login.live.com
Open in
urlscan Pro
20.190.166.133
Public Scan
Effective URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2fo...
Submission: On February 21 via manual from ES — Scanned from JP
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 10th 2024. Valid for: a year.
This is the only time login.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 18 | 52.199.22.126 52.199.22.126 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2603:1046:c09... 2603:1046:c09:1a47::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.166.133 20.190.166.133 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2600:140b:1a0... 2600:140b:1a00:16::6007:2791 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2606:2800:247... 2606:2800:247:43e9:c35a:4025:1596:b588 | 15133 (EDGECAST) (EDGECAST) | |
2 | 20.189.173.1 20.189.173.1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
31 | 7 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-22-126.ap-northeast-1.compute.amazonaws.com
slidsd0canvem.top |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com | |
outlook.office.com |
ASN15133 (EDGECAST, US)
logincdn.msftauth.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
slidsd0canvem.top
3 redirects
slidsd0canvem.top |
901 KB |
8 |
office365.com
outlook.office365.com — Cisco Umbrella Rank: 47 r4.res.office365.com — Cisco Umbrella Rank: 243 |
690 KB |
4 |
msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 4591 |
248 KB |
2 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 152 |
759 B |
1 |
office.com
1 redirects
outlook.office.com — Cisco Umbrella Rank: 73 |
907 B |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 95 Failed |
13 KB |
31 | 6 |
Domain | Requested by | |
---|---|---|
18 | slidsd0canvem.top |
3 redirects
slidsd0canvem.top
|
7 | r4.res.office365.com |
outlook.office365.com
|
4 | logincdn.msftauth.net |
login.live.com
logincdn.msftauth.net |
2 | browser.events.data.microsoft.com |
logincdn.msftauth.net
|
1 | outlook.office.com | 1 redirects |
1 | outlook.office365.com |
slidsd0canvem.top
|
1 | login.live.com |
slidsd0canvem.top
|
31 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
slidsd0canvem.top R3 |
2024-02-18 - 2024-05-18 |
3 months | crt.sh |
outlook.com DigiCert Cloud Services CA-1 |
2024-01-22 - 2025-01-21 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-02-10 - 2025-02-10 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2024-02-20 - 2025-02-20 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03 |
2023-11-02 - 2024-10-27 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 04 |
2023-12-18 - 2024-12-12 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined
Frame ID: B13D8449A0BF380A9A193AD9B34790FC
Requests: 24 HTTP requests in this frame
Frame:
https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 4EE2612519B1E213536D2AE2BAC43336
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Sign in to your Microsoft accountPage URL History Show full URLs
-
https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjY...
HTTP 302
https://slidsd0canvem.top/?qrc=undefined HTTP 302
https://slidsd0canvem.top/owa/?login_hint=undefined HTTP 302
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0... Page URL
- https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0... Page URL
-
https://outlook.office.com/owa/?username=undefined&login_hint=undefined
HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wr... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjYW52ZW0udG9wIiwiZG9tYWluIjoic2xpZHNkMGNhbnZlbS50b3AiLCJrZXkiOiIzUTJMc1N4Nlpmb20iLCJxcmMiOiJ1bmRlZmluZWQiLCJpYXQiOjE3MDg1MzE1MjQsImV4cCI6MTcwODUzMTY0NH0.j0UZZUACTSE_ter6n687BA1D56OtR8aDl7DP9px6Gkg
HTTP 302
https://slidsd0canvem.top/?qrc=undefined HTTP 302
https://slidsd0canvem.top/owa/?login_hint=undefined HTTP 302
https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M= Page URL
- https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=&sso_reload=true Page URL
-
https://outlook.office.com/owa/?username=undefined&login_hint=undefined
HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=21&ct=1708531624&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fusername%3dundefined%26RpsCsrfState%3d635c4f88-36d7-4a05-aeff-efd5d4fcacd1&id=292841&aadredir=0&username=undefined&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&login_hint=undefined Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://slidsd0canvem.top/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NsaWRzZDBjYW52ZW0udG9wIiwiZG9tYWluIjoic2xpZHNkMGNhbnZlbS50b3AiLCJrZXkiOiIzUTJMc1N4Nlpmb20iLCJxcmMiOiJ1bmRlZmluZWQiLCJpYXQiOjE3MDg1MzE1MjQsImV4cCI6MTcwODUzMTY0NH0.j0UZZUACTSE_ter6n687BA1D56OtR8aDl7DP9px6Gkg HTTP 302
- https://slidsd0canvem.top/?qrc=undefined HTTP 302
- https://slidsd0canvem.top/owa/?login_hint=undefined HTTP 302
- https://slidsd0canvem.top/autoreg.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD11bmRlZmluZWQmY2xpZW50LXJlcXVlc3QtaWQ9NDJmNzU0OTUtMzY4Yy0xNTQwLWNjY2UtY2QxN2YyZTM1ODZlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ0MTI4NDIzNjg0NDAzMC45Y2NkYWQwOC1mNmYxLTQwYjgtOTVkMS0wMDA5NGQwOWQ3NWQmc3RhdGU9RFl0TERvUWdFQVhCdVlWM1FCX1M4bGxNNWlnVHRVVkpERzQwWHQ5ZVZLVTJwWlZTSDZFUk5FUXFlQmVKN0JCcGNGNEtEbDFhRnA0WTBXU2ZyU0hNMGFTUnJRR1FpSkU0akt6bGJmdnptZnJmY1c2bF92ZFNyLTlkZWMybHJ2d0M=
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
autoreg.cgi
slidsd0canvem.top/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/ |
138 KB 50 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
341 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
autoreg.cgi
slidsd0canvem.top/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
slidsd0canvem.top/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ |
110 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConvergedLogin_PCore_1Zpn0Z4VlomFI1SEVRlEPA2.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/ |
673 KB 673 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.converged.login.strings-en.min_xtex5cpjr0k40urejm0fgg2.js
slidsd0canvem.top/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ |
54 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
341 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
login.live.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/ |
107 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prefetch.aspx
outlook.office365.com/owa/ Frame 4EE2 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.srf
login.live.com/ Redirect Chain
|
25 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/ |
987 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
49_7916a894ebde7d29c2cc29b267f1299f.jpg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
53_8b36337037cff88c3df203bb73d58e41.png
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2 |
