bankofguam.okta.com
Open in
urlscan Pro
99.83.213.230
Public Scan
Submitted URL: http://autodiscover.bankofguam.com/
Effective URL: https://bankofguam.okta.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkx9pezz6lS4usdB0x7%2Fsso%2Fwsfed%2Fpassive%3Fclie...
Submission: On September 03 via api from US — Scanned from DE
Effective URL: https://bankofguam.okta.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkx9pezz6lS4usdB0x7%2Fsso%2Fwsfed%2Fpassive%3Fclie...
Submission: On September 03 via api from US — Scanned from DE
Summary
This website contacted 7 IPs
in 4 countries
across 7 domains to perform 34 HTTP transactions.
The main IP is 99.83.213.230, located in
United States and
belongs to AMAZON-02, US.
The main domain is bankofguam.okta.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 12th 2024. Valid for: a year.
This is the only time bankofguam.okta.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 12th 2024. Valid for: a year.
This is the only time bankofguam.okta.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2603:1026:c0d... 2603:1026:c0d:82f::8 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 5 | 2603:1026:c0d... 2603:1026:c0d:1020::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 11 | 2a02:26f0:710... 2a02:26f0:7100::687e:2520 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 1 | 2603:1026:300... 2603:1026:3000:148::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 4 | 99.83.213.230 99.83.213.230 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 20.50.80.210 20.50.80.210 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 12 | 18.239.50.60 18.239.50.60 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 52.85.49.63 52.85.49.63 | 16509 (AMAZON-02) (AMAZON-02) | |
| 34 | 7 |
1
2603:1026:c0d:82f::8
(Frankfurt am Main, Germany)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autodiscover.bankofguam.com |
5
2603:1026:c0d:1020::2
(Frankfurt am Main, Germany)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| outlook.office365.com |
11
2a02:26f0:7100::687e:2520
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| res.cdn.office.net |
1
2603:1026:3000:148::7
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
4
99.83.213.230
(United States)
ASN16509 (AMAZON-02, US)
PTR: a9fda6e8074f1dfbe.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a9fda6e8074f1dfbe.awsglobalaccelerator.com
| bankofguam.okta.com |
1
20.50.80.210
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| eu-office.events.data.microsoft.com |
12
18.239.50.60
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-60.ams58.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-60.ams58.r.cloudfront.net
| ok2static.oktacdn.com |
2
52.85.49.63
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-85-49-63.hel50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-85-49-63.hel50.r.cloudfront.net
| login.okta.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
oktacdn.com
ok2static.oktacdn.com — Cisco Umbrella Rank: 16555 |
993 KB |
| 11 |
office.net
res.cdn.office.net — Cisco Umbrella Rank: 405 |
1 MB |
| 6 |
okta.com
1 redirects
bankofguam.okta.com login.okta.com — Cisco Umbrella Rank: 7359 |
115 KB |
| 5 |
office365.com
2 redirects
outlook.office365.com — Cisco Umbrella Rank: 71 |
22 KB |
| 1 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 15 |
4 KB |
| 1 |
microsoft.com
csp.microsoft.com Failed eu-office.events.data.microsoft.com — Cisco Umbrella Rank: 2079 |
587 B |
| 1 |
bankofguam.com
1 redirects
autodiscover.bankofguam.com |
548 B |
| 34 | 7 |
| Domain | Requested by | |
|---|---|---|
| 12 | ok2static.oktacdn.com |
bankofguam.okta.com
ok2static.oktacdn.com |
| 11 | res.cdn.office.net |
outlook.office365.com
res.cdn.office.net |
| 5 | outlook.office365.com |
2 redirects
res.cdn.office.net
|
| 4 | bankofguam.okta.com |
1 redirects
res.cdn.office.net
bankofguam.okta.com |
| 2 | login.okta.com |
ok2static.oktacdn.com
login.okta.com |
| 1 | eu-office.events.data.microsoft.com |
res.cdn.office.net
|
| 1 | login.microsoftonline.com | 1 redirects |
| 1 | autodiscover.bankofguam.com | 1 redirects |
| 0 | csp.microsoft.com Failed |
res.cdn.office.net
|
| 34 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.okta.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| outlook.com DigiCert Cloud Services CA-1 |
2024-06-27 - 2025-06-26 |
a year | crt.sh |
| *.res.outlook.com DigiCert SHA2 Secure Server CA |
2024-02-20 - 2025-02-20 |
a year | crt.sh |
| *.okta.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-02-12 - 2025-03-14 |
a year | crt.sh |
| *.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 08 |
2024-06-29 - 2025-06-24 |
a year | crt.sh |
| *.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-15 - 2025-01-02 |
a year | crt.sh |
| accounts.okta.com Amazon RSA 2048 M02 |
2024-07-17 - 2025-08-15 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bankofguam.okta.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkx9pezz6lS4usdB0x7%2Fsso%2Fwsfed%2Fpassive%3Fclient-request-id%3D5d715a5c-1ab5-7396-23b5-f702cce6c6f4%26username%3D%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjVI9aBNhAM0l6dlWraGjixCdCpfcd7m_BByS6zW_TdL8NYmW43J_udxfkrtLTEpxrVsHf6CDg2MREaUgxcHJoTjU0U6dpAiKSNHiICa4OPYNjwcP3hveW_KBEIjdQv8BQ6aMoLIMEEGaqv_QX5wP3G32NvavP7Zv7v_yfvj8_mwXWmjxpmbJissbIcEy9qBg23G6diwctlxHtywtZMmyKkgRkpj6YWvIh99A0BEEnULQnpciIzSJRukISgEUQ0EUoCEAiChOoAICcDmK4GIrivAULSIULlE4Rsgk38KPvdcKcddpY1Oy-upY-uGdk62-wXUt29n1PfFmGoNcy04PV-LrFVrlmgkeFzM4XmcbTlaPV5V8tdq1syZdVgY6sNuZepEdc2KTb3TYTmpdLxhqJZMrpqvlMtvDa7VSbbTci3eUBKOtrRmJfJnReWasmP2SQK6yfVNzBI2wiXHJ7iFawzBprlfNRUd2vYxx-krJ1mWKELmxnjGTbmq9wuRNtmmOrTw2lLt2slCzkkSG4GlKIs3UINnX3TUeiQCp4SodA1XIHNMCywrDI3U0QuTESWapxqZJE4AqzYE23XLLFBYvFDI9rVPCSuKomFAwRHUL7ThabxkkTzVyDMUNV_d8Fxr7lQ-erGVY5qEPtrqSqYpHfujED33xe9HZcz_0bGbyhhtnL97ef_CJefTz4-Jzed5zOBN2DYNh8h2j3BwPOoyYrIf7w5FhZcV8rTMqrbFqlmhWMixZodO30RjYgaEdGD6A52Z9AU_QxxTBKQx9h6HtS56DuQs86egydHwFn4cFnVcNe3FpM6iKnGNpkhmMbQbvGTYnCFM14HVXsoOxO8FJRXBja2vr3VXP-cLvh3--Pt1-_S31MuA5CXj-Ag2
Frame ID: 7119E25DE818A58E352C0F399FF3BEC9
Requests: 31 HTTP requests in this frame
Frame:
https://login.okta.com/discovery/iframe.html
Frame ID: FF9C2342DF8B77DBC1F9C4EB0E21C275
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Bank of Guam - AnmeldenPage URL History Show full URLs
-
http://autodiscover.bankofguam.com/
HTTP 307
https://autodiscover.bankofguam.com/ HTTP 307
http://autodiscover.bankofguam.com/ HTTP 301
https://outlook.office365.com/mail/?realm=bankofguam.com&vd=autodiscover Page URL
-
https://outlook.office365.com/mail/?realm=bankofguam.com&vd=autodiscover&authRedirect=true&state=0
HTTP 302
https://outlook.office365.com/owa/?realm=bankofguam.com&vd=autodiscover&state=1&redirectTo=aHR0cHM6Ly9vdXR... HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... HTTP 302
https://bankofguam.okta.com/app/office365/exkx9pezz6lS4usdB0x7/sso/wsfed/passive?client-request-id=5d715... HTTP 302
https://bankofguam.okta.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkx9pezz6lS4usdB0x7%2Fsso%2Fws... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.okta.com/?internal_link=wic_login
Title: Okta
Title: Okta
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://autodiscover.bankofguam.com/
HTTP 307
https://autodiscover.bankofguam.com/ HTTP 307
http://autodiscover.bankofguam.com/ HTTP 301
https://outlook.office365.com/mail/?realm=bankofguam.com&vd=autodiscover Page URL
-
https://outlook.office365.com/mail/?realm=bankofguam.com&vd=autodiscover&authRedirect=true&state=0
HTTP 302
https://outlook.office365.com/owa/?realm=bankofguam.com&vd=autodiscover&state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLm9mZmljZTM2NS5jb20vbWFpbC8_cmVhbG09YmFua29mZ3VhbS5jb20mdmQ9YXV0b2Rpc2NvdmVy HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=5d715a5c-1ab5-7396-23b5-f702cce6c6f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=bankofguam.com&nonce=638609830710201910.1159450c-14f9-4db9-a78d-74e7425f6ab4&state=JYvLbsIwFAWT8i_ZBa4dJ44XEYtKlAUgNUUpsKn8Sgvl1shJXPEz_dZaYjEjHWlOmiTJLPIUSSEq4VVRVyDqAjgBCkQQmBNSClaCzgnrRc6MErnktck5s5zRsq-kYmn8_qUL9ysXS2_lFRslf75d_zlJnGuHWTCNnEZnzoN2wfpsGOVoG5J5a87e6nHvGrluQa-31eYugjm0g6LCb1DgCa-X035Ld2_lRVEI6n11U8_1h8buS72AOOJqkjR2RdyPBg2-iuOhA0Xbm6a7YLC7_wM HTTP 302
https://bankofguam.okta.com/app/office365/exkx9pezz6lS4usdB0x7/sso/wsfed/passive?client-request-id=5d715a5c-1ab5-7396-23b5-f702cce6c6f4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVI9aBNhAM0l6dlWraGjixCdCpfcd7m_BByS6zW_TdL8NYmW43J_udxfkrtLTEpxrVsHf6CDg2MREaUgxcHJoTjU0U6dpAiKSNHiICa4OPYNjwcP3hveW_KBEIjdQv8BQ6aMoLIMEEGaqv_QX5wP3G32NvavP7Zv7v_yfvj8_mwXWmjxpmbJissbIcEy9qBg23G6diwctlxHtywtZMmyKkgRkpj6YWvIh99A0BEEnULQnpciIzSJRukISgEUQ0EUoCEAiChOoAICcDmK4GIrivAULSIULlE4Rsgk38KPvdcKcddpY1Oy-upY-uGdk62-wXUt29n1PfFmGoNcy04PV-LrFVrlmgkeFzM4XmcbTlaPV5V8tdq1syZdVgY6sNuZepEdc2KTb3TYTmpdLxhqJZMrpqvlMtvDa7VSbbTci3eUBKOtrRmJfJnReWasmP2SQK6yfVNzBI2wiXHJ7iFawzBprlfNRUd2vYxx-krJ1mWKELmxnjGTbmq9wuRNtmmOrTw2lLt2slCzkkSG4GlKIs3UINnX3TUeiQCp4SodA1XIHNMCywrDI3U0QuTESWapxqZJE4AqzYE23XLLFBYvFDI9rVPCSuKomFAwRHUL7ThabxkkTzVyDMUNV_d8Fxr7lQ-erGVY5qEPtrqSqYpHfujED33xe9HZcz_0bGbyhhtnL97ef_CJefTz4-Jzed5zOBN2DYNh8h2j3BwPOoyYrIf7w5FhZcV8rTMqrbFqlmhWMixZodO30RjYgaEdGD6A52Z9AU_QxxTBKQx9h6HtS56DuQs86egydHwFn4cFnVcNe3FpM6iKnGNpkhmMbQbvGTYnCFM14HVXsoOxO8FJRXBja2vr3VXP-cLvh3--Pt1-_S31MuA5CXj-Ag2 HTTP 302
https://bankofguam.okta.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkx9pezz6lS4usdB0x7%2Fsso%2Fwsfed%2Fpassive%3Fclient-request-id%3D5d715a5c-1ab5-7396-23b5-f702cce6c6f4%26username%3D%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjVI9aBNhAM0l6dlWraGjixCdCpfcd7m_BByS6zW_TdL8NYmW43J_udxfkrtLTEpxrVsHf6CDg2MREaUgxcHJoTjU0U6dpAiKSNHiICa4OPYNjwcP3hveW_KBEIjdQv8BQ6aMoLIMEEGaqv_QX5wP3G32NvavP7Zv7v_yfvj8_mwXWmjxpmbJissbIcEy9qBg23G6diwctlxHtywtZMmyKkgRkpj6YWvIh99A0BEEnULQnpciIzSJRukISgEUQ0EUoCEAiChOoAICcDmK4GIrivAULSIULlE4Rsgk38KPvdcKcddpY1Oy-upY-uGdk62-wXUt29n1PfFmGoNcy04PV-LrFVrlmgkeFzM4XmcbTlaPV5V8tdq1syZdVgY6sNuZepEdc2KTb3TYTmpdLxhqJZMrpqvlMtvDa7VSbbTci3eUBKOtrRmJfJnReWasmP2SQK6yfVNzBI2wiXHJ7iFawzBprlfNRUd2vYxx-krJ1mWKELmxnjGTbmq9wuRNtmmOrTw2lLt2slCzkkSG4GlKIs3UINnX3TUeiQCp4SodA1XIHNMCywrDI3U0QuTESWapxqZJE4AqzYE23XLLFBYvFDI9rVPCSuKomFAwRHUL7ThabxkkTzVyDMUNV_d8Fxr7lQ-erGVY5qEPtrqSqYpHfujED33xe9HZcz_0bGbyhhtnL97ef_CJefTz4-Jzed5zOBN2DYNh8h2j3BwPOoyYrIf7w5FhZcV8rTMqrbFqlmhWMixZodO30RjYgaEdGD6A52Z9AU_QxxTBKQx9h6HtS56DuQs86egydHwFn4cFnVcNe3FpM6iKnGNpkhmMbQbvGTYnCFM14HVXsoOxO8FJRXBja2vr3VXP-cLvh3--Pt1-_S31MuA5CXj-Ag2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://autodiscover.bankofguam.com/ HTTP 307
- https://autodiscover.bankofguam.com/ HTTP 307
- http://autodiscover.bankofguam.com/ HTTP 301
- https://outlook.office365.com/mail/?realm=bankofguam.com&vd=autodiscover
34 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
outlook.office365.com/mail/ Redirect Chain
|
10 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owa.mail.runtime.a481e3db.js
res.cdn.office.net/owamail/hashed-v1/scripts/ |
300 KB 171 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owa.mailindex.8f756efd.js
res.cdn.office.net/owamail/hashed-v1/scripts/ |
328 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owa.27969.m.220e2fa0.js
res.cdn.office.net/owamail/hashed-v1/scripts/ |
2 MB 584 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owa.AppBoot.m.235e6381.css
res.cdn.office.net/owamail/hashed-v1/scripts/ |
87 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owa.AppBoot.m.3b75ed4f.js
res.cdn.office.net/owamail/hashed-v1/scripts/ |
2 MB 483 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
microsoft.svg
res.cdn.office.net/assets/framework/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
startupdata.ashx
outlook.office365.com/owa/ |
0 1 KB |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
OutlookWeb-Mail-PROD
csp.microsoft.com/report/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
segoeui-light.woff
res.cdn.office.net/assets/mail/fonts/v1/fonts/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
segoeui-semilight.woff
res.cdn.office.net/assets/mail/fonts/v1/fonts/ |
29 KB 30 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
segoeui-regular.woff
res.cdn.office.net/assets/mail/fonts/v1/fonts/ |
34 KB 35 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
segoeui-semibold.woff
res.cdn.office.net/assets/mail/fonts/v1/fonts/ |
31 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boot-analytics-ping.js
res.cdn.office.net/owamail/20240822057.09/resources/ |
34 B 878 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
b9ee1f53-313c-4605-82c7-3c759c56cd4e
https://outlook.office365.com/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login.htm
bankofguam.okta.com/login/ Redirect Chain
|
19 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
eu-office.events.data.microsoft.com/OneCollector/1.0/ |
0 587 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
outlook.office365.com/mail/ |
8 KB 8 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
okta-sign-in.min.js
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.0/js/ |
2 MB 494 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
okta-sign-in.min.css
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.0/css/ |
218 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginpage-theme.c8c15f6857642c257bcd94823d968bb1.css
ok2static.oktacdn.com/assets/loginpage/css/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style-sheet
bankofguam.okta.com/api/internal/brand/theme/ |
556 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gfsqvpsp46lcbxQL70x7
ok2static.oktacdn.com/fs/bcg/4/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok2static.oktacdn.com/assets/js/mvc/loginpage/ |
204 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Aeonik-Regular.c672e6fbaa411f5719f3.woff2
ok2static.oktacdn.com/assets/loginpage/font/assets/ |
42 KB 42 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iframe.html
login.okta.com/discovery/ Frame FF9C |
451 B 955 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login_de.json
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.0/labels/json/ |
115 KB 115 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
country_de.json
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.0/labels/json/ |
5 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fs0kz368db9FdO9Zq0x7
ok2static.oktacdn.com/fs/bco/1/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
bankofguam.okta.com/ |
5 KB 6 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.png
ok2static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.21.0/img/security/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Inter-Regular.c8ba52b05a9ef10f4758.woff2
ok2static.oktacdn.com/assets/loginpage/font/assets/ |
97 KB 97 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Inter-SemiBold.b5f0f109bc88052d4000.woff2
ok2static.oktacdn.com/assets/loginpage/font/assets/ |
103 KB 104 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
discoveryIframe-17abdf702560067430e5.min.js
login.okta.com/lib/ Frame FF9C |
96 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- csp.microsoft.com
- URL
- https://csp.microsoft.com/report/OutlookWeb-Mail-PROD
- Domain
- outlook.office365.com
- URL
- blob:https://outlook.office365.com/b9ee1f53-313c-4605-82c7-3c759c56cd4e
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| cspNonce object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn object| okta function| runLoginPage object| OktaLogin object| jQBrowser16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| outlook.office365.com/ | Name: ClientId Value: 5457E7954BBB43D19DE156E14C2546D0 |
|
| outlook.office365.com/ | Name: OIDC Value: 1 |
|
| outlook.office365.com/ | Name: domainName Value: bankofguam.com |
|
| outlook.office365.com/ | Name: OpenIdConnect.nonce.v3.fUY1rPhYVYJb-PptXgbMw-N5WROu2TchoreJSqrbgcQ Value: 638609830710201910.1159450c-14f9-4db9-a78d-74e7425f6ab4 |
|
| outlook.office365.com/ | Name: X-OWA-RedirectHistory Value: ArLym14BiDCQ7UHM3Ag |
|
| .microsoft.com/ | Name: MC1 Value: GUID=37ad22d21dfe48c39a6b19397f70ef82&HASH=37ad&LV=202409&V=4&LU=1725386271252 |
|
| .microsoft.com/ | Name: MS0 Value: a7a214c862c7436993beb6c61991fffe |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AXYAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY_KSbp6BPwQvHIIrCA7UPicCSTFzNeCSZqctMXMhJrXxN5pWg_iEsQBQmeeLL1PU_XF7eMCVwv0Ix6rmybHw4_pdg9uskz_4BKtX4J-ZNJiogAA |
|
| login.microsoftonline.com/ | Name: fpc Value: AubZT_dFkoVEv3kPqCMTH1eerOTJAQAAAB5Fad4OAAAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYsfiuNcFU03wWuAPfqUvaDTYUPl-ZPKwQ6H7gH7K6mIn_EbMgvcwVQ3efcYJiDFC_84YhPFx-05GxkfsTCBxktMQ4V2_UzQ0fzdN3OqiiT1iDN4pphHBpDDeCs71mF5Th2wJFloMQMGw1lC7_g5Ptr_do4KWwGJippBAxXWhslbsgAA |
|
| .login.microsoftonline.com/ | Name: cltm Value: CgAQABoAIgQIDBAF |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| bankofguam.okta.com/ | Name: t Value: slate |
|
| bankofguam.okta.com/ | Name: DT Value: DI1TAVuaNx1SeCeiS64B263Fw |
|
| bankofguam.okta.com/ | Name: JSESSIONID Value: 049F28CCA954BD68AA2CA07F8B80F542 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft swx.cdn.skype.com 'self'; script-src 'nonce-AMxeDC0p3/ZnrapbMFPYxA==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft static.teams.microsoft.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com *.engage.cloud.microsoft 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.services.web.outlook.com login.live.com login.microsoftonline.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com newspro.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com *.engage.cloud.microsoft wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com wss://augloop.office.com wss://*.augloop.office.com wss://augloop.svc.cloud.microsoft wss://*.augloop.svc.cloud.microsoft aesir.office.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com arc.msn.com *.dynamics.com *.mos.microsoft.com ris.api.iris.microsoft.com services.bingapis.com prod-autodetect.outlookmobile.com *.googleapis.com admin.microsoft.com admin.microsoft.com *.bpa.microsoft.com teams.cloud.microsoft api.tenor.com attachment.outlook.live.net *.msedge.net app.whiteboard.microsoft.com whiteboard.office.com whiteboard.cloud.microsoft outlook.cloud.microsoft identity.osi.office.net wss://substrate.office.com; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms login.microsoftonline.com; object-src *.office.net 'self' attachments.office.net attachment.outlook.live.net; frame-ancestors 'self' teams.microsoft.com ; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com *.engage.cloud.microsoft; media-src blob: *.res.office365.com *.cdn.office.net *.df.onecdn.static.microsoft *.public.onecdn.static.microsoft *.sharepoint-df.com *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com *.engage.cloud.microsoft attachments.office.net attachment.outlook.live.net *.sharepoint.com; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests; |
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
autodiscover.bankofguam.com
bankofguam.okta.com
csp.microsoft.com
eu-office.events.data.microsoft.com
login.microsoftonline.com
login.okta.com
ok2static.oktacdn.com
outlook.office365.com
res.cdn.office.net
csp.microsoft.com
outlook.office365.com
18.239.50.60
20.50.80.210
2603:1026:3000:148::7
2603:1026:c0d:1020::2
2603:1026:c0d:82f::8
2a02:26f0:7100::687e:2520
52.85.49.63
99.83.213.230
05ce056071de570e8a86b82adf50daf2ffbb067596d55e358ed4670e982d83c3
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
1390610cb09ab709f0c698afcbf64489451b9878e01e2f8a1f6e4ae505e8fc1a
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
15f2927208c70ff70420783f3429fa00a79669169da605eab7ac582db0913e00
261dea82c75d026162d4e7404b7511ad77a4637883b4007a1dd7bb92a32f3885
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
375d0a6ba1dafb7925fc4ccabc452087ad8b71c12eadd789d69fee121868603a
419a069f2859715998ec2beda0659052f7e22469385cc25011c7ecbb97266719
638d5d7c3377bf88638dd9a92939e76ed9cfcceb71f8b0087dbe5dce1d01ddf4
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
71475feecc3949dc9cce0b543446cbd172d95a895e88026b7bfcfd35f825a814
76eb58aeffa9069b451909ccbdca6d5601e9638d62c547a59bc1521f6cb7c63a
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
803508e3bd746ad2f7a859ec65d5225a4d1b1f641e387685b570bb7a8ac4b9c8
877ae491d9aac5c6ef82a8430f9f652ace8a0dbc7294bd112aad49bd593769d0
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
a9966a22000716a17f6a350b2d200e6638f3cb672021e57976cee906cacab021
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
ccb7fd7542e3b7806842f2a9f2aba71742474953b1b30c59f30ae6ae5fd4c601
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
f236dbc8821bb759e9e85e2a12b6cbee0fb2903f35fc8de201f19c14b8d8478b
f86ae450f90f630233183c0c329d1c4ffc32c2cfb97a43e6af1f29f1d3698e24
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
fa08a5eac1eecf2505c1f222560f18ef1e542031b2303dd5223b053a39f5a7ac