urlscan.io logo urlscan.io
SecurityTrails logo

onedrivelti.microsoft.com Open in urlscan Pro
20.101.119.147  Public Scan

Go To Rescan Add Verdict Report
URL: https://onedrivelti.microsoft.com/
Submission: On April 04 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 12 HTTP transactions. The main IP is 20.101.119.147, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrivelti.microsoft.com. The Cisco Umbrella rank of the primary domain is 231606.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on January 8th 2023. Valid for: a year.
This is the only time onedrivelti.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.101.119.147 8075 (MICROSOFT...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 52.182.143.208 8075 (MICROSOFT...)
4 52.178.17.3 8075 (MICROSOFT...)
12 4
Apex Domain
Subdomains		 Transfer
9 microsoft.com
onedrivelti.microsoft.com — Cisco Umbrella Rank: 231606
browser.events.data.microsoft.com — Cisco Umbrella Rank: 251
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 1516
5 KB
3 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 511
372 KB
12 2
Domain Requested by
4 eu-mobile.events.data.microsoft.com res-1.cdn.office.net
4 browser.events.data.microsoft.com res-1.cdn.office.net
3 res-1.cdn.office.net onedrivelti.microsoft.com
1 onedrivelti.microsoft.com
12 4

This site contains no links.

Subject Issuer Validity Valid
edu-onedrivelti-prod.trafficmanager.net
Microsoft Azure TLS Issuing CA 05		 2023-01-08 -
2024-01-03		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://onedrivelti.microsoft.com/
Frame ID: 9BBC08763BE9C98BDF072496BAA53A20
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft OneDrive

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

4
IPs

3
Countries

377 kB
Transfer

1408 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onedrivelti.microsoft.com/ 		977 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrivelti.microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.101.119.147 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a494b7aec696a1f869dd944795d3e13c0061c443c23a4cdae8ad0f64be07da7d
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode = block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-store, no-cache, max-age=0, s-maxage=0
content-security-policy
base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
content-security-policy-report-only
base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
content-type
text/html
date
Tue, 04 Apr 2023 09:54:49 GMT
etag
"1d96231f9529991"
expires
0
last-modified
Wed, 29 Mar 2023 11:31:16 GMT
pragma
no-cache
request-context
appId=
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-rate-limit-limit
10m
x-rate-limit-remaining
9999
x-rate-limit-reset
2023-04-04T10:04:49.3069128Z
x-server-correlation-id
400009f1-0000-ed00-b63f-84710c7967bb
x-xss-protection
1; mode = block
runtime.354351b69ca5f53d7806.bundle.js
res-1.cdn.office.net/onedrivelti/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/onedrivelti/runtime.354351b69ca5f53d7806.bundle.js
Requested by
Host: onedrivelti.microsoft.com
URL: https://onedrivelti.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60e697b457dc61f24c4b6b981a7423e27a2364ed1a80fe13d242979c11070111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onedrivelti.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:04:06 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b0731f14-901e-0053-301e-65dca3000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
2298
vendors.aa96dd4366ebfd95df6d.bundle.js
res-1.cdn.office.net/onedrivelti/ 		1 MB
321 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js
Requested by
Host: onedrivelti.microsoft.com
URL: https://onedrivelti.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e7126f0fd85f3753b57a7cd4098c611a7626719f7b06e08c08610c4b698fa04e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onedrivelti.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:04:07 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84fcd034-c01e-004e-09d3-64d11f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
327320
main.3a3d3b69eaa00c445b63.bundle.js
res-1.cdn.office.net/onedrivelti/ 		244 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/onedrivelti/main.3a3d3b69eaa00c445b63.bundle.js
Requested by
Host: onedrivelti.microsoft.com
URL: https://onedrivelti.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
45ef0b526142e695530e2a6accef236ae1977de330e5bc8f21300aca5a7b056c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onedrivelti.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:04:07 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
804797d2-801e-0002-1e1e-65412f000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
timing-allow-origin
*
content-length
49708
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.208 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b8c5bd699958058983b34b7f07fe76276a66ca143a3b6d47dce399214e3ca7b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680602090636
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://onedrivelti.microsoft.com/
apikey
fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Apr 2023 09:54:51 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
709
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://onedrivelti.microsoft.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.208 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://onedrivelti.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://onedrivelti.microsoft.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 04 Apr 2023 09:54:50 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b8c5bd699958058983b34b7f07fe76276a66ca143a3b6d47dce399214e3ca7b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680602090641
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://onedrivelti.microsoft.com/
apikey
fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 04 Apr 2023 09:54:50 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
137
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://onedrivelti.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://onedrivelti.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://onedrivelti.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Tue, 04 Apr 2023 09:54:49 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.208 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f92136c7918a93c6fd7e512e36e9aad64a5e6c83868036954590fececa70311a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680602091641
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
709
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://onedrivelti.microsoft.com/
apikey
fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Apr 2023 09:54:51 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
188
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://onedrivelti.microsoft.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.208 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://onedrivelti.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://onedrivelti.microsoft.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 04 Apr 2023 09:54:51 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		153 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
7623ea8efabc7015ebf365e702580ba5b9c5afd339237f1d59aa97243d42333e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680602091642
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
137
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://onedrivelti.microsoft.com/
apikey
fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 04 Apr 2023 09:54:51 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
11
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://onedrivelti.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://onedrivelti.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://onedrivelti.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Tue, 04 Apr 2023 09:54:50 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| __CSP_NONCE object| webpackJsonp object| FabricConfig object| CSPSettings object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl number| __currentId__

5 Cookies

Domain/Path Name / Value
onedrivelti.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: cbf63233-8cd9-43e7-afb5-6c76c89b151c
onedrivelti.microsoft.com/ Name: ai_session
Value: 6MSk5/Z3m2JZDJg6lv9Qze|1680602089633|1680602089638
.microsoft.com/ Name: MC1
Value: GUID=33707767a3e647d295b88520e695fbe3&HASH=3370&LV=202304&V=4&LU=1680602090778
.microsoft.com/ Name: MS0
Value: 40438f2a48944e24877b83a4e5bd4b24
onedrivelti.microsoft.com/ Name: MSFPC
Value: GUID=33707767a3e647d295b88520e695fbe3&HASH=3370&LV=202304&V=4&LU=1680602090778

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-ususduwDMiLmIlV6GhbOTlgWbQmIpJKBFVDjxHSoLU4='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode = block