login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net Open in urlscan Pro
13.49.95.37  Malicious Activity! Public Scan

Submitted URL: http://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/
Effective URL: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On August 09 via manual from US — Scanned from SE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 13.49.95.37, located in Stockholm, Sweden and belongs to AMAZON-02, US. The main domain is login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 8th 2021. Valid for: a year.
This is the only time login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 22 13.48.250.39 16509 (AMAZON-02)
1 1 13.49.53.51 16509 (AMAZON-02)
2 13.49.95.37 16509 (AMAZON-02)
22 2
Domain Requested by
11 aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
7 r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
2 login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
2 outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net 1 redirects aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
2 attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net 2 redirects
1 login.live.com.pcf.pcf-o365.pacificallp.myshn.net login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
22 6
Subject Issuer Validity Valid
pcf.pcf-o365.pacificallp.myshn.net
GlobalSign RSA OV SSL CA 2018
2021-02-08 -
2022-03-12
a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true
Frame ID: 5783F9E10942E517E2C24A11383C1676
Requests: 14 HTTP requests in this frame

Frame: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Frame ID: 21F3E5BA574FD3F7C6C3BA63FEB76440
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Sign in to Outlook

Page URL History Show full URLs

  1. http://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/ HTTP 301
    https://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/ HTTP 301
    https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/ HTTP 302
    https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
  2. https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

22
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

6
Subdomains

2
IPs

1
Countries

1019 kB
Transfer

3828 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/ HTTP 301
    https://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/ HTTP 301
    https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/ HTTP 302
    https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc Page URL
  2. https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/ HTTP 301
  • https://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/ HTTP 301
  • https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/ HTTP 302
  • https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
authorize
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/
Redirect Chain
  • http://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/
  • https://attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net/
  • https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/
  • https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-...
20 KB
9 KB
Document
General
Full URL
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.49.95.37 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-95-37.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80ad51e9eda389afe9f866c7fe95d2e55f876dc5925b19d45452f2716b73e294
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8270
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 19:54:57 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+SEC"}]}
x-ms-ests-server
2.1.15984.6 - SEC ProdSlices
x-ms-request-id
64edfa0f-44ab-4a1c-ae7a-2812c9029a00

Redirect headers

Alt-Svc
h3=":443",h3-29=":443"
Connection
keep-alive
Content-Length
855
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 19:54:57 GMT
Location
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=GVX"}],"include_subdomains":true}
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
GVYP280MB0367
X-BackEnd-Begin
2023-08-09T19:54:57.689
X-BackEnd-End
2023-08-09T19:54:57.689
X-BackEndHttpStatus
302
X-BeSku
WCS7
X-CalculatedBETarget
GVYP280MB0367.SWEP280.PROD.OUTLOOK.COM
X-Content-Type-Options
nosniff
X-DiagInfo
GVYP280MB0367
X-FEEFZInfo
GVX
X-FEProxyInfo
GV3P280CA0059.SWEP280.PROD.OUTLOOK.COM
X-FEServer
GV3P280CA0059
X-FirstHopCafeEFZ
GVX
X-IIDs
0
X-OWA-DiagnosticsInfo
0;0;0
X-Proxy-BackendServerStatus
302
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedDbCopy
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-UA-Compatible
IE=EmulateIE7
request-id
7d262dd5-90d3-9997-2f86-5ae01e4e3ad1
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/
136 KB
49 KB
Script
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by
Host: login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5a3af64d114486c2a5994df3fb9dcefb0e85eb3d76c726e6101d62776ab3e817

Request headers

Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
Origin
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:58 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0XzXOZAAAAACjLe1xlOz7TqxxyeVkhfEPQU1TMDRFREdFMTgxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
Mwomsrfm/E5wVC4ntDZsmw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
48749
x-ms-lease-status
unlocked
Last-Modified
Wed, 12 Jul 2023 10:42:33 GMT
Server
nginx
ETag
0x8DB82C4B32A50A1
X-Azure-Ref
0Eu/TZAAAAAA43mGkFwETSqTptM/p5YPSU1RPRURHRTE5MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
1868c5c9-f01e-0040-127c-c7e462000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
Primary Request authorize
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/
39 KB
17 KB
Document
General
Full URL
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true
Requested by
Host: aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
URL: https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.49.95.37 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-95-37.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
16343b074c93951a0c35df9df6d4ff03c7be4704fd0d5ad301aeb19e1cc7ef90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
15442
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 19:54:58 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+SEC"}]}
x-ms-ests-server
2.1.15984.6 - WEULR1 ProdSlices
x-ms-request-id
a531ce99-a7d5-4462-a826-e53c9d13bb00
converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/ests/2.1/content/cdnbundles/
108 KB
21 KB
Stylesheet
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by
Host: login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
Origin
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:58 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0V83MZAAAAAB7Z/6PwLwrSbX4SX2yUCY5QU1TMDRFREdFMTgxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
51nXYTkRfeACFNqVw7bA7Q==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
20105
x-ms-lease-status
unlocked
Last-Modified
Wed, 17 May 2023 19:54:03 GMT
Server
nginx
ETag
0x8DB5710770A6D5D
X-Azure-Ref
0Eu/TZAAAAADov9HTIUxLT5NjRrMLsBk9U1RPRURHRTE5MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
8d3a011e-901e-0002-047e-c46177000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/
413 KB
115 KB
Script
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Requested by
Host: login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
99c7229e61c9f2df1da564d3299dc7cf1391e1b6adb81f8d0550e3feeb8fa909

