URL: https://account.live.com/acsr
Submission: On April 07 via api from US

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 29 HTTP transactions. The main IP is 2620:1ec:21::22, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is account.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 4 on August 7th 2019. Valid for: 2 years.
This is the only time account.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2620:1ec:21::22 8068 (MICROSOFT...)
10 192.229.221.185 15133 (EDGECAST)
5 20.190.137.64 8075 (MICROSOFT...)
3 40.126.9.98 8075 (MICROSOFT...)
29 4
Domain Requested by
11 account.live.com account.live.com
acctcdn.msauth.net
10 acctcdn.msauth.net account.live.com
3 wus.client.hip.live.com client.hip.live.com
acctcdn.msauth.net
3 scu.client.hip.live.com account.live.com
2 client.hip.live.com acctcdn.msauth.net
client.hip.live.com
29 5

This site contains links to these domains. Also see Links.

Domain
login.live.com
www.microsoft.com
go.microsoft.com
Subject Issuer Validity Valid
account.live.com
Microsoft IT TLS CA 4
2019-08-07 -
2021-08-07
2 years crt.sh
prod-identitycdnsan.msauth.net
Microsoft IT TLS CA 5
2018-12-17 -
2020-12-17
2 years crt.sh
client.hip.live.com
Microsoft IT TLS CA 1
2019-08-06 -
2021-08-06
2 years crt.sh

This page contains 1 frames:

Primary Page: https://account.live.com/acsr
Frame ID: 91473169111DD956F67166E8DAE76771
Requests: 29 HTTP requests in this frame

Screenshot


Page Statistics

29
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

5
Subdomains

4
IPs

2
Countries

359 kB
Transfer

912 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request acsr
account.live.com/
320 KB
96 KB
Document
General
Full URL
https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15083be41a31501b531451cb1e47501f92b091f834a622a55e6a2979e62573b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
account.live.com
:scheme
https
:path
/acsr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
set-cookie
amsc=k8ZAUCzee8+HXNb9TkCQWjJhYFcQ3NGvoJG7aD7WYGQGGeFo9BVvh+zpRkUeA3/IB/igh7Vf0QlH/DBmKKAux/ldXyoCFMRhJdHrQxtZm36iGhpbIFcabJ4cCrTYkm0kIaLYcghRY0ISTCY7BSJmK2jxbU7/6v3vZ9BaSHoEAOsZpirg6Dipv0fBLv/QTAKOO+b9+xEtRq7gyf3ChsCy6IkJrWZIJHbAgpltlCM8bSHEce7xQTiCvKMHVgO2Et9W1gnt+iuUHqlZtOYR7U7TmiD9BPidLjk8lWxPzy2hQPXij9eKm2ykv0OUdHe+BStX:2:3c; domain=.live.com; path=/; secure; HttpOnly
x-frame-options
deny
x-ua-compatible
IE=edge, chrome=1
x-ms-amserver
eusXXXX0034 (2.0.1514.0)
x-ms-amserver-tm
61ms
x-ms-request-id
ad154410-912b-4245-99bb-72854349d65b
link
<https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=dns-prefetch <https://acctcdn.msftauth.net>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net>; rel=dns-prefetch
x-dns-prefetch-control
on
referrer-policy
strict-origin-when-cross-origin
amserver
eusXXXXdc000034
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
x-msedge-ref
Ref A: AD154410912B424599BB72854349D65B Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:19Z
date
Tue, 07 Apr 2020 21:33:19 GMT
msa_bSIdOQMXtYVel6q6pu8pFA2.css
acctcdn.msauth.net/
90 KB
18 KB
Stylesheet
General
Full URL
https://acctcdn.msauth.net/msa_bSIdOQMXtYVel6q6pu8pFA2.css?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B3B) /
Resource Hash
d7cc1e5f8a97092013abf085b7da77c010862505e4c135173c83efb241950daf

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
gtpBjS/QDRouA2O2g5jEGQ==
age
617188
x-cache
HIT
status
200
content-length
17835
x-ms-lease-status
unlocked
last-modified
Tue, 31 Mar 2020 08:46:39 GMT
server
ECAcc (ama/8B3B)
etag
0x8D7D5500780391C
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
12dff481-b01e-009a-0587-07b3aa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js
acctcdn.msauth.net/
94 KB
33 KB
Script
General
Full URL
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B48) /
Resource Hash
5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
5V7LAuc3bNAQx2QQfr1RPw==
age
21776912
x-cache
HIT
status
200
content-length
33918
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jan 2019 21:41:46 GMT
server
ECAcc (ama/8B48)
etag
0x8D675B2168506FA
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
22bd2270-901e-0047-2f14-473aeb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, public
x-ms-version
2009-09-19
bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2.js
acctcdn.msauth.net/
37 KB
10 KB
Script
General
Full URL
https://acctcdn.msauth.net/bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2.js?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B15) /
Resource Hash
2d37191a3ff388d282c09350ecf39a3eb9e6da48296b9ea35beccbff92d1725b

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
B68S+/daR6nLiLVZsh4XiA==
age
28025667
x-cache
HIT
status
200
content-length
10149
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jan 2019 21:37:41 GMT
server
ECAcc (ama/8B15)
etag
0x8D675B18471EBE4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
83aa9c7a-d01e-0000-633f-0ede85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, public
x-ms-version
2009-09-19
wlivepackagefull_cHeSkPsNhc9yilRlgEedHg2.js
acctcdn.msauth.net/
57 KB
19 KB
Script
General
Full URL
https://acctcdn.msauth.net/wlivepackagefull_cHeSkPsNhc9yilRlgEedHg2.js?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A99) /
Resource Hash
f335cee868a97809bd5569fca9e72095ed9a92b7dcc4fdcd278b406bec3ba1d5

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
cHeSkPsNhc9yilRlgEedHg==
age
12699756
x-cache
HIT
status
200
content-length
19541
x-ms-lease-status
unlocked
last-modified
Mon, 11 Nov 2019 21:54:11 GMT
server
ECAcc (ama/8A99)
etag
0x8D766F1AFA5B22C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7aff1d09-c01e-0049-7fa3-99fb05000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, public
x-ms-version
2009-09-19
knockout_9HcnWxbPHdJ-ovZeA-tF1g2.js
acctcdn.msauth.net/
76 KB
27 KB
Script
General
Full URL
https://acctcdn.msauth.net/knockout_9HcnWxbPHdJ-ovZeA-tF1g2.js?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AB2) /
Resource Hash
e02b6002a64d71687ee26e9bf5228bf5e79a01980e92338371bc79f6a259cedd

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
0wbf2N3jPrB5eD/ipZrBrA==
age
618585
x-cache
HIT
status
200
content-length
27828
x-ms-lease-status
unlocked
last-modified
Tue, 31 Mar 2020 08:46:26 GMT
server
ECAcc (ama/8AB2)
etag
0x8D7D54FFF868816
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dff6d745-301e-0050-4583-079d0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
acctcdn.msauth.net/images/
4 KB
4 KB
Image
General
Full URL
https://acctcdn.msauth.net/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B2C) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-md5
7lyNn7YkjJOP0NwZNw6QvQ==
age
20302693
x-cache
HIT
status
200
content-length
3651
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jan 2019 21:46:23 GMT
server
ECAcc (ama/8B2C)
etag
0x8D675B2BBBB7FEA
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f131fb06-f01e-0057-7f7d-5485c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, public
x-ms-version
2009-09-19
accept-ranges
bytes
progressindicator_wUhh5ZjCtR9iStMrcpxgoA2.gif
acctcdn.msauth.net/images/
12 KB
12 KB
Image
General
Full URL
https://acctcdn.msauth.net/images/progressindicator_wUhh5ZjCtR9iStMrcpxgoA2.gif
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AE7) /
Resource Hash
dfbfc72e2b282d309847621829b78cc68d8dc1e7e1a79899e7846935c18c1969

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-md5
wUhh5ZjCtR9iStMrcpxgoA==
age
21239979
x-cache
HIT
status
200
content-length
12304
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jan 2019 21:45:10 GMT
server
ECAcc (ama/8AE7)
etag
0x8D675B29094B9AF
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8a988775-e01e-0039-59f6-4bc6de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, public
x-ms-version
2009-09-19
accept-ranges
bytes
accountcorepackage_jdbnzLqPADx-fyo2mwIs9g2.js
acctcdn.msauth.net/
49 KB
15 KB
Script
General
Full URL
https://acctcdn.msauth.net/accountcorepackage_jdbnzLqPADx-fyo2mwIs9g2.js?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A9F) /
Resource Hash
64a94a9ee3ca3b1632d5491539713a997bcbad7158ef592facf06c1637c736d5

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
3zGZe9NckAvn2NEC6SNQCA==
age
677
x-cache
HIT
status
200
content-length
15695
x-ms-lease-status
unlocked
last-modified
Wed, 01 Apr 2020 18:21:26 GMT
server
ECAcc (ama/8A9F)
etag
0x8D7D6697DA26CE4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dd3aaeec-101e-0042-0622-0d2f4a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
recoveryplus_CgVV0xr104pKqIPsr0jzlw2.js
acctcdn.msauth.net/
80 KB
21 KB
Script
General
Full URL
https://acctcdn.msauth.net/recoveryplus_CgVV0xr104pKqIPsr0jzlw2.js?v=1
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B30) /
Resource Hash
e27de0660e9230e5f95a35b03d401c4112435dfe1f333d478d6fec71a707e6d8

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:20 GMT
content-encoding
gzip
content-md5
j+2JwaN4sUzA6HX+jXqV+A==
age
616938
x-cache
HIT
status
200
content-length
21204
x-ms-lease-status
unlocked
last-modified
Tue, 31 Mar 2020 08:46:40 GMT
server
ECAcc (ama/8B30)
etag
0x8D7D5500843AC59
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7f3ef4f1-901e-0066-5487-07bab7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
HIPAMFE
client.hip.live.com/GetHIP/GetHIPAMFE/
22 KB
8 KB
Script
General
Full URL
https://client.hip.live.com/GetHIP/GetHIPAMFE/HIPAMFE?id=15030&mkt=en-US&fid=bec3a0cafa3946afbe4e16f31ba2db18&type=visual&rand=1063427973
Requested by
Host: acctcdn.msauth.net
URL: https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.137.64 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27b92cb429026174a27f57ab4956a0317e3a7b73dc3897095b3fcd8c5b02de4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 07 Apr 2020 21:33:19 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-ms-request-id
f01f055b-4a67-4372-82f0-03cc7accc941
Cache-Control
private
x-ms-version
1.0.781.0
Content-Length
8069
x-ms-server
HIPPRDSCU00000H
/
client.hip.live.com/
434 B
689 B
Script
General
Full URL
https://client.hip.live.com/?SessionId=bec3a0cafa3946afbe4e16f31ba2db18&SiteId=15030&PartnerId=15030&rand=SCU.77f77966b536492b9b745edcca635b44
Requested by
Host: client.hip.live.com
URL: https://client.hip.live.com/GetHIP/GetHIPAMFE/HIPAMFE?id=15030&mkt=en-US&fid=bec3a0cafa3946afbe4e16f31ba2db18&type=visual&rand=1063427973
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.137.64 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b568b2d83c341c836c95536c44eeaf0915b179dbda73fddc73216f90b0e2037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 07 Apr 2020 21:33:19 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-ms-request-id
479567de-475f-4a9e-af3f-368619e7319a
Cache-Control
private
x-ms-version
1.0.781.0
Content-Length
294
x-ms-server
HIPPRDWUS000008
icon_err.gif
scu.client.hip.live.com/Images/
1 KB
1 KB
Image
General
Full URL
https://scu.client.hip.live.com/Images/icon_err.gif?vv=100
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.137.64 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
97aaded71c0575ace10fabd282fba4cfa72352c70349d86fb5f2f297a84834b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
Last-Modified
Wed, 26 Feb 2020 17:59:23 GMT
ETag
"1d5ecce79e88b8d"
Content-Type
image/gif
x-ms-request-id
4a6a9960-ca13-42bb-87c9-a14c71c22a33
Cache-Control
private
Date
Tue, 07 Apr 2020 21:33:20 GMT
x-ms-version
1.0.781.0
Accept-Ranges
bytes
Content-Length
1037
x-ms-server
HIPPRDSCU000009
GetHIPData
scu.client.hip.live.com/
10 KB
11 KB
Image
General
Full URL
https://scu.client.hip.live.com/GetHIPData?hid=SCU.77f77966b536492b9b745edcca635b44&fid=bec3a0cafa3946afbe4e16f31ba2db18&id=15030&type=visual&cs=HIPAMFE
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.137.64 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
33c58d7cc8509487dec20f9159ba576da3b69622dbc25f77c866b679f565f818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
Date
Tue, 07 Apr 2020 21:33:20 GMT
Content-Type
image/jpeg
x-ms-request-id
d8cadf3f-a8ef-4379-9922-75741d3f1567
Cache-Control
no-cache
x-ms-version
1.0.781.0
Content-Length
10469
x-ms-server
HIPPRDSCU00000F
Expires
-1
hig_progcircle_animated.gif
scu.client.hip.live.com/Images/
7 KB
8 KB
Image
General
Full URL
https://scu.client.hip.live.com/Images/hig_progcircle_animated.gif?vv=100
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.137.64 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20765c1aa45654aba95d64a80b64434ed8f8ffbd77371e660291a7fb6aaefb7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
Last-Modified
Thu, 19 Mar 2020 00:43:31 GMT
ETag
"1d5fd876984663f"
Content-Type
image/gif
x-ms-request-id
23665b98-0cb2-457f-946b-4434c935539a
Cache-Control
private
Date
Tue, 07 Apr 2020 21:33:20 GMT
x-ms-version
1.0.781.0
Accept-Ranges
bytes
Content-Length
7615
x-ms-server
HIPPRDSCU00000A
ClientEvents
account.live.com/API/
626 B
866 B
Fetch
General
Full URL
https://account.live.com/API/ClientEvents
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6bfa590f1ea9fd9632fe01d9e5676bee592172c8d8adfbdbfd82b2acc3d0af93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

