB4F03C
age
18919796
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 04 Nov 2024 06:30:59 GMT
content-type
image/svg+xml
last-modified
Wed, 24 May 2023 10:11:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
0845c302-f01e-00e4-0270-82e359000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
x-ms-blob-type
BlockBlob
server
ECAcc (sgc/5697)

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d

15 Cookies

Domain/Path Name / Value
outlook.office.com/ Name: ClientId
Value: 7373DDE74425421E99810D8A47E0EE69
outlook.office.com/ Name: OIDC
Value: 1
outlook.office.com/ Name: OpenIdConnect.nonce.v3.1yrdSxvQb3azpDhgXDFKsKshdHWgxHXOgcPZjp5MIKM
Value: 638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c
outlook.office.com/ Name: X-OWA-RedirectHistory
Value: ArLym14BpQvWPpr83Ag
login.microsoftonline.com/ Name: buid
Value: 1.ATQAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA0AA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeBVCV0M5Uh_vRyqLvQoTOeosHKLRZqHhBGezQsot5LKp55lV8NLd-taJ0fiSY0iAKDYz-lsprczn4ZYKxb_Fhc_hir2XFvwwaxOEcyg1LJYcgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeYl1JL1hR9D32t8Li9REeW64x4uroPxmeeVIk5i-iNMnS9q1PO4ZEuoBIvsp8v6m7HRCH-k2d43bm_PEn6lMusdOD5w95LaPVvJoOJK5Wo4KHi_HMT3mSSBdnj7TzqrnbYYvtDQcH7sh6zNo_frs0w4vPzwEkX55g5_Kv764fHVUgAA
.login.microsoftonline.com/ Name: esctx-crP8Ts9Ljs
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFeT7I58LT5aiWCB7EiwAS17KW1kmy-oxyY-m_4XU9JC0L9JDc4i4ZWJEi2e0f7d9V_jtgzX3e56Qfcm3IUfi-e3OVpQHjqncSsYeIoJztoE4iw4JrupQx9LzbfgwQYujeBpLlqV7rJp53rM9kELwjDLCAA
login.microsoftonline.com/ Name: fpc
Value: AovmoprsaPZGrZXshdwUMSuerOTJAQAAACJhut4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: brcap
Value: 0
outlook.office365.com/ Name: ClientId
Value: D70DA10883474A56AA813D9305810B91
outlook.office365.com/ Name: OIDC
Value: 1
.login.live.com/ Name: uaid
Value: 77b49f7e67f34aefa57aae96eeaae0bc
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1730701859&co=1

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=eeffbc5e-7855-30eb-a961-4e52ae5121be&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638662986588989763.9be3ddcd-4d38-4b20-bfc4-327dcdac5a2c&state=DYtBDoAwCASpxudgG2gRntOCXj36fTnMJrPJFADYky0pLQcuYRUhUxmqppZ-2ro5wgN7sGJf1HA93pHpynf6mOQl26O-36w_
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o