outlook.live.com.office.mcafeedemo.rockyseo.myshn.net Open in urlscan Pro
44.242.128.240  Malicious Activity! Public Scan

Submitted URL: https://security.live.com.office.mcafeedemo.rockyseo.myshn.net/
Effective URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Submission: On December 01 via api from JP — Scanned from JP

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 44.242.128.240, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is outlook.live.com.office.mcafeedemo.rockyseo.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on December 1st 2022. Valid for: a year.
This is the only time outlook.live.com.office.mcafeedemo.rockyseo.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook (Online)

Domain & IP information

IP Address AS Autonomous System
1 14 44.241.184.14 16509 (AMAZON-02)
1 44.242.128.240 16509 (AMAZON-02)
15 3
Domain Requested by
13 ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
1 outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
1 security.live.com.office.mcafeedemo.rockyseo.myshn.net 1 redirects
0 az725175.vo.msecnd.net.office.mcafeedemo.rockyseo.myshn.net Failed outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
15 4

This site contains no links.

Subject Issuer Validity Valid
office.mcafeedemo.rockyseo.myshn.net
GlobalSign RSA OV SSL CA 2018
2022-12-01 -
2024-01-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Frame ID: 9FCB1C853DA0E8051BBE912DAF81C2D6
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://security.live.com.office.mcafeedemo.rockyseo.myshn.net/ HTTP 301
    https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

3
IPs

1
Countries

863 kB
Transfer

1043 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://security.live.com.office.mcafeedemo.rockyseo.myshn.net/ HTTP 301
    https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Redirect Chain
  • https://security.live.com.office.mcafeedemo.rockyseo.myshn.net/
  • https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
40 KB
11 KB
Document
General
Full URL
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.242.128.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-128-240.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0e7e3614409fdc1c45e322e7da56da4d529ebcbdac154bcc3da8353985e5b8f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Alt-Svc
h3=":443",h3-29=":443"
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8724
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Dec 2022 05:44:07 GMT
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=EAT"}],"include_subdomains":true}
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-BEServer
BN6PR02MB2852
X-BackEnd-Begin
2022-12-01T05:44:07.683
X-BackEnd-End
2022-12-01T05:44:07.761
X-BackEndHttpStatus
200 200
X-BeSku
Gen9
X-CalculatedBETarget
BN6PR02MB2852.namprd02.prod.outlook.com
X-CalculatedFETarget
BN9PR03CU030.internal.outlook.com
X-Content-Type-Options
nosniff
X-DiagInfo
BN6PR02MB2852
X-FEEFZInfo
EAT
X-FEProxyInfo
MW4PR02CA0013.NAMPRD02.PROD.OUTLOOK.COM
X-FEServer
BN9PR03CA0858 MW4PR02CA0013
X-FirstHopCafeEFZ
EAT
X-MS-ForwardingCorrelationId
090be969-8754-49dd-a29b-b1e7ce2501c2
X-Proxy-BackendServerStatus
200
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
X-UA-Compatible
IE=EmulateIE7
request-id
ae315fee-6ef8-d665-c1f4-34e6be90b0c0

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 01 Dec 2022 05:44:06 GMT
Location
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Server
nginx
X-MSEdge-Ref
Ref A: D3A16158B91D4423B7F140F06C423BD7 Ref B: WSTEDGE1115 Ref C: 2022-12-01T05:44:06Z
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
jsll-4.js
az725175.vo.msecnd.net.office.mcafeedemo.rockyseo.myshn.net/scripts/
0
0

vh-check.min.js
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/
899 B
1 KB
Script
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/vh-check.min.js
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4fdd6e4cb2c2a3940a3425018c99115cce42bfb99e2eab44aef5ac10ab5c45aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
416
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
defda921-801e-0030-6f9f-ce740e000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
jquery-3.6.0.min.js
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/
87 KB
31 KB
Script
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/jquery-3.6.0.min.js
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8ffc26efed96228373a1b47b819f84dfc6e6b14e05289ab7fd41ed85c0bd0864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
31003
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
1ff49cf0-a01e-0037-6b9f-ce186d000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
lazyload.min.js
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/
5 KB
3 KB
Script
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/lazyload.min.js
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3d537fb9e273d85d6003624569dd8ed7db095a1ed6cf4988e4c498e112ee236b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
2057
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
3acfb53f-d01e-004f-5b9f-cebb95000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
jquery.onscreen.js
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/
6 KB
3 KB
Script
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/jquery.onscreen.js
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
558d8b7bd64db0779111105432910945d802cbe1e236341f37e5b1d1f9a6f009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
2342
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
a7d249b2-b01e-003b-7e9f-ce8f65000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
device-utils.js
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/
781 B
1 KB
Script
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/device-utils.js
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0f536c3e41fa697f72975955796ab70428bd2cd57605a72e2ee2c73697d0175c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
433
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
4c3887a3-001e-0001-6a9f-ce951d000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
dom-scripts.js
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/
5 KB
2 KB
Script
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/javascripts/dom-scripts.js
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a768cb0bec908d25f90847eca4def8ce690fdd268b73c6c1adf6c2ca0b52a3c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
1892
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
df98311b-801e-0052-599f-ceb629000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
compiled.css
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/stylesheets/
105 KB
15 KB
Stylesheet
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/stylesheets/compiled.css
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9bca45a8af173301105f3817ec04e9746ac6fc948862f72b14ca054709831d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
14810
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
d05131ee-901e-002c-749f-ce266e000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
mobile-scenario-triptych-android-01.png
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/
82 KB
83 KB
Image
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/mobile-scenario-triptych-android-01.png
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c3bf32ab9960748430a62f0d709a13e410dddee3ac6f10950d94337b49355d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
a4694c2c-c01e-0043-649f-ce2c9d000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
83924
mobile-scenario-triptych-android-02.png
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/
85 KB
85 KB
Image
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/mobile-scenario-triptych-android-02.png
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8c07b86a081e65e922020324f7be8133c7077926373b7c7e2add9cb009fc445f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
19e6b25c-d01e-0070-3e9f-ce7336000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
86698
mobile-scenario-triptych-android-03.png
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/
77 KB
77 KB
Image
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/mobile-scenario-triptych-android-03.png
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5707747b4121c88eaf38ecaca02bc74495008df9dfce23a00177ffe8db4366a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
9e0e7e99-101e-006f-389f-cec032000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
78422
mobile-scenario-triptych-ios-01.png
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/
266 KB
267 KB
Image
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/mobile-scenario-triptych-ios-01.png
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0a578abe8f72ec3b12545c88589b6f5977cec529d8a3b019268368e71cf1cc4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
b6b2b41f-701e-001b-7a9f-cef4c2000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
272801
mobile-scenario-triptych-ios-02.png
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/
198 KB
199 KB
Image
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/mobile-scenario-triptych-ios-02.png
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
13e8e3a74cce3422361296647326cdbc26ec35edfba0978df2373cb5084281bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
d22dc8fd-501e-0023-679f-ce5002000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
202867
mobile-scenario-triptych-ios-03.png
ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/
85 KB
86 KB
Image
General
Full URL
https://ow2.res.office365.com.office.mcafeedemo.rockyseo.myshn.net/owalanding/2022.9.20.02/images/mobile-scenario-triptych-ios-03.png
Requested by
Host: outlook.live.com.office.mcafeedemo.rockyseo.myshn.net
URL: https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/owa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.241.184.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-184-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e439f95877097c81c33c8ad37d9ddec0c17f572f96703738f6fd90583fc1c283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 05:44:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 21 Sep 2022 07:03:59 GMT
Server
nginx
X-CDN-Provider
Akamai
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
b2966df2-401e-004d-0f9f-ce052d000000
Access-Control-Expose-Headers
date,Akamai-Request-BC
Cache-Control
max-age=630720000
Connection
keep-alive
X-SkyHigh-Version
BuildNumber=31, BuildDate=2022-11-30 12:59
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
87308

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
az725175.vo.msecnd.net.office.mcafeedemo.rockyseo.myshn.net
URL
https://az725175.vo.msecnd.net.office.mcafeedemo.rockyseo.myshn.net/scripts/jsll-4.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

2 Cookies

Domain/Path Name / Value
outlook.live.com.office.mcafeedemo.rockyseo.myshn.net/ Name: ClientId
Value: 6A4C290A56284B669706CC4168223F81
.live.com.office.mcafeedemo.rockyseo.myshn.net/ Name: logonLatency
Value: LGN01=638054702476994179

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff