urlscan.io logo urlscan.io
SecurityTrails logo

access.verify-0ffice365.com Open in urlscan Pro
147.182.229.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://notification.0ffice-authentication.com/?hqhctroq
Effective URL: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2N...
Submission: On December 16 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 147.182.229.221, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is access.verify-0ffice365.com.
TLS certificate: Issued by R3 on December 7th 2023. Valid for: 3 months.
This is the only time access.verify-0ffice365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 10 147.182.229.221 14061 (DIGITALOC...)
1 40.126.32.136 8075 (MICROSOFT...)
8 3
Apex Domain
Subdomains		 Transfer
9 verify-0ffice365.com
access.verify-0ffice365.com
798 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 80
1 0ffice-authentication.com
notification.0ffice-authentication.com
631 B
8 3
Domain Requested by
9 access.verify-0ffice365.com 3 redirects access.verify-0ffice365.com
1 login.live.com access.verify-0ffice365.com
1 notification.0ffice-authentication.com 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
access.verify-0ffice365.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-11-11 -
2024-11-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
Frame ID: 4A2B8E28E1D1954C43EB39214BE2DFDE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://notification.0ffice-authentication.com/?hqhctroq HTTP 302
    https://access.verify-0ffice365.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FjY2Vzcy52Z... HTTP 302
    https://access.verify-0ffice365.com/ HTTP 301
    https://access.verify-0ffice365.com/owa/ HTTP 302
    https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV... Page URL
  2. https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV... Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

789 kB
Transfer

1036 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notification.0ffice-authentication.com/?hqhctroq HTTP 302
    https://access.verify-0ffice365.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FjY2Vzcy52ZXJpZnktMGZmaWNlMzY1LmNvbSIsImRvbWFpbiI6ImFjY2Vzcy52ZXJpZnktMGZmaWNlMzY1LmNvbSIsImtleSI6IkZ5VXJvc0F3a3I0NiIsInFyYyI6bnVsbCwiaWF0IjoxNzAyNjg1MTgwLCJleHAiOjE3MDI2ODUzMDB9.wBUgCKyRtMYv1dfq6YuYQQR7TowTOWRvM86fd6F9QI4 HTTP 302
    https://access.verify-0ffice365.com/ HTTP 301
    https://access.verify-0ffice365.com/owa/ HTTP 302
    https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ= Page URL
  2. https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://notification.0ffice-authentication.com/?hqhctroq HTTP 302
  • https://access.verify-0ffice365.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FjY2Vzcy52ZXJpZnktMGZmaWNlMzY1LmNvbSIsImRvbWFpbiI6ImFjY2Vzcy52ZXJpZnktMGZmaWNlMzY1LmNvbSIsImtleSI6IkZ5VXJvc0F3a3I0NiIsInFyYyI6bnVsbCwiaWF0IjoxNzAyNjg1MTgwLCJleHAiOjE3MDI2ODUzMDB9.wBUgCKyRtMYv1dfq6YuYQQR7TowTOWRvM86fd6F9QI4 HTTP 302
  • https://access.verify-0ffice365.com/ HTTP 301
  • https://access.verify-0ffice365.com/owa/ HTTP 302
  • https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.cgi
access.verify-0ffice365.com/
Redirect Chain
  • https://notification.0ffice-authentication.com/?hqhctroq
  • https://access.verify-0ffice365.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FjY2Vzcy52ZXJpZnktMGZmaWNlMzY1LmNvbSIsImRvbWFpbiI6ImFjY2Vzcy52ZXJpZnktMGZmaWNlMzY1LmNvbSIsImtleS...
  • https://access.verify-0ffice365.com/
  • https://access.verify-0ffice365.com/owa/
  • https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVk...
21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.182.229.221 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
63370ce7a67735794a8c4b0fd38e048cc8334bf6c43f34ee47d669e3b55cba03
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Dec 2023 00:06:22 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=39032cc2-e01c-6272-cfda-e6f04da80fab&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638382819823258801.6aca701f-e5b0-4198-8361-d19302cfd004&state=DYtJEoAgDMCKjM-pdGEpz0GQq0e_bw_JJZMAANE5nEAuaFVNTYy7iUoxI77qmKMRb3zKTZg9oWllXNyVZO5FlIO_Z3q_kX4
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
21318
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.16942.4 - WUS3 ProdSlices
x-ms-request-id
d12734e7-b668-4562-a050-e73179112700

