Submitted URL: http://autodiscover.promotorameraki.com/
Effective URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On October 25 via api from US — Scanned from CA

Summary

This website contacted 8 IPs in 1 countries across 8 domains to perform 38 HTTP transactions. The main IP is 2603:1036:3000:60::d, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 9.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 31st 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2603:1036:302... 8075 (MICROSOFT...)
2 5 2603:1036:304... 8075 (MICROSOFT...)
26 2606:2800:11f... 15133 (EDGECAST)
3 2603:1036:300... 8075 (MICROSOFT...)
1 13.89.179.13 8075 (MICROSOFT...)
1 2620:1ec:bdf::38 8075 (MICROSOFT...)
1 20.190.155.2 8075 (MICROSOFT...)
1 2603:1036:304... 8075 (MICROSOFT...)
38 8
Apex Domain
Subdomains
Transfer
15 static.microsoft
res.public.onecdn.static.microsoft — Cisco Umbrella Rank: 284
1 MB
11 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 866
348 KB
6 office365.com
outlook.office365.com — Cisco Umbrella Rank: 36
23 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9
26 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 860
49 KB
1 microsoft.com
csp.microsoft.com Failed
browser.events.data.microsoft.com — Cisco Umbrella Rank: 76
585 B
1 promotorameraki.com
autodiscover.promotorameraki.com
554 B
38 8
Domain Requested by
15 res.public.onecdn.static.microsoft outlook.office365.com
res.public.onecdn.static.microsoft
11 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
6 outlook.office365.com 2 redirects res.public.onecdn.static.microsoft
aadcdn.msftauth.net
3 login.microsoftonline.com res.public.onecdn.static.microsoft
aadcdn.msauth.net
1 login.live.com login.microsoftonline.com
1 aadcdn.msauth.net login.microsoftonline.com
1 browser.events.data.microsoft.com res.public.onecdn.static.microsoft
1 autodiscover.promotorameraki.com 1 redirects
0 csp.microsoft.com Failed res.public.onecdn.static.microsoft
38 9

This site contains links to these domains. Also see Links.

Domain
outlook.office365.com
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
outlook.com
DigiCert Cloud Services CA-1
2024-06-27 -
2025-06-26
a year crt.sh
*.public.onecdn.static.microsoft
Microsoft Azure RSA TLS Issuing CA 03
2024-06-13 -
2025-06-08
a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2024-08-31 -
2025-02-28
6 months crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04
2024-09-27 -
2025-09-22
a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA
2024-07-30 -
2025-07-30
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2024-05-25 -
2025-05-25
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2024-08-28 -
2025-02-28
6 months crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Frame ID: 22139D2821780E99E8A25FB8FBE47764
Requests: 36 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 52520813048D09B971E13C3D868B473D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Sign in to Outlook

Page URL History Show full URLs

  1. http://autodiscover.promotorameraki.com/ HTTP 307
    https://autodiscover.promotorameraki.com/ HTTP 307
    http://autodiscover.promotorameraki.com/ HTTP 301
    https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover Page URL
  2. https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover&authRedirect=true&state=0 HTTP 302
    https://outlook.office365.com/owa/?realm=promotorameraki.com&vd=autodiscover&state=1&redirectTo=aHR0cHM6Ly... HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
  3. https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

38
Requests

95 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

8
IPs

1
Countries

1907 kB
Transfer

6913 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://autodiscover.promotorameraki.com/ HTTP 307
    https://autodiscover.promotorameraki.com/ HTTP 307
    http://autodiscover.promotorameraki.com/ HTTP 301
    https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover Page URL
  2. https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover&authRedirect=true&state=0 HTTP 302
    https://outlook.office365.com/owa/?realm=promotorameraki.com&vd=autodiscover&state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZTM2NS5jb20vbWFpbC8_cmVhbG09cHJvbW90b3JhbWVyYWtpLmNvbSZ2ZD1hdXRvZGlzY292ZXI HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw Page URL
  3. https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://autodiscover.promotorameraki.com/ HTTP 307
  • https://autodiscover.promotorameraki.com/ HTTP 307
  • http://autodiscover.promotorameraki.com/ HTTP 301
  • https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Request Chain 19
  • https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover&authRedirect=true&state=0 HTTP 302
  • https://outlook.office365.com/owa/?realm=promotorameraki.com&vd=autodiscover&state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZTM2NS5jb20vbWFpbC8_cmVhbG09cHJvbW90b3JhbWVyYWtpLmNvbSZ2ZD1hdXRvZGlzY292ZXI HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
outlook.office365.com/mail/
Redirect Chain
  • http://autodiscover.promotorameraki.com/
  • https://autodiscover.promotorameraki.com/
  • http://autodiscover.promotorameraki.com/
  • https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
11 KB
9 KB
Document
General
Full URL
https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:304:800::2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f3a18761484d9055d2063abe1f38b469612b155bf1c77a18e4aaa7f38a8cacb2
Security Headers
Name Value
Content-Security-Policy default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft swx.cdn.skype.com 'self'; script-src 'nonce-/1AnVd3MFQyhHXvvUxDZ0A==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft static.teams.microsoft.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com *.engage.cloud.microsoft 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.services.web.outlook.com login.live.com login.microsoftonline.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com newspro.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com *.engage.cloud.microsoft wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com wss://augloop.office.com wss://*.augloop.office.com wss://augloop.svc.cloud.microsoft wss://*.augloop.svc.cloud.microsoft aesir.office.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com arc.msn.com *.dynamics.com *.mos.microsoft.com ris.api.iris.microsoft.com services.bingapis.com prod-autodetect.outlookmobile.com *.googleapis.com admin.microsoft.com admin.microsoft.com *.bpa.microsoft.com teams.cloud.microsoft api.tenor.com attachment.outlook.live.net *.msedge.net app.whiteboard.microsoft.com whiteboard.office.com whiteboard.cloud.microsoft outlook.cloud.microsoft identity.osi.office.net wss://substrate.office.com *.adnxs.com; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms login.microsoftonline.com; object-src *.office.net 'self' attachments.office.net attachment.outlook.live.net; frame-ancestors 'self' teams.microsoft.com ; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com *.engage.cloud.microsoft; media-src blob: *.res.office365.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.sharepoint-df.com *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com *.engage.cloud.microsoft attachments.office.net attachment.outlook.live.net *.sharepoint.com; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft swx.cdn.skype.com 'self'; script-src 'nonce-/1AnVd3MFQyhHXvvUxDZ0A==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft static.teams.microsoft.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com *.engage.cloud.microsoft 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.services.web.outlook.com login.live.com login.microsoftonline.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com newspro.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com *.engage.cloud.microsoft wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com wss://augloop.office.com wss://*.augloop.office.com wss://augloop.svc.cloud.microsoft wss://*.augloop.svc.cloud.microsoft aesir.office.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com arc.msn.com *.dynamics.com *.mos.microsoft.com ris.api.iris.microsoft.com services.bingapis.com prod-autodetect.outlookmobile.com *.googleapis.com admin.microsoft.com admin.microsoft.com *.bpa.microsoft.com teams.cloud.microsoft api.tenor.com attachment.outlook.live.net *.msedge.net app.whiteboard.microsoft.com whiteboard.office.com whiteboard.cloud.microsoft outlook.cloud.microsoft identity.osi.office.net wss://substrate.office.com *.adnxs.com; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms login.microsoftonline.com; object-src *.office.net 'self' attachments.office.net attachment.outlook.live.net; frame-ancestors 'self' teams.microsoft.com ; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com *.engage.cloud.microsoft; media-src blob: *.res.office365.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.sharepoint-df.com *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com *.engage.cloud.microsoft attachments.office.net attachment.outlook.live.net *.sharepoint.com; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD;
content-type
text/html
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Oct 2024 13:29:18 GMT
expires
-1
link
<https://res.public.onecdn.static.microsoft/>; rel="preconnect"
ms-cv
H8tAlbngg+RshW8BB2gTEQ.1.1
origin-trial
AgxVPru/jRUesV9k7Pn5/osZuJ4g/2sL76bPZejtrjsFofGlatTE4sbavhadrkBNum06aL1ghYYaKcX04fiRdAIAAABveyJvcmlnaW4iOiJodHRwczovL29mZmljZS5jb206NDQzIiwiZmVhdHVyZSI6IkxvbmdBbmltYXRpb25GcmFtZVRpbWluZyIsImV4cGlyeSI6MTcxNjk0MDc5OSwiaXNTdWJkb21haW4iOnRydWV9
pragma
no-cache
referrer-policy
no-referrer
request-id
9540cb1f-e0b9-e483-6c85-6f0107681311
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-app-name
Mail
x-backendhttpstatus
200 200
x-beserver
DM6PR04MB6667
x-besku
UNKNOWN
x-calculatedbetarget
DM6PR04MB6667.NAMPRD04.PROD.OUTLOOK.COM
x-calculatedfetarget
DS7PR03CU001.internal.outlook.com
x-client-version
20241011003.19
x-clique
CLNAMPRD04DSM05
x-feefzinfo
MDW
x-feproxyinfo
CH0PR04CA0071.NAMPRD04.PROD.OUTLOOK.COM
x-feserver
DS7PR03CA0008 CH0PR04CA0071
x-firsthopcafeefz
MDW
x-nanoproxy
1
x-powered-by
ASP.NET
x-preferredroutingkeydiagnostics
0
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-web-server-version
24.10.22.2

Redirect headers

Cache-Control
no-cache
Connection
close
Content-Length
0
Date
Fri, 25 Oct 2024 13:29:18 GMT
Location
https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
MS-CV
Qk58giPbsnwjPZrg68Vdlw.0
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-FEEFZInfo
MNZ
X-FEProxyInfo
BL1PR13CA0392.NAMPRD13.PROD.OUTLOOK.COM
X-FEServer
BL1PR13CA0392 BL1PR13CA0392
X-Powered-By
ASP.NET
X-RequestId
a1ef2abd-ef44-4547-9865-51112636c7e0
request-id
827c4e42-db23-7cb2-233d-9ae0ebc55d97
owa.mail.runtime.d69d6437.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
301 KB
153 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.d69d6437.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D170) /
Resource Hash
be99823b745af0cc591333257efa9d0a2ad080f9c911d1712e61f095ef4ca56c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
41556
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=1686401147311593885915331847520072695322"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 01:13:39 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
4be4afc9-101e-003a-0c81-267278000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
156310
server
ECAcc (nyd/D170)
owa.mailindex.50712045.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
337 KB
101 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.50712045.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D150) /
Resource Hash
c0722b528ea0f1ab9c0ace144b97c8da286dcd727e7ae85c2a8cac4c2f8baae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
115396
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=1028860464226812961816327587495781303430"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 20:43:51 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
7f5a7655-f01e-0022-70d5-25ad1f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
102976
server
ECAcc (nyd/D150)
owa.15082.m.43f66860.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
2 MB
553 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.15082.m.43f66860.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D14C) /
Resource Hash
7b2406109f3eaa6cd748eaa6c9594061f09c4ad3cce142f2fc7661866599c12e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
74823
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=908357833892672033316942657239132730404"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 13:48:32 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
fc8cb201-001e-0009-6e33-262dd3000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
565533
server
ECAcc (nyd/D14C)
owa.AppBoot.m.c2c3f3ac.css
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
91 KB
15 KB
Stylesheet
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.c2c3f3ac.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D148) /
Resource Hash
10dfdcbf451c15be483c6f7bdcb5ab8b5c8aa634ff8c0926f2f8c4ce6002900f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
594849
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=469981349701058713613486763519508025476"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 13:39:46 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
e5330c1b-b01e-000c-4478-21ff08000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
14970
server
ECAcc (nyd/D148)
owa.AppBoot.m.4ff84d9c.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
2 MB
445 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.4ff84d9c.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D144) /
Resource Hash
f4247bdbe376504bbf4900104961e8da3ae3078a08765b3f3f7e6f2b8d3eb716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
115396
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=115913063901717705617541209436413652718"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 23:31:27 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
a007d756-901e-0056-1bd5-2599ef000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
455471
server
ECAcc (nyd/D144)
owa.25147.m.a9a004f7.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
20 KB
8 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.25147.m.a9a004f7.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D13A) /
Resource Hash
b013dffdbb8997516b2e5a8dda9f76424dd7339d30aa81834c3c8e3aa2432ec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
599766
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=172376615323051544924958590360447371756"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Fri, 13 Sep 2024 13:41:07 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
0d837f5c-701e-002c-6d6d-2184af000000
access-control-allow-origin
*
content-length
7385
server
ECAcc (nyd/D13A)
owa.61348.m.d63777b1.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
5 KB
2 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.61348.m.d63777b1.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D12C) /
Resource Hash
53601fce24bcc802e69fedfd2d75ce41ddad1842d3cb732ea7c0230fcbc3271d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
249400
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=79208078854805060221995843674670396740"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 13:38:08 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
ccd0e554-001e-0044-5d9d-24e23f000000
access-control-allow-origin
*
content-length
2002
server
ECAcc (nyd/D12C)
owa.2069.m.c813c80c.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
290 KB
59 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.2069.m.c813c80c.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D149) /
Resource Hash
edf85804f49186592fdbce8f8674cc0a8bd9d0d4ea9d764cc537c9921e875a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
74823
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=165496071172976408110651055162254220367"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 13:48:26 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
55352cb4-c01e-0016-7b33-269ed7000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
59672
server
ECAcc (nyd/D149)
owa.MsalAuth.m.bf677c7c.js
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/
23 KB
8 KB
Script
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.bf677c7c.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D144) /
Resource Hash
b6c550113680f8fa8fb3ba4d3d7cbd4f7e7f59078611e8918e246f6f3ffe2871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
594850
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=103016479485069844515435534825795291461"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 13:39:11 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
d26fa4c4-701e-0013-4078-214c0c000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
7550
server
ECAcc (nyd/D144)
microsoft.svg
res.public.onecdn.static.microsoft/assets/framework/
3 KB
1 KB
Image
General
Full URL
https://res.public.onecdn.static.microsoft/assets/framework/microsoft.svg
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D150) /
Resource Hash
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
age
585062
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=1227828083370476934318225223447068154910"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
image/svg+xml
last-modified
Wed, 30 Aug 2023 00:31:42 GMT
vary
Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
x-ms-request-id
7ce0c19a-201e-0031-658f-218913000000
access-control-allow-origin
*
content-length
1267
server
ECAcc (nyd/D150)
startupdata.ashx
outlook.office365.com/owa/
0
1 KB
Fetch
General
Full URL
https://outlook.office365.com/owa/startupdata.ashx?app=Mail&n=0
Requested by
Host: res.public.onecdn.static.microsoft
URL: https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.50712045.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:304:800::2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-req-source
Mail
action
StartupData
x-js-experiment
5
Referer
x-owa-hosted-ux
false
x-owa-bootflights
localStorageOwaPrefix,fwk-analytics-addons,dev-offlineMultiAccountDB,fwk-skipnavbardataonhosted,cal-widgets-upn-validation,auth-cacheTokenForMetaOsHub,auth-useAuthTokenClaimsForMetaOsHub,auth-msaljs-landingpage
ms-cv
joVzqLQxqG5sFQ8v318CBU.0
x-owa-canary
X-OWA-CANARY_cookie_is_null_or_empty
x-owa-sessionid
0c124cdb-8496-4c40-8419-fdc4ed62f67f
x-message-count
25
prefer
exchange.behavior="IncludeThirdPartyOnlineMeetingProviders"
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
x-owa-correlationid
accountPolicy_19404791-cf76-6861-c5e2-07abb0b00b61

Response headers

x-feserver
BN9P220CA0012, CH0PR04CA0071
x-besku
WCS7
x-rum-notupdatequerieddbcopy
1
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MDW&RemoteIP=2001:4958:1420::&Environment=MT"}],"include_subdomains":true}
x-content-type-options
nosniff
request-id
e59b0e23-2e92-6ddc-8899-995158782d89
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
x-proxy-routingcorrectness
1
x-owa-correlationid
accountPolicy_19404791-cf76-6861-c5e2-07abb0b00b61
x-rum-validated
1
x-responseorigin
OwaAppPool
x-feefzinfo
MDW
x-calculatedfetarget
BN9P220CU001.internal.outlook.com
content-length
0
x-calculatedbetarget
IA0PR04MB8889.namprd04.prod.outlook.com
server
Microsoft-IIS/10.0
x-firsthopcafeefz
MDW
x-backend-begin
2024-10-25T13:29:20.593
x-diaginfo
IA0PR04MB8889
x-owa-forest
namprd04.prod.outlook.com
x-ua-compatible
IE=EmulateIE7
date
Fri, 25 Oct 2024 13:29:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-owa-dag
NAMPR04DG546
www-authenticate
Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize"
x-feproxyinfo
CH0PR04CA0071.NAMPRD04.PROD.OUTLOOK.COM
x-owa-diagnosticsinfo
13;0;0;
x-backend-end
2024-10-25T13:29:20.608
x-backendhttpstatus
401, 401
x-rum-notupdatequeriedpath
1
x-proxy-backendserverstatus
401
x-beserver
IA0PR04MB8889
OutlookWeb-Mail-PROD
csp.microsoft.com/report/
0
0

segoeui-light.woff
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/
24 KB
25 KB
Font
General
Full URL
https://res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-light.woff
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D17D) /
Resource Hash
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
age
585054
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=399505496594982132812819420988779621302"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/octet-stream
last-modified
Fri, 06 Nov 2020 19:04:20 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-ms-request-id
db1bacfb-c01e-0074-5e8f-215cf0000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
24741
server
ECAcc (nyd/D17D)
segoeui-semilight.woff
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/
29 KB
29 KB
Font
General
Full URL
https://res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-semilight.woff
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D127) /
Resource Hash
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
age
585054
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=1832619090618854590612321350164390527458"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/octet-stream
last-modified
Fri, 06 Nov 2020 19:04:20 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-ms-request-id
17c97204-c01e-005b-6b8f-21513b000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
29464
server
ECAcc (nyd/D127)
segoeui-regular.woff
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/
34 KB
34 KB
Font
General
Full URL
https://res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-regular.woff
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D13C) /
Resource Hash
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
age
585054
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=99443010677407790262271446161415515573"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/octet-stream
last-modified
Fri, 06 Nov 2020 19:04:20 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-ms-request-id
f74646c0-601e-000f-078f-211e6c000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
34924
server
ECAcc (nyd/D13C)
segoeui-semibold.woff
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/
31 KB
32 KB
Font
General
Full URL
https://res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-semibold.woff
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D191) /
Resource Hash
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://outlook.office365.com
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
age
585054
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=747830281648831600318238810431309008558"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
application/octet-stream
last-modified
Fri, 06 Nov 2020 19:04:20 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-ms-request-id
f181ed71-b01e-0023-258f-21f2c3000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
31712
server
ECAcc (nyd/D191)
e227001d-1603-4799-9051-47edc37b948a
https://outlook.office365.com/ Frame
0
0

boot-analytics-ping.js
res.public.onecdn.static.microsoft/owamail/20241011003.19/resources/
34 B
64 B
Fetch
General
Full URL
https://res.public.onecdn.static.microsoft/owamail/20241011003.19/resources/boot-analytics-ping.js
Requested by
Host: res.public.onecdn.static.microsoft
URL: https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.50712045.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D19A) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
age
41556
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Montreal&ASN=577&Country=CA&Region=QC&RequestIdentifier=434331591253615626211592000968784823026"}],"include_subdomains ":true}
access-control-allow-methods
GET,HEAD,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
HIT
x-cdn-provider
Verizon
date
Fri, 25 Oct 2024 13:29:21 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 01:09:01 GMT
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-ms-request-id
17259da8-b01e-000c-3081-26ff08000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
34
server
ECAcc (nyd/D19A)
authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • https://outlook.office365.com/mail/?realm=promotorameraki.com&vd=autodiscover&authRedirect=true&state=0
  • https://outlook.office365.com/owa/?realm=promotorameraki.com&vd=autodiscover&state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZTM2NS5jb20vbWFpbC8_cmVhbG09cHJvbW90b3JhbWVyYWtpLmNvbSZ2ZD1hdXRvZGlzY292ZXI
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
20 KB
10 KB
Document
General
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw
Requested by
Host: res.public.onecdn.static.microsoft
URL: https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.50712045.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::d Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a119a1b011695eddc7329cde2ca9910244913132c3a53599f2833609eb4bcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
8585
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 13:29:21 GMT
expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ms-ests-server
2.1.19184.6 - WUS3 ProdSlices
x-ms-request-id
2ae9c730-932c-401d-8261-063ba19ec500
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
1020
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 13:29:20 GMT
location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MDW&RemoteIP=2001:4958:1420::&Environment=MT"}],"include_subdomains":true}
request-id
40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-10-25T13:29:21.338
x-backend-end
2024-10-25T13:29:21.338
x-backendhttpstatus
302 302
x-beserver
CO1PR04MB8298
x-besku
WCS6
x-calculatedbetarget
CO1PR04MB8298.namprd04.PROD.OUTLOOK.COM
x-calculatedfetarget
MW4PR04CU006.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
CO1PR04MB8298
x-feefzinfo
MDW
x-feproxyinfo
CH0PR04CA0071.NAMPRD04.PROD.OUTLOOK.COM
x-feserver
MW4PR04CA0160 CH0PR04CA0071
x-firsthopcafeefz
MDW
x-owa-diagnosticsinfo
5;0;0;
x-proxy-backendserverstatus
302
x-proxy-routingcorrectness
1
x-responseorigin
OwaAppPool
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
585 B
Ping
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.3.0&apikey=56468f6991c348029c6bba403b444607-7f5d6cd1-7fbe-4ab1-be03-3b2b6aeb3eb4-7696&upload-time=1729862961125&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
Requested by
Host: res.public.onecdn.static.microsoft
URL: https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.50712045.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.179.13 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://outlook.office365.com
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length
0
date
Fri, 25 Oct 2024 13:29:21 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
390
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
favicon.ico
outlook.office365.com/mail/
8 KB
8 KB
Other
General
Full URL
https://outlook.office365.com/mail/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:304:800::2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

x-feserver
CYXPR02CA0048, CH0PR04CA0071
x-firsthopcafeefz
MDW
etag
"1db23d8a377afce"
x-nanoproxy
1
x-besku
WCS5
ms-cv
C7VWQtLPkOIZoW2ZFK9IoA.1.1
request-id
4256b50b-cfd2-e290-19a1-6d9914af48a0
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
date
Fri, 25 Oct 2024 13:29:20 GMT
content-type
image/x-icon
last-modified
Mon, 21 Oct 2024 16:45:30 GMT
x-proxy-routingcorrectness
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-feefzinfo
MDW
x-feproxyinfo
CH0PR04CA0071.NAMPRD04.PROD.OUTLOOK.COM
x-preferredroutingkeydiagnostics
0
x-calculatedfetarget
CYXPR02CU002.internal.outlook.com
accept-ranges
bytes
content-length
7886
x-backendhttpstatus
200, 200
x-proxy-backendserverstatus
200
x-calculatedbetarget
CY4PR0401MB3700.NAMPRD04.PROD.OUTLOOK.COM
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
aadcdn.msauth.net/shared/1.0/content/js/
139 KB
49 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCB563D09FF90F
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Fri, 25 Oct 2024 13:29:23 GMT
content-type
application/x-javascript
last-modified
Mon, 05 Aug 2024 15:32:28 GMT
cache-control
public, max-age=31536000
x-ms-request-id
a442ed5a-e01e-0011-4867-2659e2000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
49804
x-azure-ref
20241025T132923Z-16859bc6c8ctrwbdwz1xm27th000000000yg00000000fn5z
x-ms-blob-type
BlockBlob
Primary Request authorize
login.microsoftonline.com/common/oauth2/
41 KB
16 KB
Document
General
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::d Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c41157abe8b47f05ea11eaf2bd726abe1aa385f7f385bcf3f2c2d1902f29b27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
15725
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 13:29:23 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.19267.5 - WUS3 ProdSlices
x-ms-request-id
ba979559-c348-44fe-a0e6-fbc0c3e52901
x-ms-srs
1.P
x-xss-protection
0
favicon.ico
login.microsoftonline.com/
0
117 B
Other
General
Full URL
https://login.microsoftonline.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::d Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw

Response headers

x-ms-srs
1.P
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.19267.5 - SCUS ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
x-content-type-options
nosniff
x-ms-request-id
0f365d30-4538-43b5-b014-2bc67ef71700
referrer-policy
strict-origin-when-cross-origin
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
content-length
0
x-xss-protection
0
date
Fri, 25 Oct 2024 13:29:22 GMT
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
111 KB
20 KB
Stylesheet
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D181) /
Resource Hash
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
8N6amNvfqMAnQs5tkvslJA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCDDAB171F8006
age
2500369
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:24 GMT
content-type
text/css
last-modified
Wed, 25 Sep 2024 21:43:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
88c26ae8-f01e-0049-2224-101625000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20400
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D181)
ConvergedLogin_PCore_QLF_8apNRJD3OCol8jwtxw2.js
aadcdn.msftauth.net/shared/1.0/content/js/
439 KB
120 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QLF_8apNRJD3OCol8jwtxw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D12B) /
Resource Hash
9019f3cffb86bf28f83d0e85eebf21fd0a37c4bf159edfcb6f18d0df12cb5e02

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
0mJaO3qA+eD2v9j9vu2xZA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCE31CBFE0A3E9
age
1946285
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:24 GMT
content-type
application/x-javascript
last-modified
Wed, 02 Oct 2024 19:59:39 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
6b0de339-d01e-0090-042e-15f042000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
122269
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D12B)
ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
56 KB
16 KB
Script
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D152) /
Resource Hash
81188e8a76162c79db4a5c10ac933c9e874c5b9eae10e47956ad9df704e01b28

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
wheuNbhZLcnx5oBIfa0JTw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCC6D4DD76DEA7
age
5022464
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:24 GMT
content-type
application/x-javascript
last-modified
Tue, 27 Aug 2024 20:14:33 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
82a8588b-001e-0048-7234-f9d71b000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
16326
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D152)
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.155.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
397 KB
114 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QLF_8apNRJD3OCol8jwtxw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D182) /
Resource Hash
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
LT++1t3XGfzBv7UAthL87A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCBD52F37806EC
age
6054659
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:51:54 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
78278748-a01e-0017-20d0-ef286c000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
116365
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D182)
prefetch.aspx
outlook.office365.com/owa/ Frame 5252
0
0
Document
General
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QLF_8apNRJD3OCol8jwtxw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:304:2850::2 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
private, no-store
content-length
2745
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 13:29:24 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MDW&RemoteIP=2001:4958:1420::&Environment=MT"}],"include_subdomains":true}
request-id
bff38344-b907-3444-19b4-9b51b9cfa738
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-10-25T13:29:25.115
x-backend-end
2024-10-25T13:29:25.115
x-backendhttpstatus
200 200
x-beserver
EA2PR16MB6203
x-besku
WCS8
x-calculatedbetarget
EA2PR16MB6203.namprd16.PROD.OUTLOOK.COM
x-calculatedfetarget
MW4PR03CU002.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
EA2PR16MB6203
x-feefzinfo
MDW
x-feproxyinfo
CH2PR16CA0005.NAMPRD16.PROD.OUTLOOK.COM
x-feserver
MW4PR03CA0048 CH2PR16CA0005
x-firsthopcafeefz
MDW
x-owa-diagnosticsinfo
4;0;0;
x-owa-version
15.20.8093.14
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-responseorigin
OwaAppPool
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/
987 B
1 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D183) /
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
5YqvyYBhSpzXeWvqe16o8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F41C14038
age
18510235
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
image/jpeg
last-modified
Wed, 24 May 2023 10:11:35 GMT
cache-control
public, max-age=31536000
x-ms-request-id
507c666c-701e-0054-3288-7e951d000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
987
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D183)
49_6ffe0a92d779c878835b40171ffc2e13.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/
17 KB
17 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D17D) /
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
eRaolOvefSnCzCmyZ/Epnw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F41AC335E
age
18510257
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
image/jpeg
last-modified
Wed, 24 May 2023 10:11:35 GMT
cache-control
public, max-age=31536000
x-ms-request-id
4b622b82-101e-00ea-7788-7e4144000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17453
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D17D)
53_7a3c80bf9694448bac31a9589d2e9e92.png
aadcdn.msftauth.net/shared/1.0/content/images/applogos/
5 KB
5 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D166) /
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
izYzcDfP+Iw98gO7c9WOQQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F457C234F
age
1599195
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
image/png
last-modified
Wed, 24 May 2023 10:11:42 GMT
cache-control
public, max-age=31536000
x-ms-request-id
af79d5d6-b01e-0034-2256-18b2af000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
5139
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D166)
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/
4 KB
2 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D12A) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
nzaLxFgP7ZB3dfMcaybWzw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DB5C3F495F4B8C
age
18510264
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
image/svg+xml
last-modified
Wed, 24 May 2023 10:11:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
595f60f2-701e-00d0-2f88-7e6e40000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
1435
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D12A)
convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
111 KB
35 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QLF_8apNRJD3OCol8jwtxw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D13F) /
Resource Hash
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
07aumYbfJEqwNBLMcAM10A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCBD52F42903D2
age
6054658
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:51:56 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
5f054ac0-601e-0090-48d0-ef6ea0000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
35168
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D13F)
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/
17 KB
17 KB
Other
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D13A) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
EuPayFgGHQiAI7K9SOL6lg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D8731240E548EB
age
18509962
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
image/x-icon
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
cache-control
public, max-age=31536000
x-ms-request-id
a3f02d27-f01e-0034-1e89-7ed73f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17174
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D13A)
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/
2 KB
773 B
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D162) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://login.microsoftonline.com/

Response headers

content-md5
R2FAVxfpONfnQAuxVxXbHg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DB5C3F4BB4F03C
age
18510216
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 13:29:25 GMT
content-type
image/svg+xml
last-modified
Wed, 24 May 2023 10:11:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
2c91614c-c01e-0013-5788-7e9702000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D162)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.microsoft.com
URL
https://csp.microsoft.com/report/OutlookWeb-Mail-PROD
Domain
outlook.office365.com
URL
blob:https://outlook.office365.com/e227001d-1603-4799-9051-47edc37b948a

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d

19 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: ClientId
Value: 580C021793FE44FD9F08C4F131E58811
outlook.office365.com/ Name: OIDC
Value: 1
outlook.office365.com/ Name: domainName
Value: promotorameraki.com
outlook.office365.com/ Name: OpenIdConnect.nonce.v3.5MahL4eu7enaeFotdcigTR6NgNkt7RgpT53UaGEz3Ys
Value: 638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4
outlook.office365.com/ Name: X-OWA-RedirectHistory
Value: ArLym14Bf4XqCPn03Ag
.microsoft.com/ Name: MC1
Value: GUID=8d78f194ab724000ac4de4cdc3065e60&HASH=8d78&LV=202410&V=4&LU=1729862961515
.microsoft.com/ Name: MS0
Value: 1a7276d0b3e24f75801e81f60ce6291c
.login.microsoftonline.com/ Name: esctx-ppd8DlSD96E
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFeUpzlt5Hesc8Av4cA_fyeROR4NaTc-ebVHeAP3X4xmk942vlvirGVXqtp6iDn1iuXC0JJqnmpRG-qwEgD_FBWn3dFudcRfP4tYBCpDon5e7BpySC5-Iufr58IGbijitWWanh3fW9g7QeHJPhfMq1UQSAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AWEBMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeTsGyTSDzXLC2HMHRPEgBVuxyGeReAZioYICTM5Ui0AxqKJxoEvOWcN2iYKvXLqLK0kaV5Kvo0r6sQY03vFO_-LluFt6bbdkILJ0tV3kbg0wgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeejWBsE1EfKdMM1BBFpjA2U1j5-Jirh2R14U7Cr_qhMAGIRWB_H7yKgQ9qLa6joGPli7VFWI2KY_-7Yq8fayLGxroD36ixz4TQB8oHHiWtFokbjISRX_7yhagNj8UddiuQlaaQrv9NL_BPjdZ6dido7HHsywzFCj_0s9LTPg76SkgAA
.login.microsoftonline.com/ Name: esctx-WHYZT5bjJQ
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFewtA-l0OtUmk30r0TdHQs6Bvnzx_rPnxdFZ3U7SFpE2jkiTf5XoX-hTOTzdK0MIXqR1Wr4JiZA8lOnwq3wNYNrINnXxgJUQ21RAj4dJZQ5erah49zoGnwAAJSim3GdQvlZHCgM5tTkCPrznDMJOKwvyAA
login.microsoftonline.com/ Name: fpc
Value: AiTYc0MRMHpJoTJnxTmYTi6erOTJAQAAADKUrd4OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: ce45b3b717f14fbd8c558e676daca549
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1729862965&co=1