648 KB 176 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
slidsd0canvem.top/aadcdn.msftauth.net/~/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2 |
644 KB 160 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2 |
647 KB 166 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.7316.21/scripts/ Frame 4EE2 |
645 KB 142 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.7316.21/resources/images/0/ Frame 4EE2 |
132 B 327 B |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.7316.21/resources/images/0/ Frame 4EE2 |
994 B 503 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.7316.21/resources/styles/0/ Frame 4EE2 |
227 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_en_ab04aQSkUg8kw-swjhCJkw2.js
logincdn.msftauth.net/shared/5/js/ |
833 KB 213 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneds-analytics-js_c53074e74ebeb8e140d6_en.js
logincdn.msftauth.net/shared/5/chunks/ |
88 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msftauth.net/shared/5/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19d.svg
logincdn.msftauth.net/shared/5/images/ |
2 KB 824 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 759 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.live.com
- URL
- https://login.live.com/Me.htm?v=3
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| PROOF object| ServerData function| $Loader object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime object| __dynProto$Gbl34 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
slidsd0canvem.top/ | Name: qPdM Value: 3Q2LsSx6Zfom |
|
slidsd0canvem.top/ | Name: qPdM.sig Value: uTAMuJiWv9w8wWNp5vZRSrY-F6k |
|
slidsd0canvem.top/ | Name: ClientId Value: 8192F48DF7534D36ACB7496F755BE136 |
|
slidsd0canvem.top/ | Name: OIDC Value: 1 |
|
slidsd0canvem.top/ | Name: OpenIdConnect.nonce.v3.bPb4w9bPv3qqyXNdbGsvT4Nn7Sd8-kaNJyXLjqWCJUg Value: 638441284236844030.9ccdad08-f6f1-40b8-95d1-00094d09d75d |
|
slidsd0canvem.top/ | Name: X-OWA-RedirectHistory Value: ArLym14B_pvhJPcy3Ag |
|
.slidsd0canvem.top/ | Name: esctx-q2FbaWYe0Qw Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8msGvDwglN3OJWpvNxTC_s5MDe1eMJ6bDwyMmPvf5jYQsjGXbdcPIHSPSKgTYsvDm3dJwBDIuhn6hYrCKH9QtfDGK3uJmljml7uRpV1llUCemWdy1Xu3L-Bzt5dZoAkR2puuxEI-Dykgt3EmH7pUqmiAA |
|
slidsd0canvem.top/ | Name: x-ms-gateway-slice Value: estsfd |
|
slidsd0canvem.top/ | Name: stsservicecookie Value: estsfd |
|
.slidsd0canvem.top/ | Name: AADSSO Value: NA|NoExtension |
|
slidsd0canvem.top/ | Name: SSOCOOKIEPULLED Value: 1 |
|
slidsd0canvem.top/ | Name: buid Value: 0.AXEAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-VM65lNYprE6tqz09rkhubJ_ptQ2QrVDMTMllT_FVhdhOx5u7-b9vk9DjK8tE2CBxNFtpOidIYNnGSdKyLNzKtOdBH0wIj7h-RPZoprv0urYgAA |
|
.slidsd0canvem.top/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-r-OfqqwVz662wXIcZ2sW9A3DvLwdDSOeooFsiMR5emo2lg8bhOp8no075MeycdsvzA36NxS3De9l6CsgArJGsV8YUWAaS3RIH-auGnJOeZ58nRitpDKAgWTKDEF_RqbSkF8I3_JH_sL1vfCj_z3L_JBMU12JS2KhQrv2EOAhscYgAA |
|
.slidsd0canvem.top/ | Name: esctx-yft4il61SAw Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-ZsceycmaZNQYlaUnYDkb5iJTFpRWCUDmHSXdU7m4KJBTwfBaj3M2ADXiqW6UW_7uQZABXoy9kNHztVukw1v9m-W7ZMXlvhk7nVnOrau2qZF6y8AqJ4tuCCPAi3QIal79Kr-d-YINmABNsFgk9FobcSAA |
|
slidsd0canvem.top/ | Name: fpc Value: AmaQ7E3PVYFInhzNCUvxkJyerOTJAQAAAKcWaN0OAAAA |
|
.slidsd0canvem.top/ | Name: brcap Value: 0 |
|
.slidsd0canvem.top/ | Name: ESTSWCTXFLOWTOKEN Value: AQABIQEAAAAmoFfGtYxvRrNriQdPKIZ-vXQZ-eKFEcmTG_iDhee5jWjsN-73yYJkPSX2ySD1CUqmrGcXeVy8B6qmrJCttYzo6irc1lZ7B6OFE6r9IT-8krsIRHsQJjXVvRZc_cZedGEFgGPucZtP5vQnJQGS_OVQ5zQA51HGKxhw-7kEDPTWveMyjj7kwBRHijg-kD5DIWXN1l3Vq3MTsCtD8gAnm-Sh0y8L5KrxKgqXROwZR2EZT6AsnvoeARebDZwnCiG2_XYjVff6m2e4zY_WS6HzcQzmToitZq34ilMqNCSLpzLjDJcUeJRN4CSdSi3Xgg4FXm3h4ZOcKoSpl0RYbtvqd4E4bh92smu5Ud5xpCGLkRDGLL5bLTqcjMNnUScwnxhhbQcc5v9ccMnd9Qtw2yxDa1NV372akjOzQ4tnjGlUVDT5AdyJtPI_WnNlnvaL4dBbZxD_Whh6KIl_QhoDq99UwqdbiqhvrgFqGq4lD1ZYeQKuhyAA |
|
outlook.office365.com/ | Name: ClientId Value: 9326B462956F4E8DBE4B03E077719DB0 |
|
outlook.office365.com/ | Name: OIDC Value: 1 |
|
outlook.office.com/ | Name: ClientId Value: 8258BF8EA41C4A1E8A9727846AEEADE0 |
|
outlook.office.com/ | Name: OIDC Value: 1 |
|
outlook.office.com/ | Name: exchangecookie Value: 1d466c2e17a747f28418f1da4230c711 |
|
outlook.office.com/ | Name: RpsCsrfState.QrL_bybvT_pDAIacxNYeVEEn7kRIlXN8bvQySN6Wvi0 Value: 635c4f88-36d7-4a05-aeff-efd5d4fcacd1 |
|
outlook.office.com/ | Name: X-OWA-RedirectHistory Value: AhR7n8MBF818Jfcy3Ag |
|
.login.live.com/ | Name: uaid Value: d8b9e077c2424f2cbe201e23faf08550 |
|
.login.live.com/ | Name: MSPRequ Value: id=292841<=1708531624&co=1 |
|
.login.live.com/ | Name: MSCC Value: 146.70.201.240-JP |
|
.login.live.com/ | Name: MSPOK Value: $uuid-b266bc7f-6b1a-406e-9f30-7d079b87ae38 |
|
.login.live.com/ | Name: OParams Value: 11O.Dv8X7mbX7t5QnAplFRBnPV40W961RCnzlFAU!kwuPrm4LV*lylyybrJfvaGYZ0GMizU24d09naXJfJnMM5TRFyqSM8Fam9h7W7VPiUhzzqMJMCtnx2wKis7ERv06yiiiAeGpbxzE2ZMedsyIYD84MMBs6dQx0j5SXHSjJ1A9BBLPUt!Do9Jpz2Y0zVFlF!a5Ehnq6RN8KVlN7jQVYpFzhun4FUoCR5PQu0ZglPCtlY2LfgDAjPbVDxuq!!1kuF*c9kB4egXX2mmJTTcNpX0A!RO7m6dUqYcUBMTAk3oC7B7ieDyVi3mUxlBLCJkgr2w5g*MiGy2Ts0dPhhKbXqoK1ZUMzdGYtAWXoK7uJoY6fvtLVsBV*CjHwV5IXAtz2bq0CQAiDrCwQpXjCCvdjImo4JsEgyP!Tvtw5w6MW6audjKH |
|
login.live.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 2679eecf-0686-4c7a-a280-06145c4b3bd5 |
|
login.live.com/ | Name: ai_session Value: uDOtg3jbUpfpG25cXx6EpT|1708531625438|1708531625438 |
|
.microsoft.com/ | Name: MC1 Value: GUID=d158c7ab04f346588a3ea9c92f9368e4&HASH=d158&LV=202402&V=4&LU=1708531628376 |
|
.microsoft.com/ | Name: MS0 Value: 7971a4b03129466f9bae18b7dbfe4de7 |
|
login.live.com/ | Name: MSFPC Value: GUID=d158c7ab04f346588a3ea9c92f9368e4&HASH=d158&LV=202402&V=4&LU=1708531628376 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
login.live.com
logincdn.msftauth.net
outlook.office.com
outlook.office365.com
r4.res.office365.com
slidsd0canvem.top
login.live.com
20.189.173.1
20.190.166.133
2600:140b:1a00:16::6007:2791
2603:1046:c09:1a47::2
2606:2800:247:43e9:c35a:4025:1596:b588
52.199.22.126
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0decef83fcec91b5fb7c23422d9b47fe7d07b95529d417780b14780c6e3daae1
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
626bf8190ea97f556345bad818b243aae3c0a23efae5dde6be40f93724e9185e
6665ca6a09f770c6679556eb86cf4234c8bdb0271049620e03199b34b4a16099
81be86822797f4a75d31c6817b86498dbe6238a8652b1f38388155538fcadbac
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221
bb77b35bffae514d97a1ae71ba26f67b1a467124fa0e3e84797352a435974673
cc39b1baee1ba66b4004daecf9867b5e0147f9dab1b397297b23fd3fceb8950c
d75a833891296977443c37f58d66b115fbef557354a069207b710cbdda7d7466
f6ca33591efe5eaa905f49f5cb0d0643080dbc045865f02dc88f33dc7ddc7c33