edu-onedrivelti-prod.westeurope.cloudapp.azure.com Open in urlscan Pro
20.101.119.147  Public Scan

URL: https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Submission Tags: @phishunt_io
Submission: On July 13 via api from DE — Scanned from NL

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 20.101.119.147, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is edu-onedrivelti-prod.westeurope.cloudapp.azure.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on October 27th 2021. Valid for: a year.
This is the only time edu-onedrivelti-prod.westeurope.cloudapp.azure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.101.119.147 8075 (MICROSOFT...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 20.42.65.89 8075 (MICROSOFT...)
6 3
Apex Domain
Subdomains
Transfer
3 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 542
313 KB
2 microsoft.com
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131
883 B
1 azure.com
edu-onedrivelti-prod.westeurope.cloudapp.azure.com
3 KB
6 3
Domain Requested by
3 res-1.cdn.office.net edu-onedrivelti-prod.westeurope.cloudapp.azure.com
2 browser.pipe.aria.microsoft.com res-1.cdn.office.net
1 edu-onedrivelti-prod.westeurope.cloudapp.azure.com
6 3

This site contains no links.

Subject Issuer Validity Valid
edu-onedrivelti-prod.trafficmanager.net
DigiCert Cloud Services CA-1
2021-10-27 -
2022-10-26
a year crt.sh
*.res.outlook.com
Microsoft RSA TLS CA 01
2022-06-02 -
2023-06-02
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01
2022-05-21 -
2023-05-16
a year crt.sh

This page contains 1 frames:

Primary Page: https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Frame ID: C5A2B47C7A919A630E747DF9723A3EFC
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Microsoft OneDrive

Page Statistics

6
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

316 kB
Transfer

1183 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
977 B
3 KB
Document
General
Full URL
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.101.119.147 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
378ef5b86279adac35af0e0c09582200eaf7645968e0f3f982a854001fe7efe5
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode = block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-store, no-cache, max-age=0, s-maxage=0
content-security-policy
base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
content-security-policy-report-only
base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
content-type
text/html
date
Wed, 13 Jul 2022 20:31:37 GMT
etag
"1d895fc72ef1e91"
expires
0
last-modified
Tue, 12 Jul 2022 14:34:10 GMT
pragma
no-cache
request-context
appId=
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-rate-limit-limit
10m
x-rate-limit-remaining
9999
x-rate-limit-reset
2022-07-13T20:41:37.5508797Z
x-server-correlation-id
8000fd0f-0000-ef00-b63f-84710c7967bb
x-xss-protection
1; mode = block
runtime.28288e5e4e1e6ee16736.bundle.js
res-1.cdn.office.net/onedrivelti/
4 KB
3 KB
Script
General
Full URL
https://res-1.cdn.office.net/onedrivelti/runtime.28288e5e4e1e6ee16736.bundle.js
Requested by
Host: edu-onedrivelti-prod.westeurope.cloudapp.azure.com
URL: https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:781::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ca5f0968cf6dd0d78c8bd14b0d85fc59f9dcfbf90c4d8a4009ed604c15c7c6bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 07:00:50 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
299ba25f-401e-0050-32c3-923dc7000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
content-length
2307
vendors.bc7300aa60cb315fc67d.bundle.js
res-1.cdn.office.net/onedrivelti/
949 KB
264 KB
Script
General
Full URL
https://res-1.cdn.office.net/onedrivelti/vendors.bc7300aa60cb315fc67d.bundle.js
Requested by
Host: edu-onedrivelti-prod.westeurope.cloudapp.azure.com
URL: https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:781::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a32973d8c9dde46bb19b3d87654e3201a224fc70053072e1342dc638b79564c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 07:00:51 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50909229-501e-0011-3dc3-926523000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
main.670bf89133c569694478.bundle.js
res-1.cdn.office.net/onedrivelti/
230 KB
46 KB
Script
General
Full URL
https://res-1.cdn.office.net/onedrivelti/main.670bf89133c569694478.bundle.js
Requested by
Host: edu-onedrivelti-prod.westeurope.cloudapp.azure.com
URL: https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:781::1e0f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
760035d25361a36cd21a08fecac31b3eef31dd31765775a5178a87f44c9e609a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 07:00:51 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ba42ac47-f01e-0018-03c3-9220f0000000
access-control-expose-headers
date,Akamai-Request-BC
cache-control
max-age=630720000
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
/
browser.pipe.aria.microsoft.com/Collector/3.0/
0
442 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.7&x-apikey=fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387&client-time-epoch-millis=1657744298886&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/onedrivelti/vendors.bc7300aa60cb315fc67d.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.89 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:31:39 GMT
time-delta-millis
805
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/
0
441 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.7&x-apikey=fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387&client-time-epoch-millis=1657744299889&time-delta-to-apply-millis=805
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/onedrivelti/vendors.bc7300aa60cb315fc67d.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.89 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://edu-onedrivelti-prod.westeurope.cloudapp.azure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:31:39 GMT
time-delta-millis
68
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| __CSP_NONCE object| webpackJsonp object| FabricConfig object| CSPSettings object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__

2 Cookies

Domain/Path Name / Value
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 0443ca42-cffb-460b-af52-724714ca0c76
edu-onedrivelti-prod.westeurope.cloudapp.azure.com/ Name: MicrosoftApplicationsTelemetryFirstLaunchTime
Value: 2022-07-13T20:31:37.883Z

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-STkY8bGRLyg9NfB2B26fte6qMagtN1Pgs2nmd+8gQUI='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode = block