urlscan.io logo urlscan.io
SecurityTrails logo

outlook.office.com Open in urlscan Pro
2603:1026:c0d:807::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nt.embluemail.com/p/cl?data=8d9cg%2BSyaNP%2FaRwH0uUoq0p%2FUOMcKb%2FlnNafQmcO2U7h7k790gBhUSpjU2Cc5aJ%2BJL%2F8Q9Qe0S...
Effective URL: https://outlook.office.com/mail/
Submission: On December 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2603:1026:c0d:807::2, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is outlook.office.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on October 24th 2021. Valid for: a year.
This is the only time outlook.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.67.240.166 16509 (AMAZON-02)
1 1 46.17.96.20 57043 (HOSTKEY-AS)
1 3 2603:1026:c0d... 8075 (MICROSOFT...)
1 2620:1ec:46::44 8068 (MICROSOFT...)
22 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 20.44.10.122 8075 (MICROSOFT...)
1 104.111.225.185 16625 (AKAMAI-AS)
28 6
1    52.67.240.166 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-67-240-166.sa-east-1.compute.amazonaws.com
nt.embluemail.com
1    46.17.96.20 (Netherlands)

ASN57043 (HOSTKEY-AS, NL)
login.outlook09.com
3    2603:1026:c0d:807::2 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office.com
1    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
csp.microsoft.com
22    2a02:26f0:6c00:2ba::753 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.cdn.office.net
1    20.44.10.122 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
1    104.111.225.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-185.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
Domain Requested by
22 res.cdn.office.net outlook.office.com
3 outlook.office.com 1 redirects outlook.office.com
1 static2.sharepointonline.com outlook.office.com
1 browser.pipe.aria.microsoft.com outlook.office.com
1 csp.microsoft.com outlook.office.com
1 login.outlook09.com 1 redirects
1 nt.embluemail.com 1 redirects
28 7

This site contains no links.

Subject Issuer Validity Valid
outlook.com
DigiCert Cloud Services CA-1		 2021-10-24 -
2022-10-23		 a year crt.sh
csp.microsoft.com
DigiCert Cloud Services CA-1		 2021-07-21 -
2022-07-20		 a year crt.sh
*.res.outlook.com
Microsoft RSA TLS CA 02		 2021-01-20 -
2022-01-20		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2021-09-23 -
2022-09-18		 a year crt.sh
*.sharepointonline.com
Microsoft RSA TLS CA 01		 2021-07-08 -
2022-07-08		 a year crt.sh

This page contains 1 frames:

Frame: https://outlook.office.com/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8
Frame ID: 87CAA7BA817CC7846E007FEFB1A22C42
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://nt.embluemail.com/p/cl?data=8d9cg%2BSyaNP%2FaRwH0uUoq0p%2FUOMcKb%2FlnNafQmcO2U7h7k790gBhUSpjU2... HTTP 302
    https://login.outlook09.com/cKjSboIC HTTP 302
    https://outlook.office.com/mail HTTP 301
    https://outlook.office.com/mail/ Page URL

Page Statistics

28
Requests

96 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

2432 kB
Transfer

7582 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nt.embluemail.com/p/cl?data=8d9cg%2BSyaNP%2FaRwH0uUoq0p%2FUOMcKb%2FlnNafQmcO2U7h7k790gBhUSpjU2Cc5aJ%2BJL%2F8Q9Qe0SwNUiD20GnvLai5u9vMEKGwxhAyvrDtC4s%3D!-!7j6gn:!-!https://login.outlook09.com/cKjSboIC HTTP 302
    https://login.outlook09.com/cKjSboIC HTTP 302
    https://outlook.office.com/mail HTTP 301
    https://outlook.office.com/mail/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://outlook.office.com/mail/?authRedirect=true&state=0 HTTP 302
  • https://outlook.office.com/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
outlook.office.com/mail/
Redirect Chain
  • https://nt.embluemail.com/p/cl?data=8d9cg%2BSyaNP%2FaRwH0uUoq0p%2FUOMcKb%2FlnNafQmcO2U7h7k790gBhUSpjU2Cc5aJ%2BJL%2F8Q9Qe0SwNUiD20GnvLai5u9vMEKGwxhAyvrDtC4s%3D!-!7j6gn:!-!https://login.outlook09.com...
  • https://login.outlook09.com/cKjSboIC
  • https://outlook.office.com/mail
  • https://outlook.office.com/mail/
266 KB
270 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:c0d:807::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21fd40296c5d5d7a20fac02229e7e7d8f8545f97776a8bbb2f96c1e627382d0b
Security Headers
Name Value
Content-Security-Policy default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-X3f7cTqSEpUn3zHnjE3HXw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com fabriciss.azureedge.net *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'unsafe-inline' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com fonts.googleapis.com acthemeconfigs.blob.core.windows.net *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.services.web.outlook.com login.live.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com substrate.office.de *.office365-net.de *.office.de browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com graph.microsoft.de *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com asgsmsproxyapi.azurewebsites.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com aesir.office.com r3.res.outlook.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com *.msedge.net; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de *.odwebp.svc.ms; object-src *.office.net 'self' attachments.office.net; frame-ancestors 'self' teams.microsoft.com; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.de *.office365-net.us *.office.com ssl.gstatic.com 'self' *.yammer.com attachments.office.net; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
pragma
no-cache
content-length
272670
content-type
text/html
expires
-1
server
Microsoft-IIS/10.0
request-id
ed88bbe0-eb03-1516-6739-bfe3c9b73972
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443",h3-29=":443"
x-calculatedfetarget
AS8P189CU001.internal.outlook.com
x-backendhttpstatus
200 200
x-feproxyinfo
AS8P189CA0022.EURP189.PROD.OUTLOOK.COM
x-calculatedbetarget
BE0P281MB0100.DEUP281.PROD.OUTLOOK.COM
x-web-server-version
21.12.22.1
runtime_model
B2
x-beserver
BE0P281MB0100
x-clique
CLDEUP281SXF00
content-security-policy
default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-X3f7cTqSEpUn3zHnjE3HXw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com fabriciss.azureedge.net *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'unsafe-inline' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com fonts.googleapis.com acthemeconfigs.blob.core.windows.net *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.services.web.outlook.com login.live.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com substrate.office.de *.office365-net.de *.office.de browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com graph.microsoft.de *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com asgsmsproxyapi.azurewebsites.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com aesir.office.com r3.res.outlook.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com *.msedge.net; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de *.odwebp.svc.ms; object-src *.office.net 'self' attachments.office.net; frame-ancestors 'self' teams.microsoft.com; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.de *.office365-net.us *.office.com ssl.gstatic.com 'self' *.yammer.com attachments.office.net; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
x-app-name
Mail
referrer-policy
no-referrer
x-client-version
20211206021.07
x-besku
UNKNOWN
x-rum-validated
1
x-proxy-routingcorrectness
1
x-proxy-backendserverstatus
200
x-bepartition
CLDEUP281SXF00
ms-cv
4LuI7QPrFhVnOb/jybc5cg.1.1
x-feserver
AS8P189CA0022 FR3P281CA0061
x-firsthopcafeefz
HHN
x-powered-by
ASP.NET
date
Fri, 24 Dec 2021 17:17:04 GMT

Redirect headers

cache-control
no-cache
pragma
no-cache
location
https://outlook.office.com/mail/
server
Microsoft-IIS/10.0
request-id
fb74d072-71d3-eb2f-c468-43b331eed334
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-feserver
FR3P281CA0061 FR3P281CA0061
x-requestid
02f0fa42-8ae8-4efb-9854-fd5b4fa11e82
ms-cv
ctB0+9NxL+vEaEOzMe7TNA.0
x-powered-by
ASP.NET
date
Fri, 24 Dec 2021 17:17:04 GMT
content-length
0
OutlookWeb-Mail-PROD
csp.microsoft.com/report/ 		2 B
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.microsoft.com/report/OutlookWeb-Mail-PROD
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Fri, 24 Dec 2021 17:17:04 GMT
request-context
appId=cid-v1:5c791ad2-9c50-4271-a8a5-5c74d929f3ed
x-azure-ref
0kQDGYQAAAADbJXwVox91Sbj4ReSwTUzmRlJBRURHRTEwMjEAODRiZmQzM2ItM2NiYy00YWQzLTk4NmMtMGRkZmI1NzljOGQ0
x-cache
CONFIG_NOCACHE
content-type
text/plain; charset=utf-8
owa.5.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.5.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
27bbf543072e81a8f280e98e8106321da652889ec2c552683d54f63a1afb8976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:25 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f296495e-a01e-0037-4e42-f2186d000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
17159
owa.8.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.8.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
273463e5a21c812e8b0d208ecf10588e0c2f969b7564f35d5217c39a59e159c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:20 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1ef73357-f01e-0005-4342-f2181a000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
9604
owa.10.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.10.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b25d3816c6746d8a1359a2a417d37107ad868e8a255b62334044d71456d7cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:33 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae5d09b8-901e-003c-1942-f2e306000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
34455
owa.13.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.13.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1098221cbc40bef6237ff95c6f2b5e1de0fb4c475ef77f4bdf681ca325b33ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
19bb06b5-101e-001d-7642-f2c77d000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
2654
owa.SharedBoot.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		747 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.SharedBoot.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
17ecaf47e197a69b766f48fe74abade3b0f6ec447995b9be315c9120c30dba07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:24 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
918a75d1-301e-0068-6142-f2ac51000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
235264
owa.1.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.1.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
babfe196b9a72664889da90583256e5565a87a9e780ce199743aa72d96bfbc54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:23 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae5d0931-901e-003c-1a42-f2e306000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
20126
owa.2.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.2.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b502e1f17742e64659319c1a33345be63178e0fae3272006d8150eaaa4da6d83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:19 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1c41597e-d01e-0060-5b42-f2b65e000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
5243
owa.3.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.3.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
508427cb4cbbb8177d41d95d65dee8b32177c2914223e623d373b01d25f169c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:36 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
38768be4-f01e-003a-5a42-f2d0b9000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
8871
owa.4.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.4.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1f77ed7dab5d9651ac4485434c58826b1ef48f459cc3b3b3bd2c60f27a73adf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:41 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6146def6-701e-0046-0d42-f2fe46000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
4600
owa.MailBoot.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		2 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.MailBoot.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a07740bb43306576ed260172b1859066ca911d6c9270e674e63f2c7c9f737352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a53fe9dc-201e-0006-7b42-f2f97e000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
472272
owa.vendors~OfflineResolvers~ResolversWeb.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.vendors~OfflineResolvers~ResolversWeb.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42c5425bbf18ee534b0ee67a671f81290d16ec4b0fdb312954ec27e0d1554325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bfb9df7c-401e-004d-6f42-f2052d000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
3682
owa.ResolversWeb.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.ResolversWeb.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b13c267365784514780ca7b37250eb9089f69f4235867ad2a53fb5c890f07502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:25 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6146dfa6-701e-0046-2e42-f2fe46000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
7331
owa.LocalStateResolvers.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		313 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.LocalStateResolvers.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3aad045be0d2d84d7b7e71ed9102ab310c9ec5c290654bc313b4d48bbcb38c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:49 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
90520195-e01e-006b-5642-f24d35000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
222
owa.278.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		879 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.278.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eab7820977a4f08ff2eadb99d753f4c4cd712872b27f5001db733114a269223e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:52 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9f01afa6-001e-005c-7b42-f29f99000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
258566
owa.0.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.0.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f6198c336fda81202b8f4bdaaa549526c2cb00dc4e121d63533847357157e0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:46 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bf4f3008-301e-0047-5342-f2a19a000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
4845
owa.297.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		1 MB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.297.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a724da0e60f22005526acc0a16efd891ed69b591aecb41eceae216f3279aa28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:44 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ebc38b52-101e-0032-5542-f2cab6000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
349938
startupdata.ashx
outlook.office.com/owa/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outlook.office.com/owa/startupdata.ashx?app=Mail&n=0
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:c0d:807::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-message-count
32
x-owa-sessionid
b4c31aec-afc7-4228-a37a-c61868ec2fca
x-req-source
Mail
x-owa-canary
X-OWA-CANARY_cookie_is_null_or_empty
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
action
StartupData
Referer
x-owa-correlationid
1c138b65-435c-6651-ee65-1c07ccdebcbb
ms-cv
cSvhZU9xwSswgr/NTxIa+s.0
x-js-experiment
5

Response headers

x-beserver
BE0P281MB0211
strict-transport-security
max-age=31536000; includeSubDomains; preload
www-authenticate
Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", authorization_uri="https://login.windows.net/common/oauth2/authorize"
x-proxy-backendserverstatus
401
x-backend-end
2021-12-24T17:17:05.121
x-owa-forest
DEUP281.PROD.OUTLOOK.COM
x-calculatedfetarget
AM6P195CU001.internal.outlook.com
server
Microsoft-IIS/10.0
x-backendhttpstatus
401, 401
x-feproxyinfo
AM6P195CA0008.EURP195.PROD.OUTLOOK.COM
x-rum-validated
1
request-id
7639b281-e19e-b65d-e194-229c54a441a4
alt-svc
h3=":443",h3-29=":443"
content-length
0
x-backend-begin
2021-12-24T17:17:05.121
x-ua-compatible
IE=EmulateIE7
x-owa-dag
DEUP281DG014
x-calculatedbetarget
BE0P281MB0211.DEUP281.PROD.OUTLOOK.COM
date
Fri, 24 Dec 2021 17:17:04 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HHN"}],"include_subdomains":true}
x-iids
0
x-firsthopcafeefz
HHN
x-diaginfo
BE0P281MB0211
x-besku
WCS6
x-owa-correlationid
1c138b65-435c-6651-ee65-1c07ccdebcbb
x-owa-diagnosticsinfo
6;2;0
x-proxy-routingcorrectness
1
x-content-type-options
nosniff
x-feserver
AM6P195CA0008, FR3P281CA0061
analytics-ping.js
res.cdn.office.net/owamail/20211206021.07/resources/ 		34 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/resources/analytics-ping.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:15 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
85ee1471-401e-0010-5642-f20fa9000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
54
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=3b1ea01450be48f29759d868931e225d-7167685b-f6ff-421c-aa64-8ae16fe92128-7283
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 17:17:05 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
880
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
owa.42.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.42.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
86a6fb431663084ccf929a02b0ea0907c846d9f5960d59950ac2c678cce2ff1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:58 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
85ee142c-401e-0010-1342-f20fa9000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
4294
owa.vendors~MailRoutes.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.vendors~MailRoutes.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
25412e184b8e087bb0b592b73d3cf950f50a74bb9fd5e64777f6be402c5c1c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:35 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d30e3c6-c01e-0043-7942-f22c9d000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
5859
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-185.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://outlook.office.com/
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 24 Dec 2021 17:17:05 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
acf6ab5b-401e-0096-046c-528ffc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=12990911
x-ms-version
2009-09-19
content-length
36344
owa.MailRibbon.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		2 MB
670 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.MailRibbon.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb028f17d2b0bab634029e54e949942e49d991bc6f41a44f500d8afe1d47ca2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:44 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5060b2a-d01e-0002-4a42-f27479000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
683913
owa.1919.js
res.cdn.office.net/owamail/20211206021.07/scripts/ 		467 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/owamail/20211206021.07/scripts/owa.1919.js
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c27dd8cc796239f585ac97f4c11d22d96c9e0cf2e736c8c03b7a7fde369df6e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 00:08:33 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
31e07ab6-e01e-0054-7242-f28596000000
access-control-expose-headers
date
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
325
segoeui-regular.woff2
res.cdn.office.net/assets/mail/fonts/v1/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/assets/mail/fonts/v1/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: outlook.office.com
URL: https://outlook.office.com/mail/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ba::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://outlook.office.com/
Origin
https://outlook.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 17:17:05 GMT
last-modified
Fri, 06 Nov 2020 19:04:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
4b7fd96f-801e-001a-7500-b649ea000000
access-control-expose-headers
date
cache-control
max-age=630720000
timing-allow-origin
*
content-length
36344
/
outlook.office.com/owa/
Redirect Chain
  • https://outlook.office.com/mail/?authRedirect=true&state=0
  • https://outlook.office.com/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
outlook.office.com
URL
https://outlook.office.com/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20vbWFpbC8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
outlook.office.com/ Name: ClientId
Value: 982698B3729C44CD9659D914D6AEBD12
outlook.office.com/ Name: OIDC
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://outlook.office.com/owa/startupdata.ashx?app=Mail&n=0
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-X3f7cTqSEpUn3zHnjE3HXw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com fabriciss.azureedge.net *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'unsafe-inline' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com fonts.googleapis.com acthemeconfigs.blob.core.windows.net *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.services.web.outlook.com login.live.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com substrate.office.de *.office365-net.de *.office.de browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com graph.microsoft.de *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com asgsmsproxyapi.azurewebsites.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com aesir.office.com r3.res.outlook.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com *.msedge.net; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de *.odwebp.svc.ms; object-src *.office.net 'self' attachments.office.net; frame-ancestors 'self' teams.microsoft.com; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.de *.office365-net.us *.office.com ssl.gstatic.com 'self' *.yammer.com attachments.office.net; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.pipe.aria.microsoft.com
csp.microsoft.com
login.outlook09.com
nt.embluemail.com
outlook.office.com
res.cdn.office.net
static2.sharepointonline.com
outlook.office.com
104.111.225.185
20.44.10.122
2603:1026:c0d:807::2
2620:1ec:46::44
2a02:26f0:6c00:2ba::753
46.17.96.20
52.67.240.166
1098221cbc40bef6237ff95c6f2b5e1de0fb4c475ef77f4bdf681ca325b33ad9
17ecaf47e197a69b766f48fe74abade3b0f6ec447995b9be315c9120c30dba07
1f77ed7dab5d9651ac4485434c58826b1ef48f459cc3b3b3bd2c60f27a73adf5
21fd40296c5d5d7a20fac02229e7e7d8f8545f97776a8bbb2f96c1e627382d0b
25412e184b8e087bb0b592b73d3cf950f50a74bb9fd5e64777f6be402c5c1c05
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273463e5a21c812e8b0d208ecf10588e0c2f969b7564f35d5217c39a59e159c6
27bbf543072e81a8f280e98e8106321da652889ec2c552683d54f63a1afb8976
3aad045be0d2d84d7b7e71ed9102ab310c9ec5c290654bc313b4d48bbcb38c47
42c5425bbf18ee534b0ee67a671f81290d16ec4b0fdb312954ec27e0d1554325
508427cb4cbbb8177d41d95d65dee8b32177c2914223e623d373b01d25f169c1
6b25d3816c6746d8a1359a2a417d37107ad868e8a255b62334044d71456d7cc6
86a6fb431663084ccf929a02b0ea0907c846d9f5960d59950ac2c678cce2ff1e
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a07740bb43306576ed260172b1859066ca911d6c9270e674e63f2c7c9f737352
a724da0e60f22005526acc0a16efd891ed69b591aecb41eceae216f3279aa28e
b13c267365784514780ca7b37250eb9089f69f4235867ad2a53fb5c890f07502
b502e1f17742e64659319c1a33345be63178e0fae3272006d8150eaaa4da6d83
babfe196b9a72664889da90583256e5565a87a9e780ce199743aa72d96bfbc54
c27dd8cc796239f585ac97f4c11d22d96c9e0cf2e736c8c03b7a7fde369df6e1
d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab7820977a4f08ff2eadb99d753f4c4cd712872b27f5001db733114a269223e
eb028f17d2b0bab634029e54e949942e49d991bc6f41a44f500d8afe1d47ca2f
f6198c336fda81202b8f4bdaaa549526c2cb00dc4e121d63533847357157e0fe