Request headers

Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
Origin
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:58 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0OrbFZAAAAADR5F+NevDzSoJ04iq36X2BQU1TMDRFREdFMTgwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
k/Oc9R0V5Eizi5+vLEqamw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
116853
x-ms-lease-status
unlocked
Last-Modified
Fri, 14 Jul 2023 16:42:13 GMT
Server
nginx
ETag
0x8DB848946EF0442
X-Azure-Ref
0Eu/TZAAAAAANIIhSxi4sR5rG2ZYJbYwXU1RPRURHRTE5MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
6a508fa3-401e-0093-4181-c2ad02000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/ests/2.1/content/cdnbundles/
49 KB
15 KB
Script
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js
Requested by
Host: login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d

Request headers

Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
Origin
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:58 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
05OvOZAAAAABVNHgyLkobTbEvpgzY5ffhQU1TMDRFREdFMTgxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
F796jFOPcfyA2yQHgXtB1w==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
14540
x-ms-lease-status
unlocked
Last-Modified
Thu, 13 Jul 2023 00:28:45 GMT
Server
nginx
ETag
0x8DB83381EAF7708
X-Azure-Ref
0Eu/TZAAAAAAMKb4AVV+dS7De8DrhID5cU1RPRURHRTE0MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
55514c57-401e-006f-5b9d-c7fc4e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
Me.htm
login.live.com.pcf.pcf-o365.pacificallp.myshn.net/
0
0
Other
General
Full URL
https://login.live.com.pcf.pcf-o365.pacificallp.myshn.net/Me.htm?v=3
Requested by
Host: login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=7d262dd5-90d3-9997-2f86-5ae01e4e3ad1&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302&state=DYtBEoAwCMRaHZ9TiyBseY5ozx79vhySmRxSSylrsiSVUgUmg8EEc9hw1QN7qMt8QloE0E4lbj6RCT7U_J5CXPPd-vtd_Qc&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/asyncchunk/
107 KB
33 KB
Script
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
Requested by
Host: aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
URL: https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0L9jSZAAAAAB4WE2u6/EpQafgc707RVn+QU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
2bI1Berv2EWLfhOTg8ynrg==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
32254
x-ms-lease-status
unlocked
Last-Modified
Tue, 13 Jun 2023 17:22:22 GMT
Server
nginx
ETag
0x8DB6C32C003B3FA
X-Azure-Ref
0Eu/TZAAAAADVdMb5dEv/RbFyaLitZbrrU1RPRURHRTEzMjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
2c529573-501e-004a-511b-caea77000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
prefetch.aspx
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/ Frame 21F3
3 KB
4 KB
Document
General
Full URL
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Requested by
Host: aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
URL: https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
11ab5f6a7c105f52e8a606c677160ab55fb76f257695e5ac039546fb7ac9f1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Alt-Svc
h3=":443",h3-29=":443"
Cache-Control
private, no-store
Connection
keep-alive
Content-Length
3130
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 19:54:58 GMT
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=GVX"}],"include_subdomains":true}
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
GV3P280MB0482
X-BackEnd-Begin
2023-08-09T19:54:58.919
X-BackEnd-End
2023-08-09T19:54:58.919
X-BackEndHttpStatus
200
X-BeSku
WCS7
X-CalculatedBETarget
GV3P280MB0482.SWEP280.PROD.OUTLOOK.COM
X-Content-Type-Options
nosniff
X-DiagInfo
GV3P280MB0482
X-FEEFZInfo
GVX
X-FEProxyInfo
GV3P280CA0059.SWEP280.PROD.OUTLOOK.COM
X-FEServer
GV3P280CA0059
X-FirstHopCafeEFZ
GVX
X-IIDs
0
X-OWA-DiagnosticsInfo
1;0;0
X-OWA-Version
15.20.6652.29
X-Proxy-BackendServerStatus
200
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedDbCopy
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-UA-Compatible
IE=EmulateIE7
request-id
9f978ce4-f0b2-edf2-7112-a8dd68b5e107
boot.worldwide.0.mouse.js
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/ Frame 21F3
648 KB
176 KB
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/boot.worldwide.0.mouse.js
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:54:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 01:53:20 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
179692
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/appbackgrounds/
987 B
2 KB
Image
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
X-Azure-Ref-OriginShield
0W/LGZAAAAABllGHXX3x9QK+qBXSX5AgnQU1TMDRFREdFMTgwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
5YqvyYBhSpzXeWvqe16o8A==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
987
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:42 GMT
Server
nginx
ETag
0x8DB5C3F457E15E1
X-Azure-Ref
0E+/TZAAAAAC0+SOoT6UsT7gCKfD1x7CFU1RPRURHRTEzMjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
5ee044f5-801e-0037-4be6-c1c76c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
49_6ffe0a92d779c878835b40171ffc2e13.jpg
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/appbackgrounds/
17 KB
18 KB
Image
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
X-Azure-Ref-OriginShield
0ZsnDZAAAAAAxCpoHXfQeSYZJ1v8wv2/1QU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
eRaolOvefSnCzCmyZ/Epnw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
17453
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:42 GMT
Server
nginx
ETag
0x8DB5C3F4584F323
X-Azure-Ref
0E+/TZAAAAAC7FWYj8hiFTKQofCExkEtmU1RPRURHRTEzMjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
36d471c0-901e-006a-4640-bf7b44000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
53_7a3c80bf9694448bac31a9589d2e9e92.png
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/applogos/
5 KB
6 KB
Image
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
X-Azure-Ref-OriginShield
0yYHGZAAAAAAPWttwiPGtTbb5Ct2gvODuQU1TMDRFREdFMTgxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
izYzcDfP+Iw98gO7c9WOQQ==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
5139
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:45 GMT
Server
nginx
ETag
0x8DB5C3F475BAFC0
X-Azure-Ref
0E+/TZAAAAABTUO2fA/j3Rb81eOMU4LOEU1RPRURHRTE5MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
f7aa0b52-501e-009a-617a-c2de11000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/
4 KB
2 KB
Image
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0zcXDZAAAAAB3NcReIVrUQK1P1ndNhGVJQU1TMDRFREdFMTkxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:48 GMT
Server
nginx
ETag
0x8DB5C3F4911527F
X-Azure-Ref
0E+/TZAAAAAD03u42wVC7SKZxJ7wyjmO8U1RPRURHRTE5MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
2f8b4a95-801e-009f-5860-bf591b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/asyncchunk/
111 KB
36 KB
Script
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
Requested by
Host: aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
URL: https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0ZtzPZAAAAABwrk7Zq/BSQrAUAC8MRNevQU1TMDRFREdFMTgxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
Adc2Toi5EeUeXRIO4fBe3g==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
35820
x-ms-lease-status
unlocked
Last-Modified
Tue, 13 Jun 2023 17:22:24 GMT
Server
nginx
ETag
0x8DB6C32C0B49A7E
X-Azure-Ref
0E+/TZAAAAADw9Dl984TBQ4wg7VtXmk2HU1RPRURHRTEzMDgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
4bf6ff7b-e01e-0021-2eee-c78d42000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/
2 KB
2 KB
Image
General
Full URL
https://aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Aug 2023 19:54:59 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0kdvPZAAAAACTu1yMCT9mQ5p/wtwT3SWLQU1TMDRFREdFMTgxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-MD5
R2FAVxfpONfnQAuxVxXbHg==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
621
x-ms-lease-status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:49 GMT
Server
nginx
ETag
0x8DB5C3F49ED96E0
X-Azure-Ref
0E+/TZAAAAABOHF+ntDybTI0hjXgNQiJdU1RPRURHRTEzMDgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
7ec25d8c-901e-002e-5176-c7045d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
X-Robots-Tag
none
boot.worldwide.1.mouse.js
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/ Frame 21F3
644 KB
160 KB
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/boot.worldwide.1.mouse.js
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:54:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 01:53:04 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
163064
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
boot.worldwide.2.mouse.js
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/ Frame 21F3
647 KB
166 KB
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/boot.worldwide.2.mouse.js
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7e7563bed4d5145c276ea9d8351b20021c0112ae62505f932e4ca0fcd2792265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:55:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 01:53:21 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
169721
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
boot.worldwide.3.mouse.js
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/ Frame 21F3
646 KB
143 KB
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/scripts/boot.worldwide.3.mouse.js
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
03bf86edf617025b870b2ff4ab73d6e682854cf47f0d2b17b4ad374a96ee8dba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:55:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 01:53:05 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
145698
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
sprite1.mouse.png
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/resources/images/0/ Frame 21F3
132 B
605 B
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/resources/images/0/sprite1.mouse.png
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:55:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 02:03:19 GMT
Server
nginx
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
132
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
sprite1.mouse.css
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/resources/images/0/ Frame 21F3
994 B
807 B
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/resources/images/0/sprite1.mouse.css
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:55:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 02:03:18 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
288
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17
boot.worldwide.mouse.css
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/resources/styles/0/ Frame 21F3
227 KB
44 KB
Stylesheet
General
Full URL
https://r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prem/15.20.6652.29/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
URL: https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/owa/prefetch.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.48.250.39 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-250-39.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 19:55:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 09 Aug 2023 02:03:49 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Robots-Tag
none
Content-Length
44144
X-SkyHigh-Version
BuildNumber=15, BuildDate=2023-07-19 11:17

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1 boolean| __convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13

16 Cookies

Domain/Path Name / Value
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: ClientId
Value: 5E550EB92BC844CDA4E95C967E12BF9A
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: OIDC
Value: 1
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: OpenIdConnect.nonce.v3.8cSvS4-vFs2xnWSJaRxr5uSFQlePQCsiMocWgUTN5co
Value: 638272076976895517.b593edb3-bb77-4502-9e73-b721569ce302
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: X-OWA-RedirectHistory
Value: ArLym14BHTZCghKZ2wg
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: buid
Value: 0.ASYAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPrAKSu2_gx_dbjfkA8JEI8fnZkv1Aa7BsRF4X6Cu3AecjI1JMRgGoHyFt2MZR9YYXCGdZ_CxFMlkA8KZBx0I2sHVPqQqLMgr2HUlXt2rQ_-AgAA
.login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: esctx
Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPAlDjSku1K64JNiiUtFkvN7OtkzCwCjSAcsR1kBvhgHRUcZYy9rSAEorj_cVhcDr_y8WwXus7K58-i_wOO7V5V37Im5N1U5Qvcmg5u8_luApXaKcf0rU15nboZFpLIf8kmocQLWyVMLOK7RuG-lxCkl8bICh8J-hg-PTRfozHSIxHdzyGluDiGXJTotrkAuXKQfmPK9bMhdv8Z6Vm7xRIxi4eueaiDCWNo1BwuM6yFNsgAA
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: fpc
Value: AsJAv71HN5hFt6HSLTgg6bOerOTJAQAAABHmZdwOAAAA
.pcf.pcf-o365.pacificallp.myshn.net/ Name: SHN-VH-session
Value: 132b79c6-5dc9-4743-b3f8-02b44784bc45|1691612698347
.login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: brcap
Value: 0
.login.live.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: uaid
Value: c2be78e5412e4212a04113c1b5d7ae11
.login.live.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: MSPRequ
Value: id=N&lt=1691610898&co=1
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net/ Name: OWAPF
Value: p:11111111&v:15.20.6652.29&l:mouse&

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net.pcf.pcf-o365.pacificallp.myshn.net
attachments.office.net.pcf.pcf-o365.pacificallp.myshn.net
login.live.com.pcf.pcf-o365.pacificallp.myshn.net
login.microsoftonline.com.pcf.pcf-o365.pacificallp.myshn.net
outlook.office365.com.pcf.pcf-o365.pacificallp.myshn.net
r4.res.office365.com.pcf.pcf-o365.pacificallp.myshn.net
13.48.250.39
13.49.53.51
13.49.95.37
03bf86edf617025b870b2ff4ab73d6e682854cf47f0d2b17b4ad374a96ee8dba
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe
11ab5f6a7c105f52e8a606c677160ab55fb76f257695e5ac039546fb7ac9f1de
16343b074c93951a0c35df9df6d4ff03c7be4704fd0d5ad301aeb19e1cc7ef90
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
5a3af64d114486c2a5994df3fb9dcefb0e85eb3d76c726e6101d62776ab3e817
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
7e7563bed4d5145c276ea9d8351b20021c0112ae62505f932e4ca0fcd2792265
80ad51e9eda389afe9f866c7fe95d2e55f876dc5925b19d45452f2716b73e294
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
99c7229e61c9f2df1da564d3299dc7cf1391e1b6adb81f8d0550e3feeb8fa909
a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898