login.microsoftonline.com.office.mcafee6691.noel.myshn.net Open in urlscan Pro
52.35.11.28  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ Page URL
2. https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response teams.microsoft.com.office.mcafee6691.noel.myshn.net/	43 KB 15 KB	938ms 418ms	Document text/html	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash f7a83e15e455a6b96c01c2e3eec0a08bafa90044fa975dd7e196131e098f26d9 Security Headers Name Value Content-Security-Policy block-all-mixed-content ; base-uri *.protection.outlook.com; child-src 'self' https: data: blob:; connect-src 'self' blob: https: wss://*.delve.office.com.office.mcafee6691.noel.myshn.net:443 wss://*.dc.trouter.io:443 wss://*.trouter.io:443 wss://*.broadcast.skype.com:443 wss://*.tip.skype.net:443 wss://*.cortana.ai:443 wss://speech.platform.bing.com:443 wss://*.teams.microsoft.com.office.mcafee6691.noel.myshn.net:443 wss://*.hivestreaming.com:443 wss://*.kollective.app:443 wss://*.kollectivecd.com:443 wss://*.pptservicescast.officeapps.live.com wss://*.pptservicescast.edog.officeapps.live.com wss://*.stateservice.officeapps.live.com wss://127.0.0.1:9002 wss://127.0.0.1:9001 ws://localhost:* wss://view-localhost:*; default-src 'none'; prefetch-src statics.teams.microsoft.com sunrise.teams.microsoft.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us; font-src 'self' data: *.delve.office.com.office.mcafee6691.noel.myshn.net *.teams.microsoft.com.office.mcafee6691.noel.myshn.net *.office.net.office.mcafee6691.noel.myshn.net *.office365.us amp.azure.net c.s-microsoft.com edge.skype.net fonts.gstatic.com sxt.cdn.skype.com static2.sharepointonline.com secure.skypeassets.com spoprod-a.akamaihd.net www.microsoft.com; frame-src blob: data: https: mailto: ms-appx-web: ms-excel: ms-powerpoint: ms-visio: ms-word: onenote: pdf: local.teams.office.com:* localhost:* msteams: sip: sips: ms-whiteboard-preview:; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.microsoft.com.office.mcafee6691.noel.myshn.net *.skype.com.office.mcafee6691.noel.myshn.net blob: data: skypevideo: *.giphy.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us gateway.zscaler.net gateway.zscalerone.net gateway.zscalertwo.net gateway.zscalerthree.net gateway.zscloud.net login.zscalerone.net statics.teams.microsoft.com sunrise.teams.microsoft.com eus-streaming-video-rt-microsoft-com.akamaized.net statics-marketingsites-eus-ms-com.akamaized.net prod-video-cms-rt-microsoft-com.akamaized.net premium-teamsespams-uswe.streaming.media.azure.net teamsespams-uswe.streaming.media.azure.net; object-src 'self'; script-src *.protection.outlook.com 'nonce-EEq/vkT4SlD7R50E1bP2sA==' 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' blob: *.office.net.office.mcafee6691.noel.myshn.net *.office365.us *.cms.rt.microsoft.com *.delve.office.com.office.mcafee6691.noel.myshn.net *.teams.microsoft.com.office.mcafee6691.noel.myshn.net *.onenote.com.office.mcafee6691.noel.myshn.net *.presence.skype.com *.streaming.mediaservices.windows.net *.trouter.io ajax.aspnetcdn.com amp.azure.net apis.google.com appsforoffice.microsoft.com az725175.vo.msecnd.net bat.bing.com c64.assets-yammer.com config.edge.skype.com devspaces.skype.com download.hivestreaming.com *.kontiki.com *.kollective.app *.kollectivecd.com edge.skype.net gateway.zscaler.net gateway.zscalerone.net gateway.zscalertwo.net gateway.zscalerthree.net gateway.zscloud.net latest-swx.cdn.skype.com login.microsoftonline.com login.zscalerone.net midgardbranches.blob.core.windows.net scx-dev.tip.skype.net shellprod.msocdn.com swx.cdn.skype.com web.vortex.data.microsoft.com www.microsoft.com/videoplayer/js/ teams.events.data.microsoft.com officefluidprodversionedcdn.azureedge.net; style-src 'self' 'unsafe-inline' amp.azure.net edge.skype.net shellprod.msocdn.com statics.teams.microsoft.com sunrise.teams.microsoft.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us *.protection.outlook.com www.microsoft.com; worker-src 'self' blob: *.teams.microsoft.com.office.mcafee6691.noel.myshn.net; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host teams.microsoft.com.office.mcafee6691.noel.myshn.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Wed, 02 Dec 2020 19:28:14 GMT Content-Type text/html; charset=utf-8 Content-Length 11220 Connection keep-alive Cache-Control no-store, no-transform, must-revalidate, no-cache Content-Encoding gzip Content-Security-Policy block-all-mixed-content ; base-uri *.protection.outlook.com; child-src 'self' https: data: blob:; connect-src 'self' blob: https: wss://*.delve.office.com.office.mcafee6691.noel.myshn.net:443 wss://*.dc.trouter.io:443 wss://*.trouter.io:443 wss://*.broadcast.skype.com:443 wss://*.tip.skype.net:443 wss://*.cortana.ai:443 wss://speech.platform.bing.com:443 wss://*.teams.microsoft.com.office.mcafee6691.noel.myshn.net:443 wss://*.hivestreaming.com:443 wss://*.kollective.app:443 wss://*.kollectivecd.com:443 wss://*.pptservicescast.officeapps.live.com wss://*.pptservicescast.edog.officeapps.live.com wss://*.stateservice.officeapps.live.com wss://127.0.0.1:9002 wss://127.0.0.1:9001 ws://localhost:* wss://view-localhost:*; default-src 'none'; prefetch-src statics.teams.microsoft.com sunrise.teams.microsoft.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us; font-src 'self' data: *.delve.office.com.office.mcafee6691.noel.myshn.net *.teams.microsoft.com.office.mcafee6691.noel.myshn.net *.office.net.office.mcafee6691.noel.myshn.net *.office365.us amp.azure.net c.s-microsoft.com edge.skype.net fonts.gstatic.com sxt.cdn.skype.com static2.sharepointonline.com secure.skypeassets.com spoprod-a.akamaihd.net www.microsoft.com; frame-src blob: data: https: mailto: ms-appx-web: ms-excel: ms-powerpoint: ms-visio: ms-word: onenote: pdf: local.teams.office.com:* localhost:* msteams: sip: sips: ms-whiteboard-preview:; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.microsoft.com.office.mcafee6691.noel.myshn.net *.skype.com.office.mcafee6691.noel.myshn.net blob: data: skypevideo: *.giphy.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us gateway.zscaler.net gateway.zscalerone.net gateway.zscalertwo.net gateway.zscalerthree.net gateway.zscloud.net login.zscalerone.net statics.teams.microsoft.com sunrise.teams.microsoft.com eus-streaming-video-rt-microsoft-com.akamaized.net statics-marketingsites-eus-ms-com.akamaized.net prod-video-cms-rt-microsoft-com.akamaized.net premium-teamsespams-uswe.streaming.media.azure.net teamsespams-uswe.streaming.media.azure.net; object-src 'self'; script-src *.protection.outlook.com 'nonce-EEq/vkT4SlD7R50E1bP2sA==' 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' blob: *.office.net.office.mcafee6691.noel.myshn.net *.office365.us *.cms.rt.microsoft.com *.delve.office.com.office.mcafee6691.noel.myshn.net *.teams.microsoft.com.office.mcafee6691.noel.myshn.net *.onenote.com.office.mcafee6691.noel.myshn.net *.presence.skype.com *.streaming.mediaservices.windows.net *.trouter.io ajax.aspnetcdn.com amp.azure.net apis.google.com appsforoffice.microsoft.com az725175.vo.msecnd.net bat.bing.com c64.assets-yammer.com config.edge.skype.com devspaces.skype.com download.hivestreaming.com *.kontiki.com *.kollective.app *.kollectivecd.com edge.skype.net gateway.zscaler.net gateway.zscalerone.net gateway.zscalertwo.net gateway.zscalerthree.net gateway.zscloud.net latest-swx.cdn.skype.com login.microsoftonline.com login.zscalerone.net midgardbranches.blob.core.windows.net scx-dev.tip.skype.net shellprod.msocdn.com swx.cdn.skype.com web.vortex.data.microsoft.com www.microsoft.com/videoplayer/js/ teams.events.data.microsoft.com officefluidprodversionedcdn.azureedge.net; style-src 'self' 'unsafe-inline' amp.azure.net edge.skype.net shellprod.msocdn.com statics.teams.microsoft.com sunrise.teams.microsoft.