5 Console Messages

Source Level URL
Text
security error URL: https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.d69d6437.js
Message:
[Report Only] This document requires 'TrustedScriptURL' assignment.
security error URL: https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.d69d6437.js
Message:
[Report Only] This document requires 'TrustedScriptURL' assignment.
network error URL: https://outlook.office365.com/owa/startupdata.ashx?app=Mail&n=0
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://login.microsoftonline.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=40cc1c34-0472-e3de-fcf7-3e15d6b8d2bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=promotorameraki.com&nonce=638654597613389183.a1c43d15-6159-4006-9bb4-ee1812f23fc4&state=DYy7bsIwAEWT9l-yBfxIjD1EDFQlRYEBEAEvle0YJTSWI8d1RT-pX1kP5w5HuidNkuQ18hJJQZxkRTAlZVGyFYEYUwYpXgioCtzBMiewZHkBAMmZlEWuNaQQ3RG-qyKN3790aX_Ecu20GE01OWust04Y7cTXsFDWZKGrxLe33TArG7TLZi-8rmDmdDc4rfzZVqI-AlXvSfNkobseZ4mYawwz3IwPft6jw6l8SASCbN8nuaGfylx6uQVM1bvoGJB418v28ry1fmrMIcgTR_wN9rEV-Hb8vSGG-PXjHw&sso_reload=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft swx.cdn.skype.com 'self'; script-src 'nonce-/1AnVd3MFQyhHXvvUxDZ0A==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft static.teams.microsoft.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com *.engage.cloud.microsoft 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.services.web.outlook.com login.live.com login.microsoftonline.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com newspro.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com *.engage.cloud.microsoft wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com wss://augloop.office.com wss://*.augloop.office.com wss://augloop.svc.cloud.microsoft wss://*.augloop.svc.cloud.microsoft aesir.office.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com arc.msn.com *.dynamics.com *.mos.microsoft.com ris.api.iris.microsoft.com services.bingapis.com prod-autodetect.outlookmobile.com *.googleapis.com admin.microsoft.com admin.microsoft.com *.bpa.microsoft.com teams.cloud.microsoft api.tenor.com attachment.outlook.live.net *.msedge.net app.whiteboard.microsoft.com whiteboard.office.com whiteboard.cloud.microsoft outlook.cloud.microsoft identity.osi.office.net wss://substrate.office.com *.adnxs.com; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms login.microsoftonline.com; object-src *.office.net 'self' attachments.office.net attachment.outlook.live.net; frame-ancestors 'self' teams.microsoft.com ; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com *.engage.cloud.microsoft; media-src blob: *.res.office365.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.sharepoint-df.com *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com *.engage.cloud.microsoft attachments.office.net attachment.outlook.live.net *.sharepoint.com; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
autodiscover.promotorameraki.com
browser.events.data.microsoft.com
csp.microsoft.com
login.live.com
login.microsoftonline.com
outlook.office365.com
res.public.onecdn.static.microsoft
csp.microsoft.com
outlook.office365.com
13.89.179.13
20.190.155.2
2603:1036:3000:60::d
2603:1036:302:4842::8
2603:1036:304:2850::2
2603:1036:304:800::2
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::38
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
0a119a1b011695eddc7329cde2ca9910244913132c3a53599f2833609eb4bcd4
10dfdcbf451c15be483c6f7bdcb5ab8b5c8aa634ff8c0926f2f8c4ce6002900f
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
53601fce24bcc802e69fedfd2d75ce41ddad1842d3cb732ea7c0230fcbc3271d
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
7b2406109f3eaa6cd748eaa6c9594061f09c4ad3cce142f2fc7661866599c12e
7c41157abe8b47f05ea11eaf2bd726abe1aa385f7f385bcf3f2c2d1902f29b27
81188e8a76162c79db4a5c10ac933c9e874c5b9eae10e47956ad9df704e01b28
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9019f3cffb86bf28f83d0e85eebf21fd0a37c4bf159edfcb6f18d0df12cb5e02
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
b013dffdbb8997516b2e5a8dda9f76424dd7339d30aa81834c3c8e3aa2432ec6
b6c550113680f8fa8fb3ba4d3d7cbd4f7e7f59078611e8918e246f6f3ffe2871
be99823b745af0cc591333257efa9d0a2ad080f9c911d1712e61f095ef4ca56c
c0722b528ea0f1ab9c0ace144b97c8da286dcd727e7ae85c2a8cac4c2f8baae6
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
edf85804f49186592fdbce8f8674cc0a8bd9d0d4ea9d764cc537c9921e875a9e
f3a18761484d9055d2063abe1f38b469612b155bf1c77a18e4aaa7f38a8cacb2
f4247bdbe376504bbf4900104961e8da3ae3078a08765b3f3f7e6f2b8d3eb716