Redirect headers

Alt-Svc
h3=":443",h3-29=":443"
Connection
close
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Dec 2023 00:06:22 GMT
Location
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SJC&RemoteIP=147.182.229.0"}],"include_subdomains":true}
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
PH7PR03MB7241
X-BackEnd-Begin
2023-12-16T00:06:22.325
X-BackEnd-End
2023-12-16T00:06:22.325
X-BackEndHttpStatus
302, 302
X-BeSku
WCS7
X-CalculatedBETarget
PH7PR03MB7241.namprd03.PROD.OUTLOOK.COM
X-CalculatedFETarget
PH0PR07CU004.internal.outlook.com
X-DiagInfo
PH7PR03MB7241
X-FEEFZInfo
SJC
X-FEProxyInfo
SJ0PR03CA0285.NAMPRD03.PROD.OUTLOOK.COM
X-FEServer
PH0PR07CA0093, SJ0PR03CA0285
X-FirstHopCafeEFZ
SJC
X-IIDs
0
X-OWA-DiagnosticsInfo
1;0;0
X-Proxy-BackendServerStatus
302
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedDbCopy
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-UA-Compatible
IE=EmulateIE7
content-length
1294
request-id
39032cc2-e01c-6272-cfda-e6f04da80fab
BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
Requested by
Host: access.verify-0ffice365.com
URL: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.182.229.221 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
ECAcc (sac/255A) /
Resource Hash
fc59ce5ac94470f3186b0983f0ad831c47dd9156705c11c0fb02a0a11a13a85a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Sat, 16 Dec 2023 00:06:23 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
XeeqhhOQ0TQMibhz+Toyvg==
Age
1435973
X-Cache
HIT
Connection
close
content-length
139177
x-ms-lease-status
unlocked
Last-Modified
Mon, 27 Nov 2023 23:32:21 GMT
Server
ECAcc (sac/255A)
Etag
0x8DBEFA11A51DC95
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
5bcbcdae-c01e-00ef-4da4-22c64e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
truncated
/ 		341 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
text/javascript
Primary Request redirect.cgi
access.verify-0ffice365.com/ 		39 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
Requested by
Host: access.verify-0ffice365.com
URL: https://access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.182.229.221 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
509699f9acf536d96225ee01a55e316e994b4fad99f674373abdb69f97d271ea
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Dec 2023 00:06:25 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msftauth.net>; rel=dns-prefetch, <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=39032cc2-e01c-6272-cfda-e6f04da80fab&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638382819823258801.6aca701f-e5b0-4198-8361-d19302cfd004&state=DYtJEoAgDMCKjM-pdGEpz0GQq0e_bw_JJZMAANE5nEAuaFVNTYy7iUoxI77qmKMRb3zKTZg9oWllXNyVZO5FlIO_Z3q_kX4
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
39650
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.16942.4 - WUS3 ProdSlices
x-ms-request-id
6523db3e-cb75-4f9b-9589-6ba28d592e01
converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
access.verify-0ffice365.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ 		109 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://access.verify-0ffice365.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
Requested by
Host: access.verify-0ffice365.com
URL: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.182.229.221 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
ECAcc (sac/2547) /
Resource Hash
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Sat, 16 Dec 2023 00:06:26 GMT
Content-Encoding
gzip
Content-MD5
cclsNwaya3AD0ci2cGBnrw==
Age
2435262
X-Cache
HIT
Connection
close
Content-Length
20226
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Nov 2023 00:22:21 GMT
Server
ECAcc (sac/2547)
Etag
0x8DBE70343D336EF
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
9ad7e701-001e-005b-328d-191c02000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ 		673 KB
673 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Requested by
Host: access.verify-0ffice365.com
URL: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.182.229.221 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6665ca6a09f770c6679556eb86cf4234c8bdb0271049620e03199b34b4a16099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 00:06:26 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
689017
Content-Type
application/x-javascript
ux.converged.login.strings-de.min_kp3ah5h2mpeuoymeavfg1q2.js
access.verify-0ffice365.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.verify-0ffice365.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_kp3ah5h2mpeuoymeavfg1q2.js
Requested by
Host: access.verify-0ffice365.com
URL: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.182.229.221 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
ECAcc (sac/2541) /
Resource Hash
39bcd8d413593b6a7e0173ad3fb3975b8b2ef886fcaaac437b9a46be7dd6409c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Sat, 16 Dec 2023 00:06:26 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
Tqab8w/HhgiQD0l91e58Nw==
Age
971643
X-Cache
HIT
Connection
close
content-length
59083
x-ms-lease-status
unlocked
Last-Modified
Tue, 28 Nov 2023 23:05:01 GMT
Server
ECAcc (sac/2541)
Etag
0x8DBF066732C8B14
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
0fb77205-901e-00b6-7edd-26d66e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
truncated
/ 		341 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
text/javascript
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: access.verify-0ffice365.com
URL: https://access.verify-0ffice365.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MzkwMzJjYzItZTAxYy02MjcyLWNmZGEtZTZmMDRkYTgwZmFiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM4MjgxOTgyMzI1ODgwMS42YWNhNzAxZi1lNWIwLTQxOTgtODM2MS1kMTkzMDJjZmQwMDQmc3RhdGU9RFl0SkVvQWdETUNLak0tcGRHRXB6MEdRcTBlX2J3X0pKWk1BQU5FNW5FQXVhRlZOVFl5N2lVb3hJNzdxbUtNUmIzektUWmc5b1dsbFhOeVZaTzVGbElPX1ozcV9rWDQ=&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.verify-0ffice365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
oneDs_641b1cf809bdc17b42ab.js
access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
access.verify-0ffice365.com
URL
https://access.verify-0ffice365.com/aadcdn.msftauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| c object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

18 Cookies

Domain/Path Name / Value
notification.0ffice-authentication.com/ Name: qPdM
Value: FyUrosAwkr46
notification.0ffice-authentication.com/ Name: qPdM.sig
Value: TC6s4q7XIvyt-uR41CIKotqVUsQ
access.verify-0ffice365.com/ Name: qPdM
Value: FyUrosAwkr46
access.verify-0ffice365.com/ Name: qPdM.sig
Value: TC6s4q7XIvyt-uR41CIKotqVUsQ
access.verify-0ffice365.com/ Name: ClientId
Value: 51ABB1ECDE4B403EB1CF2AC63A44CAF4
access.verify-0ffice365.com/ Name: OIDC
Value: 1
access.verify-0ffice365.com/ Name: OpenIdConnect.nonce.v3.f6Nb6nsOFJ1VPPUqIp3tOxmJsMexCGkG7TgGxhSa0Is
Value: 638382819823258801.6aca701f-e5b0-4198-8361-d19302cfd004
access.verify-0ffice365.com/ Name: X-OWA-RedirectHistory
Value: ArLym14BsQxH1sr92wg
access.verify-0ffice365.com/ Name: x-ms-gateway-slice
Value: estsfd
access.verify-0ffice365.com/ Name: stsservicecookie
Value: estsfd
.access.verify-0ffice365.com/ Name: AADSSO
Value: NA|NoExtension
access.verify-0ffice365.com/ Name: SSOCOOKIEPULLED
Value: 1
access.verify-0ffice365.com/ Name: buid
Value: 0.AW8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-69cRAIuDm2XGZq9VpJpZNX-_rrAcZAEv-J8SBXTJB44oP2syECq7MkaPjokIjl7TPrNW-Z9y7SQzAX-SnyHsGy-utlu_OXyUC97ufCvm22ggAA
.access.verify-0ffice365.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Jy-5SpV-_f1VG-Im6ZW4mWyVjPlpPK1bMwpGtSXLt5SxTOQuKTZlPn4qLIUv3LCiiKhyJHXPMSfwd8jnKnT6h-yyrTzO_cl0kWUzgvi11iTX9tsncHmu_hiObTgnFkpJE-ujaFyDrwn63EGpfUd0oisytSNrSL1gsjQT0W_aBMggAA
.access.verify-0ffice365.com/ Name: esctx-3PhFHypLEo
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-w4wf1uSqe55nqoK6iEN4yRQKIrHZYQg5a7Q0gGZ9f-lfRLSDjyXmz2gdlJp9Q_75yP33X0pe9xeiK86ghdq6FpZgv3uKeSdv-usj4UaETrr4vb4jnvvQ8Fw0_7_TPfXnnrZRcy7MSLANnL6pv4ThmiAA
access.verify-0ffice365.com/ Name: fpc
Value: AlTsnVuAf_FOt2BQMykGLoOerOTJAQAAAADhDt0OAAAA
.login.live.com/ Name: uaid
Value: 94440176876448bdae3902cd07e272d9
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1702685186&co=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains