edu-onedrivelti-prod.westeurope.cloudapp.azure.com
Open in
urlscan Pro
20.101.119.147
Public Scan
Submission Tags: @phishunt_io
Submission: On July 13 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by DigiCert Cloud Services CA-1 on October 27th 2021. Valid for: a year.
This is the only time edu-onedrivelti-prod.westeurope.cloudapp.azure.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 20.101.119.147 20.101.119.147 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:781::1e0f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 20.42.65.89 20.42.65.89 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
edu-onedrivelti-prod.westeurope.cloudapp.azure.com |
ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 542 |
313 KB |
2 |
microsoft.com
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131 |
883 B |
1 |
azure.com
edu-onedrivelti-prod.westeurope.cloudapp.azure.com |
3 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
3 | res-1.cdn.office.net |
edu-onedrivelti-prod.westeurope.cloudapp.azure.com
|
2 | browser.pipe.aria.microsoft.com |
res-1.cdn.office.net
|
1 | edu-onedrivelti-prod.westeurope.cloudapp.azure.com | |
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
edu-onedrivelti-prod.trafficmanager.net DigiCert Cloud Services CA-1 |
2021-10-27 - 2022-10-26 |
a year | crt.sh |
*.res.outlook.com Microsoft RSA TLS CA 01 |
2022-06-02 - 2023-06-02 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2022-05-21 - 2023-05-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Frame ID: C5A2B47C7A919A630E747DF9723A3EFC
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ |
977 B 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.28288e5e4e1e6ee16736.bundle.js
res-1.cdn.office.net/onedrivelti/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.bc7300aa60cb315fc67d.bundle.js
res-1.cdn.office.net/onedrivelti/ |
949 KB 264 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.670bf89133c569694478.bundle.js
res-1.cdn.office.net/onedrivelti/ |
230 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| __CSP_NONCE object| webpackJsonp object| FabricConfig object| CSPSettings object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 0443ca42-cffb-460b-af52-724714ca0c76 |
|
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ | Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 2022-07-13T20:31:37.883Z |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode = block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.pipe.aria.microsoft.com
edu-onedrivelti-prod.westeurope.cloudapp.azure.com
res-1.cdn.office.net
20.101.119.147
20.42.65.89
2a02:26f0:3500:781::1e0f
378ef5b86279adac35af0e0c09582200eaf7645968e0f3f982a854001fe7efe5
760035d25361a36cd21a08fecac31b3eef31dd31765775a5178a87f44c9e609a
a32973d8c9dde46bb19b3d87654e3201a224fc70053072e1342dc638b79564c8
ca5f0968cf6dd0d78c8bd14b0d85fc59f9dcfbf90c4d8a4009ed604c15c7c6bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855