outlook-office.cf Open in urlscan Pro
192.236.194.247 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qroi.us20.list-manage.com/track/click?u=9bcd5c4d66d6ff6c43073a07f&id=e2f3051641&e=5dfb583f2b
Effective URL:
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3B...
Submission: On September 30 via manual (September 30th 2019, 3:29:48 am UTC) from PH

Summary HTTP 28 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 28 HTTP transactions. The main IP is 192.236.194.247, located in Seattle, United States and belongs to HOSTWINDS - Hostwinds LLC., US. The main domain is outlook-office.cf.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 26th 2019. Valid for: 3 months.

This is the only time outlook-office.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.108.35.69 104.108.35.69	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3 4	192.236.194.247 192.236.194.247	54290 (HOSTWINDS) (HOSTWINDS - Hostwinds LLC.)
18	104.111.242.100 104.111.242.100	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::753	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	5

1 104.108.35.69 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-35-69.deploy.static.akamaitechnologies.com

qroi.us20.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.236.194.247 (Seattle, United States) 3 redirects

ASN54290 (HOSTWINDS - Hostwinds LLC., US)
PTR: hwsrv-605598.hostwindsdns.com

shrnturl.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
outlook-office.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.111.242.100 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-100.deploy.static.akamaitechnologies.com

blob.officehome.msocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2bf::753 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

r4.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	msocdn.com blob.officehome.msocdn.com	476 KB
5	office365.com r4.res.office365.com	662 KB
4	akamaihd.net spoprod-a.akamaihd.net	509 KB
2	outlook-office.cf 1 redirects outlook-office.cf	1 MB
2	shrnturl.tk 2 redirects shrnturl.tk	637 B
1	list-manage.com 1 redirects qroi.us20.list-manage.com	470 B
28	6

	Domain	Requested by
18	blob.officehome.msocdn.com	srcdoc
5	r4.res.office365.com	srcdoc
4	spoprod-a.akamaihd.net	srcdoc
2	outlook-office.cf	1 redirects
2	shrnturl.tk	2 redirects
1	qroi.us20.list-manage.com	1 redirects
28	6

This site contains links to these domains. Also see Links.

Domain
passwordreset.microsoftonline.com
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
outlook-office.cf cPanel, Inc. Certification Authority	`2019-09-26` - `2019-12-25`	3 months	crt.sh
*.officehome.msocdn.com Microsoft IT TLS CA 5	`2017-12-07` - `2019-12-07`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
*.res.outlook.com Microsoft IT TLS CA 5	`2017-11-27` - `2019-11-27`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph&sion=3.2220.44.2764.3.3
Frame ID: A2027D3C2D55FC1ACB5C1E4718FFCEDA
Requests: 7 HTTP requests in this frame

Frame: https://blob.officehome.msocdn.com/bundles/polyfills-bundle-9d4fa01e5693fe3fde73.js
Frame ID: 5B367E63D1634C5DC5DDD02F6E1F0AD6
Requests: 18 HTTP requests in this frame

Frame: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/odbshare-ab55158a.js
Frame ID: E5273D5D14E3FB67962E6CBE7805A44D
Requests: 4 HTTP requests in this frame

Frame: https://r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/boot.worldwide.0.mouse.js
Frame ID: 2D98980C3F17AE67A9A62BFF07C2E8B7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://qroi.us20.list-manage.com/track/click?u=9bcd5c4d66d6ff6c43073a07f&id=e2f3051641&e=5dfb583f2b HTTP 302
https://shrnturl.tk/5Zv24XCbT?email=MSIglesias@smart.com.ph HTTP 301
https://shrnturl.tk/5Zv24XCbT/?email=MSIglesias@smart.com.ph HTTP 302
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3Nw... HTTP 302
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3Nw... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

28
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

2806 kB
Transfer

6252 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAXWRO2_TUACF4zgJbcWjYoEFqQNThZPrV5xEqkSaR1Mndkzj1LmWABn7pr52_IjtJsQLC0IMDF3phFiQKiaEEOInVAydUXcQE2JiQSL5ASxn-nR0dL5tki7Stbscy_GG8KRKVY0yS3FVGlAGx5QplmfLLANoiwdsdHNjs_m1uH1v4839V6-_Xz6_8_H9GXHLTpIwrpVK8_m8GIzH2ERFM_BKnwnigiB-EMRpNo98ajg4y8ZlVgBstSIAwAo0DSo0W4Rp24ae7kJvmEBHxxIGQGIOcE-dOPKelOia7sB0yMgpTKHTdmUGAlk9dPQVrw75_gAAqD1Y9FSXhoyUyGrbkZ0WJzdFV0pN_lv2Rr9-nNjMKoIIp-h3dn0cRN7jMIiTU_Id0Q-Rv281At9HZlJcYchPsGkkOPCVKAhRlGAU71QGB7ai9yR_GrQoTrbEUWek9ebirrgHDx2j3rWQ6PUEUbcMipGmtiI2qQHVc2caV-nDWD2U5GV3o4KFGcXUNa5hTnbjI9kFSstTNS80J_sLXHV0eRw-nYQuqx851mxqoC7uiIMIuR_IwvJWL_DPyevLUT62tsIoGOMJusgRP3NXAVlbWytskrczW5k_OeJtfmnrUffZpfLQ6b_QhL_XPtUz5_mSnVb5ULbnI6GuDBbtJpfWcctQ2kwwhqUIJu2ObeuIHx7H3A5To08KxEmh8KtAvLyS-bL-P9f_AA2&mkt=en-US&hosted=0&device_platform=Windows+8.1
Title: Forgot my password

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qroi.us20.list-manage.com/track/click?u=9bcd5c4d66d6ff6c43073a07f&id=e2f3051641&e=5dfb583f2b HTTP 302
https://shrnturl.tk/5Zv24XCbT?email=MSIglesias@smart.com.ph HTTP 301
https://shrnturl.tk/5Zv24XCbT/?email=MSIglesias@smart.com.ph HTTP 302
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph HTTP 302
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph&sion=3.2220.44.2764.3.3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
outlook-office.cf/.microsoft-online/
Redirect Chain

https://qroi.us20.list-manage.com/track/click?u=9bcd5c4d66d6ff6c43073a07f&id=e2f3051641&e=5dfb583f2b
https://shrnturl.tk/5Zv24XCbT?email=MSIglesias@smart.com.ph
https://shrnturl.tk/5Zv24XCbT/?email=MSIglesias@smart.com.ph
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph
https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph&sion=3.2220.44.2764.3.3

1 MB
1 MB

19ms
18ms

Document
text/html

192.236.194.247
Hostwinds LLC.

General

Check archive.org

Show headers Download Go to

Full URL: https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph&sion=3.2220.44.2764.3.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.236.194.247 Seattle, United States, ASN54290 (HOSTWINDS - Hostwinds LLC., US),
Reverse DNS: hwsrv-605598.hostwindsdns.com
Software: Apache /
Resource Hash: b30e232f8989b594d2ba7083383986fc97f19e80048ee1a1ce18994453cd9e08

Request headers

Host: outlook-office.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Mon, 30 Sep 2019 03:29:31 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 30 Sep 2019 03:29:31 GMT
Server: Apache
Location: https://outlook-office.cf/.microsoft-online/?zi=AAQkADM4Y2JlMDA2LTU1NDEtNDZlMC05NThjLWEzNGMxNjJhZjg3NwAQAFCHDhA2FEYMp8ZQ3BbWonQ&box=MSIglesias@smart.com.ph&sion=3.2220.44.2764.3.3
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 513 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 277 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 915 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 915 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 polyfills-bundle-9d4fa01e5693fe3fde73.js
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
18 KB 31ms
8ms Other
application/x-javascript 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/polyfills-bundle-9d4fa01e5693fe3fde73.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 301
status: 200
x-cache-start: 1569813870
content-length: 18301
last-modified: Mon, 09 Sep 2019 19:19:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a02afc89-101e-0052-663e-7726dd000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 sharedscripts-da52675f88.js
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
15 KB 30ms
7ms Other
application/x-javascript 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/sharedscripts-da52675f88.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 173096
status: 200
x-cache-start: 1569641075, 1569641082
content-length: 14814
last-modified: Mon, 09 Sep 2019 19:24:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b4a535fb-c01e-0097-23ac-7558e6000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 staticscripts-66b633621a.js
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
4 KB 35ms
13ms Other
application/x-javascript 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/staticscripts-66b633621a.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 301
status: 200
x-cache-start: 1569813870
content-length: 4009
last-modified: Mon, 09 Sep 2019 19:24:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f398be1e-501e-0077-553e-77be6e000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 app-bundle-c411d61a6c2d7a3b06b7.js
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
169 KB 35ms
13ms Other
application/x-javascript 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/app-bundle-c411d61a6c2d7a3b06b7.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 301
status: 200
x-cache-start: 1569813871
content-length: 171818
last-modified: Thu, 12 Sep 2019 14:29:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 159fbcef-501e-0092-803e-77ac99000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 app-bundle-1825464d463449947e48.css
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
11 KB 41ms
19ms Other
text/css 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/app-bundle-1825464d463449947e48.css

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 302
status: 200
x-cache-start: 1569813870
content-length: 10523
last-modified: Mon, 09 Sep 2019 19:17:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7dc2074e-f01e-013a-523e-773ed9000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 react-bundle-d445f934e39f68e33051.js
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
37 KB 41ms
19ms Other
application/x-javascript 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/react-bundle-d445f934e39f68e33051.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 302
status: 200
x-cache-start: 1569813870
content-length: 37891
last-modified: Mon, 09 Sep 2019 19:24:18 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fe6fd9e7-e01e-006e-7e3e-779206000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 vendor-bundle-2776f2ace6ddaff88940.js
blob.officehome.msocdn.com/bundles/ Frame 5B36 0
147 KB 16ms
16ms Other
application/x-javascript 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/bundles/vendor-bundle-2776f2ace6ddaff88940.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 302
status: 200
x-cache-start: 1569813870
content-length: 149894
last-modified: Mon, 09 Sep 2019 19:25:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 93273bbc-301e-0067-193e-778888000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 favicon-word-cf3b70d2be.ico
blob.officehome.msocdn.com/images/content/images/favicons/ Frame 5B36 0
9 KB 32ms
31ms Other
image/x-icon 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/favicons/favicon-word-cf3b70d2be.ico

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 19:43:41 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: image/x-icon
status: 200
x-ms-request-id: ac8bfc22-e01e-0107-24ac-758bff000000
x-cache-start: 1569641075, 1569641083
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 8958
x-cdn: 173097
access-control-expose-headers: content-length

GET
H2 200 favicon-excel-4a1b502024.ico
blob.officehome.msocdn.com/images/content/images/favicons/ Frame 5B36 0
9 KB 32ms
32ms Other
image/x-icon 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/favicons/favicon-excel-4a1b502024.ico

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 19:43:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: image/x-icon
status: 200
x-ms-request-id: fe746e04-401e-00c2-46ac-75b391000000
x-cache-start: 1569641075, 1569641083
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 8958
x-cdn: 173097
access-control-expose-headers: content-length

GET
H2 200 favicon-powerpoint-c43401e5bd.ico
blob.officehome.msocdn.com/images/content/images/favicons/ Frame 5B36 0
9 KB 33ms
32ms Other
image/x-icon 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/favicons/favicon-powerpoint-c43401e5bd.ico

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 19:43:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: image/x-icon
status: 200
x-ms-request-id: 89a6b9e5-601e-003b-0aac-757971000000
x-cache-start: 1569641075, 1569641083
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 8958
x-cdn: 173097
access-control-expose-headers: content-length

GET
H2 200 favicon-sway-234c04e8a7.ico
blob.officehome.msocdn.com/images/content/images/favicons/ Frame 5B36 0
8 KB 33ms
32ms Other
image/x-icon 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/favicons/favicon-sway-234c04e8a7.ico

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 19:43:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: image/x-icon
status: 200
x-ms-request-id: fa962a85-701e-00c1-55ac-75b096000000
x-cache-start: 1569641075, 1569641083
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 7886
x-cdn: 173097
access-control-expose-headers: content-length

GET
H2 200 header-default-desktop-652cc04392.svg
blob.officehome.msocdn.com/images/content/images/fluent-background-sources/ Frame 5B36 0
2 KB 34ms
33ms Other
image/svg+xml 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/fluent-background-sources/header-default-desktop-652cc04392.svg

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: 173097
status: 200
x-cache-start: 1569641075, 1569641083
content-length: 1403
last-modified: Mon, 09 Sep 2019 19:43:42 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e2fa7197-801e-0075-0cac-75bc94000000
access-control-expose-headers: content-length
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 document-sprite-f8cd18cf2a.png
blob.officehome.msocdn.com/images/content/images/ Frame 5B36 0
20 KB 39ms
39ms Other
image/png 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/document-sprite-f8cd18cf2a.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 19:45:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: image/png
status: 200
x-ms-request-id: 6d33d93e-001e-00e7-3cac-752b22000000
x-cache-start: 1569641075, 1569641082
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 19619
x-cdn: 173097
access-control-expose-headers: content-length

GET
H2 200 zero-docs-sprite-14795e957f.png
blob.officehome.msocdn.com/images/content/images/ Frame 5B36 0
18 KB 41ms
41ms Other
image/png 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://blob.officehome.msocdn.com/images/content/images/zero-docs-sprite-14795e957f.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-100.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 19:46:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: image/png
status: 200
x-ms-request-id: 5291ce4e-601e-0056-0dac-75d35f000000
x-cache-start: 1569641075, 1569641083
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 17973
x-cdn: 173097
access-control-expose-headers: content-length

GET
H2 404 wordtheme.min.css
blob.officehome.msocdn.com/versionless/startpages/ Frame 5B36 0
0 577ms
577ms Other
text/plain 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.officehome.msocdn.com/versionless/startpages/wordtheme.min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-100.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: content-length

GET
H2 404 exceltheme.min.css
blob.officehome.msocdn.com/versionless/startpages/ Frame 5B36 0
0 579ms
579ms Other
text/plain 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.officehome.msocdn.com/versionless/startpages/exceltheme.min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-100.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: content-length

GET
H2 404 powerpointtheme.min.css
blob.officehome.msocdn.com/versionless/startpages/ Frame 5B36 0
0 578ms
577ms Other
text/plain 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.officehome.msocdn.com/versionless/startpages/powerpointtheme.min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-100.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: content-length

GET
H2 404 swaytheme.min.css
blob.officehome.msocdn.com/versionless/startpages/ Frame 5B36 0
0 578ms
578ms Other
text/plain 104.111.242.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.officehome.msocdn.com/versionless/startpages/swaytheme.min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-100.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: content-length

GET
H2 200 odbshare-ab55158a.js Show response
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/ Frame E527 2 MB
434 KB 168ms
18ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/odbshare-ab55158a.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f095ac07bc6d990c4c440095928e509a52c6be2dabd2db9f55931d0c033973a3

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
content-md5: q1UVihtFym8XWiC3muRtLw==
status: 200
x-ms-lease-status: unlocked
last-modified: Wed, 04 Sep 2019 23:33:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D73190588C444B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e16dc9cc-801e-00ef-3c3e-7716ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31296631
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 knockout-5089db91.js Show response
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/ Frame E527 64 KB
24 KB 162ms
12ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/knockout-5089db91.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1da9ce9463ae617504885bb3bc512078ce8f1b1eee48f7878c315f9fc5c50956

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
content-md5: UInbkb/IjF5b1PINBL8k9g==
status: 200
content-length: 23550
x-ms-lease-status: unlocked
last-modified: Wed, 04 Sep 2019 23:33:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7319052C9AF63
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 467bc52e-701e-00fa-163e-77d435000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31296582
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 react-2eca194e.js Show response
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/ Frame E527 117 KB
39 KB 167ms
17ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/react-2eca194e.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8dbf82dd7ee326a219a10f965af35d9ed93d4106d8591ebf114378c269acb9b3

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
content-md5: LsoZTnR7ryuI7jqFr2p6Kw==
status: 200
content-length: 38885
x-ms-lease-status: unlocked
last-modified: Wed, 04 Sep 2019 23:33:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D731905A822D4D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 17dc4e18-101e-0129-363e-772dc5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31296565
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 odbshare.resx-1f6f697e.js Show response
spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/en-us/ Frame E527 51 KB
14 KB 161ms
12ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-08-30_20190904.003/en-us/odbshare.resx-1f6f697e.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1784c27fcd47dd37e964a66afad3d09e4280b6672dd95523e634717e475c8ec5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
content-md5: H29pfl6h50S2Vo2ZbAuUpQ==
status: 200
content-length: 13610
x-ms-lease-status: unlocked
last-modified: Wed, 04 Sep 2019 23:41:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D731915A41985A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5fea8ba1-601e-00cc-303e-777967000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31296517
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/ Frame 2D98 648 KB
176 KB 33ms
14ms Stylesheet
application/x-javascript 2a02:26f0:6c00:2bf::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/boot.worldwide.0.mouse.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: e06dca2dc82d7489e986a37f6212c881ff5a979c322aeb886d4cf4eeb2fcf1d3

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 18:23:53 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/ Frame 2D98 644 KB
160 KB 31ms
12ms Stylesheet
application/x-javascript 2a02:26f0:6c00:2bf::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/boot.worldwide.1.mouse.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 71bc88283f39659cf926b74ca2f67f0709d1c9bebb2093c71aa08f2977164828

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 18:23:57 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/ Frame 2D98 647 KB
167 KB 38ms
19ms Stylesheet
application/x-javascript 2a02:26f0:6c00:2bf::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/boot.worldwide.2.mouse.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d93d0fdbadb6e469a76bbf2561870c6f9fef9860af764a5886340234479a43d

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 18:23:54 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/ Frame 2D98 645 KB
143 KB 43ms
25ms Stylesheet
application/x-javascript 2a02:26f0:6c00:2bf::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r4.res.office365.com/owa/prem/16.3264.3.2709981/scripts/boot.worldwide.3.mouse.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: ac9619b56d0d3d7dfaeccfc9401b376ae88dde5516eda39199d65f884e08b360

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 18:23:57 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sprite1.mouse.png
r4.res.office365.com/owa/prem/16.3264.3.2709981/resources/images/0/ Frame 2D98 16 KB
16 KB 24ms
7ms Stylesheet
image/png 2a02:26f0:6c00:2bf::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r4.res.office365.com/owa/prem/16.3264.3.2709981/resources/images/0/sprite1.mouse.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 03:29:32 GMT
last-modified: Wed, 28 Aug 2019 18:15:25 GMT
server: Apache
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 16664

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| savepage_ShadowLoader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blob.officehome.msocdn.com
outlook-office.cf
qroi.us20.list-manage.com
r4.res.office365.com
shrnturl.tk
spoprod-a.akamaihd.net
104.108.35.69
104.111.242.100
192.236.194.247
2.16.186.40
2a02:26f0:6c00:2bf::753
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
1784c27fcd47dd37e964a66afad3d09e4280b6672dd95523e634717e475c8ec5
1da9ce9463ae617504885bb3bc512078ce8f1b1eee48f7878c315f9fc5c50956
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
6d93d0fdbadb6e469a76bbf2561870c6f9fef9860af764a5886340234479a43d
71bc88283f39659cf926b74ca2f67f0709d1c9bebb2093c71aa08f2977164828
8dbf82dd7ee326a219a10f965af35d9ed93d4106d8591ebf114378c269acb9b3
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
ac9619b56d0d3d7dfaeccfc9401b376ae88dde5516eda39199d65f884e08b360
b30e232f8989b594d2ba7083383986fc97f19e80048ee1a1ce18994453cd9e08
e06dca2dc82d7489e986a37f6212c881ff5a979c322aeb886d4cf4eeb2fcf1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f095ac07bc6d990c4c440095928e509a52c6be2dabd2db9f55931d0c033973a3
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea

outlook-office.cf Open in urlscan Pro 192.236.194.247 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

20 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

2806 kBTransfer

6252 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

outlook-office.cf Open in urlscan Pro
192.236.194.247 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

2806 kB
Transfer

6252 kB
Size

0
Cookies

28 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!