www.login.microsoftonline.extradder.com Open in urlscan Pro
68.183.183.235  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.login.microsoftonline.extradder.com/	88 KB 88 KB	17986ms 435ms	Document text/html	68.183.183.235 DigitalOcean
General Check archive.org Show headers Download Go to Full URL https://www.login.microsoftonline.extradder.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 68.183.183.235 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software / Resource Hash c3b9beed394ec631bf2a63f23a0dd105846ebec28cf39cb57ff10f21b0fbf542 Request headers Host www.login.microsoftonline.extradder.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Cache-Control no-cache, no-store, must-revalidate Connection close Content-Type text/html; charset=utf-8 Date Tue, 25 Jun 2019 14:33:37 GMT Expires -1 Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Set-Cookie OH.DCAffinity=OH-sea; Path=/; HttpOnly OH.SID=c267dce4-3a8e-4e40-86e9-25bed77f384f; Path=/; HttpOnly p.UnAuthUserCookie=a49a264f-6bc6-4c8b-bcd0-88507a1f2da3; Path=/; HttpOnly OH.DCAffinity=OH-sea; Path=/; HttpOnly MUID=0ACB368F880F632C36CB3B0989846230; Path=/; Domain=login.microsoftonline.extradder.com Transfer-Encoding chunked Vary Accept-Encoding X-Msedge-Ref Ref A: 1B0C067B82F74DDF8C22C017B48046A0 Ref B: SG2EDGE0910 Ref C: 2019-06-25T14:33:37Z X-Ua-Compatible IE=edge,chrome=1
GET		segoeui_light.woff2 blob.officehome.msocdn.com/versionless/webfonts/	0 0
GET		segoeui_regular.woff2 blob.officehome.msocdn.com/versionless/webfonts/	0 0
GET		segoeui_semibold.woff2 blob.officehome.msocdn.com/versionless/webfonts/	0 0
GET		segoeui_semilight.woff2 blob.officehome.msocdn.com/versionless/webfonts/	0 0
GET		unauth-cb054a4daf.css blob.officehome.msocdn.com/bundles/	0 0
GET		sharedfontstyles-30d1fc43fd.css blob.officehome.msocdn.com/bundles/	0 0
GET H/1.1	200 OK	51-6d3a1e statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/	160 KB 22 KB	52ms 7ms	Stylesheet text/css	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0 Requested by Host: www.login.microsoftonline.extradder.com URL: https://www.login.microsoftonline.extradder.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00::210:ba10 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 3abc05cf7fcd206115a9f2871547be6a8649c34b2efc0d1f77441147a5a78bc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://www.login.microsoftonline.extradder.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers ms-operation-id c71944905ac3324994c58de10bad0746 Date Tue, 25 Jun 2019 14:33:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-S2 2019-03-01T01:28:16 P3P CP="CAO CONi OTR OUR DEM ONL" X-Activity-Id 00000000-de49-48bd-b883-5d51e7315b23 Connection keep-alive MS-CV RXPQLzUtQEGRpQQ1.0 Vary Accept-Encoding Content-Length 21538 X-XSS-Protection 1 Last-Modified Fri, 01 Mar 2019 01:28:16 GMT Server Microsoft-IIS/10.0 X-Az {did:-, rid: -, sn: uhf-eas-prod, dt: 2019-02-28T23:52:35.0188613Z, bt: 2019-02-27T00:18:04.0000000Z} X-S1 2019-03-01T01:28:16 Access-Control-Allow-Methods HEAD,GET,POST,PATCH,PUT,OPTIONS Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=21466478 Timing-Allow-Origin * X-AppVersion 1.0.6997.542 Expires Sat, 29 Feb 2020 01:28:16 GMT
GET H/1.1	200 OK	override.css statics-uhf-eas.akamaized.net/statics/	1 KB 907 B	51ms 6ms	Stylesheet text/css	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://statics-uhf-eas.akamaized.net/statics/override.css?c=7 Requested by Host: www.login.microsoftonline.extradder.com URL: https://www.login.microsoftonline.extradder.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00::210:ba10 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248 Request headers Referer https://www.login.microsoftonline.extradder.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Tue, 25 Jun 2019 14:33:38 GMT Content-Encoding gzip Last-Modified Tue, 05 Mar 2019 19:05:18 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 ETag 0x8D6A19D82194196 Vary Accept-Encoding Content-Type text/css x-ms-request-id 74721288-e01e-002e-2b88-d3b8ae000000 x-ms-version 2009-09-19 Connection keep-alive Content-Length 473
GET H2	200	RE1Mu3b img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/	4 KB 4 KB	117ms 36ms	Image image/png	2a02:26f0:7b::5f65:168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31 Requested by Host: www.login.microsoftonline.extradder.com URL: https://www.login.microsoftonline.extradder.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:7b::5f65:168 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960 Request headers Referer https://www.login.microsoftonline.extradder.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-cms-cdninvalkey am:RE1Mu3b date Tue, 25 Jun 2019 14:33:38 GMT x-aspnet-version 4.0.30319 x-source-length 4054 x-powered-by ASP.NET status 200 x-activityid 760f5bde-d305-4ff7-9849-e7d229d7a4eb x-deployment a89a5014e89c41b7b60a64d7ee950637 content-length 4054 timing-allow-origin * last-modified Fri, 21 Jun 2019 10:10:06 GMT server Microsoft-IIS/10.0 x-datacenter NorthEU content-type image/png access-control-allow-origin * cache-control public, max-age=70596 x-instance Resizer.Web_IN_0 content-location https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31 expires Wed, 26 Jun 2019 10:10:14 GMT