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us *.protection.outlook.com www.microsoft.com; worker-src 'self' blob: *.teams.microsoft.com.office.mcafee6691.noel.myshn.net; Expires Tue, 01 Dec 2020 19:28:14 GMT Set-Cookie MUIDB=2F8965B0510C60062FF06A2450BF6167; Expires=Mon, 27-Dec-2021 19:28:14 GMT; Path=/; Secure; HTTPOnly Strict-Transport-Security max-age=2592000 Timing-Allow-Origin * Vary Accept-Encoding X-Auth-Info adal / assigned X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-MSEdge-Ref Ref A: 5271BEB80A1140ED8E6218BDE143DB7A Ref B: WSTEDGE0911 Ref C: 2020-12-02T19:28:14Z X-Ring-Info web: general [assigned], mt: general [assigned] X-Robots-Tag none X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 X-UA-Compatible IE=Edge;chrome=1 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	prelogin teams.microsoft.com.office.mcafee6691.noel.myshn.net/auth/	0 704 B	205ms 205ms	XHR text/plain	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/auth/prelogin Requested by Host: teams.microsoft.com.office.mcafee6691.noel.myshn.net URL: https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Dec 2020 19:28:14 GMT X-Content-Type-Options nosniff Server nginx X-MSEdge-Ref Ref A: 8B6F98A770294164949C17B3FB777829 Ref B: WSTEDGE0911 Ref C: 2020-12-02T19:28:14Z X-Ring-Info web: general [assigned], mt: general [assigned] X-Frame-Options SAMEORIGIN Connection keep-alive Timing-Allow-Origin * Cache-Control no-store,no-cache X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Strict-Transport-Security max-age=2592000 X-Robots-Tag none Content-Length 0 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Primary Request Cookie set authorize Show response login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/	183 KB 48 KB	854ms 368ms	Document text/html	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Requested by Host: teams.microsoft.com.office.mcafee6691.noel.myshn.net URL: https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash be3add8bf3e82605682daeb5349c52802717e166280a29a06740acb5d6762505 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Host login.microsoftonline.com.office.mcafee6691.noel.myshn.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/ Response headers Server nginx Date Wed, 02 Dec 2020 19:28:15 GMT Content-Type text/html; charset=utf-8 Content-Length 46861 Connection keep-alive Cache-Control no-store, no-cache Content-Encoding gzip Expires -1 Link <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Set-Cookie buid=0.AAAAMe_N-B6jSkuT5F9XHpElWsDmPF4fK4VCjUt17nh4c0YBAAA.AQABAAEAAAB2UyzwtQEKR7-rWbgdcBZIyFaqm8AyfE8vhlHlQlyLlPS6j83hY7k2fUcKw_gOCQbHImN0R3WNbYQS6zpqv4KkutLYSANKPUcbPxxAyXLA4AFCt6a-x1S8kv59btOZEWAgAA; Expires=Fri, 01-Jan-2021 19:28:15 GMT; Path=/; Secure; SameSite=None; HTTPOnly fpc=AhuWhxtb44JNkAGPcu6Rf75X9_HiAQAAAM7hWdcOAAAA; Expires=Fri, 01-Jan-2021 19:28:15 GMT; Path=/; Secure; SameSite=None; HTTPOnly esctx=AQABAAAAAAB2UyzwtQEKR7-rWbgdcBZIaHrMMvjew9DsVKhZktjktxPcLSqJEbNSKRmxQGCWnutjLidfo5MShDj54Hje99ZN1iUgvJfOhee5s8aE-wPKAAlhWuhDlKbiEOqd9xqqEbJV17HdL3S8jznpMF83drXniZD625ZR0pkW76gAuTsOn_21r3ZbXLTXFxxYWCf3Z3MgAA; Path=/; Domain=.login.microsoftonline.com.office.mcafee6691.noel.myshn.net; Secure; HTTPOnly x-ms-gateway-slice=prod; Path=/; Secure; SameSite=none; HTTPOnly stsservicecookie=ests; Path=/; Secure; SameSite=none; HTTPOnly Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-DNS-Prefetch-Control on X-Frame-Options DENY x-ms-clitelem 1,0,0,, x-ms-ests-server 2.1.11251.21 - SAN ProdSlices x-ms-request-id aaeefbbd-660e-457a-b806-a60c1fbf0400 X-Robots-Tag none X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00
GET H/1.1	200 OK	Me.htm login.live.com.office.mcafee6691.noel.myshn.net/	0 0	923ms 428ms	Other text/html	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.live.com.office.mcafee6691.noel.myshn.net/Me.htm?v=3 Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software / Resource Hash Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	OldConvergedLogin_PCore_vxgrBEL90XDvqFl1Q5rIWA2.js Show response aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/js/	613 KB 157 KB	963ms 446ms	Script application/x-javascript	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/js/OldConvergedLogin_PCore_vxgrBEL90XDvqFl1Q5rIWA2.js Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 719fd47a81e0b10f375253c243fb7ba02acca82d31b8fdcdc283a7c422773218 Request headers Origin https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:16 GMT Content-Encoding gzip Content-MD5 niqg/7FyPkh1jwL9CM2aew== Age 1273453 X-Cache HIT Connection keep-alive Content-Length 159465 x-ms-lease-status unlocked Last-Modified Tue, 03 Nov 2020 23:02:35 GMT Server nginx Etag 0x8D8804C8DE274A0 Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * x-ms-request-id af3414dd-c01e-0086-5b4c-bdc001000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/	4 KB 2 KB	687ms 177ms	Image image/svg+xml	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:18 GMT Content-Encoding gzip Content-MD5 nzaLxFgP7ZB3dfMcaybWzw== Age 22469146 X-Cache HIT Connection keep-alive Content-Length 1435 x-ms-lease-status unlocked Last-Modified Thu, 16 Jan 2020 00:32:52 GMT Server nginx Etag 0x8D79A1B9F5E121A Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * x-ms-request-id 10a55059-e01e-0039-1786-fcc6de000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/	0 20 KB	944ms 349ms	Other text/css	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:18 GMT Content-Encoding gzip Content-MD5 bjqCIB9rMEZAA8TrOKRGgQ== Age 3818298 X-Cache HIT Connection keep-alive Content-Length 19771 x-ms-lease-status unlocked Last-Modified Sat, 17 Oct 2020 19:18:26 GMT Server nginx Etag 0x8D872D16C711C33 Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * x-ms-request-id d2022056-101e-0044-1927-a6c98b000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	ux.converged.login.strings-en.min_kitf4x-q_4sbtkr57j6jbw2.js aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/	0 12 KB	855ms 190ms	Other application/x-javascript	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_kitf4x-q_4sbtkr57j6jbw2.js Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:18 GMT Content-Encoding gzip Content-MD5 /6NrBzTsuLT0y8HnQDGZ5w== Age 1389409 X-Cache HIT Connection keep-alive Content-Length 11506 x-ms-lease-status unlocked Last-Modified Thu, 05 Nov 2020 00:12:24 GMT Server nginx Etag 0x8D8811F79061361 Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * x-ms-request-id e4c0193a-c01e-0080-553e-bc26c0000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	2_bc3d32a696895f78c19df6c717586a5d.svg aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/backgrounds/	2 KB 1 KB	720ms 221ms	Image image/svg+xml	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:18 GMT Content-Encoding gzip Content-MD5 DhdidjYrlCeaRJJRG/y9mA== Age 21092736 X-Cache HIT Connection keep-alive Content-Length 673 x-ms-lease-status unlocked Last-Modified Wed, 12 Feb 2020 22:01:50 GMT Server nginx Etag 0x8D7B007297AE131 Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * x-ms-request-id 8df9bf01-e01e-0039-5a0a-09c6de000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/	900 B 1 KB	560ms 212ms	Image image/svg+xml	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942 Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:18 GMT Content-Encoding gzip Content-MD5 GapJ5vNFgRzr6JUAPI/Pxw== Age 21092736 X-Cache HIT Connection keep-alive Content-Length 252 x-ms-lease-status unlocked Last-Modified Thu, 16 Jan 2020 00:32:51 GMT Server nginx Etag 0x8D79A1B9E938C2A Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * x-ms-request-id 88c2281c-d01e-008a-4e0a-090c82000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/	915 B 1 KB	565ms 207ms	Image image/svg+xml	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6 Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:18 GMT Content-Encoding gzip Content-MD5 /a3y/mpA+HRaVAiPACrsog== Age 22469146 X-Cache HIT Connection keep-alive Content-Length 263 x-ms-lease-status unlocked Last-Modified Thu, 16 Jan 2020 00:32:51 GMT Server nginx Etag 0x8D79A1B9EFFAEA1 Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * x-ms-request-id e596e80e-d01e-008c-6c86-fcea43000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
POST H/1.1	200 OK	reportpageload Show response login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/instrumentation/	264 B 1 KB	273ms 273ms	XHR application/json	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/instrumentation/reportpageload?mkt=en-US Requested by Host: aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net URL: https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/shared/1.0/content/js/OldConvergedLogin_PCore_vxgrBEL90XDvqFl1Q5rIWA2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 90ed2cd042346b3bcbed991cc81ec90c4ed0318a2145fa39cb9e6b62c859d31d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers hpgrequestid aaeefbbd-660e-457a-b806-a60c1fbf0400 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 client-request-id 0bf8f523-0a54-4300-a09d-15705b4c9129 canary AQABAAAAAAB2UyzwtQEKR7-rWbgdcBZI-_EwgPNAqOlbBYDQoosDN_VRI789MG-1usvGQDbzWsX2hDBaGPVJgevbP-SqUrQg1M617WitAsDw1ShxekP4GNPLJDXoEgjgfC-VtdAtPEVGVrr2M7vKIwU305PcfDUHOdzdRe5mTUPhgNommqgKP4rtvfIUQb3YFx8TISnck6Ch365dB-UK6q0qJj7HDUfGRuluoUySiZYHe3b24FzczSAA Content-type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= hpgact 1800 Response headers Date Wed, 02 Dec 2020 19:28:18 GMT X-Content-Type-Options nosniff client-request-id 0bf8f523-0a54-4300-a09d-15705b4c9129 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Connection keep-alive Content-Length 264 Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains Access-Control-Allow-Methods POST, OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://autologon.microsoftazuread-sso.com/ x-ms-request-id b0c3696c-c1de-4a08-b596-de2c85e50400 Cache-Control no-store, no-cache Access-Control-Allow-Credentials true X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 X-Robots-Tag none x-ms-ests-server 2.1.11251.21 - SAN ProdSlices Expires -1
GET H/1.1	200 OK	converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css Show response aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/	106 KB 20 KB	704ms 219ms	Fetch text/css	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 1e3dceb93e7c252036cfcded7e108e7e2473dae923a2401a84dd7925f5a9f0ad Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:23 GMT Content-Encoding gzip Content-MD5 bjqCIB9rMEZAA8TrOKRGgQ== Age 3818303 X-Cache HIT Connection keep-alive Content-Length 19771 x-ms-lease-status unlocked Last-Modified Sat, 17 Oct 2020 19:18:26 GMT Server nginx Etag 0x8D872D16C711C33 Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * x-ms-request-id d2022056-101e-0044-1927-a6c98b000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none
GET H/1.1	200 OK	ux.converged.login.strings-en.min_kitf4x-q_4sbtkr57j6jbw2.js Show response aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/	38 KB 12 KB	673ms 181ms	Fetch application/x-javascript	52.35.11.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_kitf4x-q_4sbtkr57j6jbw2.js Requested by Host: login.microsoftonline.com.office.mcafee6691.noel.myshn.net URL: https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/common/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com.office.mcafee6691.noel.myshn.net%2Fgo&state=48dff0f5-aca9-4fda-9750-deb2209153d8&&client-request-id=0bf8f523-0a54-4300-a09d-15705b4c9129&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=412106d4-09db-47b0-a2b7-eac0bd26f70d&domain_hint= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.35.11.28 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-35-11-28.us-west-2.compute.amazonaws.com Software nginx / Resource Hash c90c8c4eebc55642f6e0430d6ebe94eeb4953298842e9b121b70fbbb4b368d9b Request headers Referer https://login.microsoftonline.com.office.mcafee6691.noel.myshn.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Wed, 02 Dec 2020 19:28:23 GMT Content-Encoding gzip Content-MD5 /6NrBzTsuLT0y8HnQDGZ5w== Age 1389414 X-Cache HIT Connection keep-alive Content-Length 11506 x-ms-lease-status unlocked Last-Modified Thu, 05 Nov 2020 00:12:24 GMT Server nginx Etag 0x8D8811F79061361 Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * x-ms-request-id e4c0193a-c01e-0080-553e-bc26c0000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19 X-SkyHigh-Version BuildNumber=4, BuildDate=2020-10-06 19:00 Accept-Ranges bytes X-Robots-Tag none

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData function| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __OldConvergedLogin_PCore boolean| __

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.microsoftonline.com.office.mcafee6691.noel.myshn.net/	1969-12-31 23:59:59	Name: stsservicecookie Value: ests
			.login.microsoftonline.com.office.mcafee6691.noel.myshn.net/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAB2UyzwtQEKR7-rWbgdcBZIaHrMMvjew9DsVKhZktjktxPcLSqJEbNSKRmxQGCWnutjLidfo5MShDj54Hje99ZN1iUgvJfOhee5s8aE-wPKAAlhWuhDlKbiEOqd9xqqEbJV17HdL3S8jznpMF83drXniZD625ZR0pkW76gAuTsOn_21r3ZbXLTXFxxYWCf3Z3MgAA
			login.microsoftonline.com.office.mcafee6691.noel.myshn.net/	1970-01-19 15:05:29	Name: fpc Value: AhuWhxtb44JNkAGPcu6Rf75X9_HiAQAAAM7hWdcOAAAA
			login.microsoftonline.com.office.mcafee6691.noel.myshn.net/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: prod
			.login.microsoftonline.com.office.mcafee6691.noel.myshn.net/	1970-01-19 23:43:53	Name: brcap Value: 0
			login.microsoftonline.com.office.mcafee6691.noel.myshn.net/	1970-01-19 15:05:29	Name: buid Value: 0.AAAAMe_N-B6jSkuT5F9XHpElWsDmPF4fK4VCjUt17nh4c0YBAAA.AQABAAEAAAB2UyzwtQEKR7-rWbgdcBZIyFaqm8AyfE8vhlHlQlyLlPS6j83hY7k2fUcKw_gOCQbHImN0R3WNbYQS6zpqv4KkutLYSANKPUcbPxxAyXLA4AFCt6a-x1S8kv59btOZEWAgAA
			.office.mcafee6691.noel.myshn.net/	1969-12-31 23:59:59	Name: SHN-VH-session Value: 9421e3e6-e932-4c52-a02a-8f5edfd464cc|1606939094611

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/(Line 1) Message: User profile not found
console-api	warning	URL: https://teams.microsoft.com.office.mcafee6691.noel.myshn.net/(Line 1) Message: Logging user in

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content ; base-uri *.protection.outlook.com; child-src 'self' https: data: blob:; connect-src 'self' blob: https: wss://*.delve.office.com.office.mcafee6691.noel.myshn.net:443 wss://*.dc.trouter.io:443 wss://*.trouter.io:443 wss://*.broadcast.skype.com:443 wss://*.tip.skype.net:443 wss://*.cortana.ai:443 wss://speech.platform.bing.com:443 wss://*.teams.microsoft.com.office.mcafee6691.noel.myshn.net:443 wss://*.hivestreaming.com:443 wss://*.kollective.app:443 wss://*.kollectivecd.com:443 wss://*.pptservicescast.officeapps.live.com wss://*.pptservicescast.edog.officeapps.live.com wss://*.stateservice.officeapps.live.com wss://127.0.0.1:9002 wss://127.0.0.1:9001 ws://localhost:* wss://view-localhost:*; default-src 'none'; prefetch-src statics.teams.microsoft.com sunrise.teams.microsoft.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us; font-src 'self' data: *.delve.office.com.office.mcafee6691.noel.myshn.net *.teams.microsoft.com.office.mcafee6691.noel.myshn.net *.office.net.office.mcafee6691.noel.myshn.net *.office365.us amp.azure.net c.s-microsoft.com edge.skype.net fonts.gstatic.com sxt.cdn.skype.com static2.sharepointonline.com secure.skypeassets.com spoprod-a.akamaihd.net www.microsoft.com; frame-src blob: data: https: mailto: ms-appx-web: ms-excel: ms-powerpoint: ms-visio: ms-word: onenote: pdf: local.teams.office.com:* localhost:* msteams: sip: sips: ms-whiteboard-preview:; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.microsoft.com.office.mcafee6691.noel.myshn.net *.skype.com.office.mcafee6691.noel.myshn.net blob: data: skypevideo: *.giphy.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us gateway.zscaler.net gateway.zscalerone.net gateway.zscalertwo.net gateway.zscalerthree.net gateway.zscloud.net login.zscalerone.net statics.teams.microsoft.com sunrise.teams.microsoft.com eus-streaming-video-rt-microsoft-com.akamaized.net statics-marketingsites-eus-ms-com.akamaized.net prod-video-cms-rt-microsoft-com.akamaized.net premium-teamsespams-uswe.streaming.media.azure.net teamsespams-uswe.streaming.media.azure.net; object-src 'self'; script-src *.protection.outlook.com 'nonce-EEq/vkT4SlD7R50E1bP2sA==' 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' blob: *.office.net.office.mcafee6691.noel.myshn.net *.office365.us *.cms.rt.microsoft.com *.delve.office.com.office.mcafee6691.noel.myshn.net *.teams.microsoft.com.office.mcafee6691.noel.myshn.net *.onenote.com.office.mcafee6691.noel.myshn.net *.presence.skype.com *.streaming.mediaservices.windows.net *.trouter.io ajax.aspnetcdn.com amp.azure.net apis.google.com appsforoffice.microsoft.com az725175.vo.msecnd.net bat.bing.com c64.assets-yammer.com config.edge.skype.com devspaces.skype.com download.hivestreaming.com *.kontiki.com *.kollective.app *.kollectivecd.com edge.skype.net gateway.zscaler.net gateway.zscalerone.net gateway.zscalertwo.net gateway.zscalerthree.net gateway.zscloud.net latest-swx.cdn.skype.com login.microsoftonline.com login.zscalerone.net midgardbranches.blob.core.windows.net scx-dev.tip.skype.net shellprod.msocdn.com swx.cdn.skype.com web.vortex.data.microsoft.com www.microsoft.com/videoplayer/js/ teams.events.data.microsoft.com officefluidprodversionedcdn.azureedge.net; style-src 'self' 'unsafe-inline' amp.azure.net edge.skype.net shellprod.msocdn.com statics.teams.microsoft.com sunrise.teams.microsoft.com *.office.net.office.mcafee6691.noel.myshn.net *.office365.us *.protection.outlook.com www.microsoft.com; worker-src 'self' blob: *.teams.microsoft.com.office.mcafee6691.noel.myshn.net;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net.office.mcafee6691.noel.myshn.net
login.live.com.office.mcafee6691.noel.myshn.net
login.microsoftonline.com.office.mcafee6691.noel.myshn.net
teams.microsoft.com.office.mcafee6691.noel.myshn.net
52.35.11.28
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
1e3dceb93e7c252036cfcded7e108e7e2473dae923a2401a84dd7925f5a9f0ad
61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942
719fd47a81e0b10f375253c243fb7ba02acca82d31b8fdcdc283a7c422773218
90ed2cd042346b3bcbed991cc81ec90c4ed0318a2145fa39cb9e6b62c859d31d
be3add8bf3e82605682daeb5349c52802717e166280a29a06740acb5d6762505
c90c8c4eebc55642f6e0430d6ebe94eeb4953298842e9b121b70fbbb4b368d9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7a83e15e455a6b96c01c2e3eec0a08bafa90044fa975dd7e196131e098f26d9