GET		hero-still-image-desktop-89e7da971f.jpg blob.officehome.msocdn.com/images/content/images/	0 0
GET		unauth-vendor-b5e15713c1.js blob.officehome.msocdn.com/bundles/	0 0
GET		sharedscripts-3b5e8eac10.js blob.officehome.msocdn.com/bundles/	0 0
GET		unauth-49e566bfcb.js blob.officehome.msocdn.com/bundles/	0 0
GET H/1.1	200 OK	18-d72213 Show response statics-uhf-eas.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc01...	125 KB 33 KB	8ms 6ms	Script text/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://statics-uhf-eas.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc0148/dc-7e9864/78-4c7d22/9f-d154ca/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/32-6dafa3/93-283c2d/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/18-d72213?ver=2.0&iife=1 Requested by Host: www.login.microsoftonline.extradder.com URL: https://www.login.microsoftonline.extradder.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00::210:ba10 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://www.login.microsoftonline.extradder.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers ms-operation-id d59c59edc594496aa02bd0c73327bd83 Date Tue, 25 Jun 2019 14:33:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-S2 2019-03-01T00:58:42 P3P CP="CAO CONi OTR OUR DEM ONL" X-Activity-Id 00000000-1de0-4d0c-90c1-3544c4b9c188 Connection keep-alive MS-CV vpnj24Q8K0Scm26J.0 Vary Accept-Encoding Content-Length 33384 X-XSS-Protection 1 Last-Modified Fri, 01 Mar 2019 00:58:41 GMT Server Microsoft-IIS/10.0 X-Az {did:-, rid: -, sn: uhf-eas-prod, dt: 2019-03-01T00:20:39.6782335Z, bt: 2019-02-27T00:18:04.0000000Z} X-S1 2019-03-01T00:58:41 Access-Control-Allow-Methods HEAD,GET,POST,PATCH,PUT,OPTIONS Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=21464703 Timing-Allow-Origin * X-AppVersion 1.0.6997.542 Expires Sat, 29 Feb 2020 00:58:41 GMT
GET H/1.1	200 OK	meversion Show response mem.gfx.ms/	25 KB 9 KB	60ms 7ms	Script application/javascript	2a02:26f0:f1:180::37 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mem.gfx.ms/meversion?partner=office&market=en-us&uhf=1 Requested by Host: www.login.microsoftonline.extradder.com URL: https://www.login.microsoftonline.extradder.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:f1:180::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 0840c7866cd2e5e9c311a75548d8aaab37655e5fdccda9303de5f2570233a6a0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.login.microsoftonline.extradder.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 25 Jun 2019 14:33:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Vary Accept-Encoding Content-Type application/javascript Expires Tue, 25 Jun 2019 18:11:59 GMT Cache-Control public, no-transform, max-age=43200 Connection keep-alive Content-Length 8902 X-UA-Compatible IE=edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_light.woff2

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_regular.woff2

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_semibold.woff2

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_semilight.woff2

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/bundles/unauth-cb054a4daf.css

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/bundles/sharedfontstyles-30d1fc43fd.css

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/images/content/images/hero-still-image-desktop-89e7da971f.jpg

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/bundles/unauth-vendor-b5e15713c1.js

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/bundles/sharedscripts-3b5e8eac10.js

Domain

blob.officehome.msocdn.com

URL

https://blob.officehome.msocdn.com/bundles/unauth-49e566bfcb.js

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blob.officehome.msocdn.com
img-prod-cms-rt-microsoft-com.akamaized.net
mem.gfx.ms
statics-uhf-eas.akamaized.net
www.login.microsoftonline.extradder.com
blob.officehome.msocdn.com
2a02:26f0:6c00::210:ba10
2a02:26f0:7b::5f65:168
2a02:26f0:f1:180::37
68.183.183.235
0840c7866cd2e5e9c311a75548d8aaab37655e5fdccda9303de5f2570233a6a0
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
3abc05cf7fcd206115a9f2871547be6a8649c34b2efc0d1f77441147a5a78bc8
55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8
c3b9beed394ec631bf2a63f23a0dd105846ebec28cf39cb57ff10f21b0fbf542