uaid
bec3a0cafa3946afbe4e16f31ba2db18
Origin
https://account.live.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
canary
REiDsv9sRIqToztCgbeyZ7pLWFIJk5jDdFD74j/ni/e2oSwoo23mcyPCn5XJiuWMEZ7vve4RKKIXLH7XwEiI+GLfu8Z7VIFSR3zWRWJhjc06VguWZquNaNgnCviVjqmZC6CKAmMxmGvSZMliqOtqMDF0Ogmsl8B1GVDGhgohqqLk4TujGCP0NCTpSc1wytWHLC7PUPobmf33/PgLVcNMUaFXVqCPx36dyIOAWgT3wuNIyfDcNyxgjic5T+neBord:2:3c
Content-Type
application/json; charset=utf-8
hpgid
200705
Accept
application/json
tcxt
vZ4T99LLTuqc8M5VTS5lCQgGmlMZnZKyXS+Dn17/AwkAsr54MarPBVUAWKAH0I29thWVy3Jim/kxTEQl0uVt3towLZyXd4R4eeHrn9OiNTHYq5m6L/pms4hT9BhoL8HwaQUZuxRKKnGbQqkYffE2NIshUm3CByBl+SMwRr5WGhU=:2:3
Sec-Fetch-Dest
empty
Referer
https://account.live.com/acsr
x-ms-apiVersion
3
x-ms-apiTransport
fetch

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
x-ms-amserver-tm
15ms
content-length
626
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-msedge-ref
Ref A: 05B7F6AA47744C3BA7624A06B6A1BA92 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:20Z
date
Tue, 07 Apr 2020 21:33:20 GMT
x-frame-options
deny
content-type
application/json; charset=utf-8
x-ms-request-id
05b7f6aa-4774-4c3b-a762-4a06b6a1ba92
cache-control
no-cache, no-store
x-ms-amserver
eusXXXX003D (2.0.1514.0)
amserver
eusXXXXdc00003D
expires
-1
BTGetScripts
wus.client.hip.live.com/
8 KB
3 KB
Script
General
Full URL
https://wus.client.hip.live.com/BTGetScripts?SessionId=bec3a0cafa3946afbe4e16f31ba2db18&PartnerId=15030&rand=90f079c0-549c-41f6-bd6b-6c1ab51570b7
Requested by
Host: client.hip.live.com
URL: https://client.hip.live.com/?SessionId=bec3a0cafa3946afbe4e16f31ba2db18&SiteId=15030&PartnerId=15030&rand=SCU.77f77966b536492b9b745edcca635b44
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.9.98 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8bbfae5f4f37ab5f234bb664ec1eef2a47b397dde70090b01f4ee18f07060b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 07 Apr 2020 21:33:20 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-ms-request-id
11b1138c-a98a-4006-9585-8904d5af9a3f
Cache-Control
private
x-ms-version
1.0.781.0
Content-Length
2851
x-ms-server
HIPPRDWUS00000G
microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
account.live.com/Resources/images/
0
2 KB
Other
General
Full URL
https://account.live.com/Resources/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
1464
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: 9C87A1981BBD477E9AB1D34E904D69EE Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:21Z
date
Tue, 07 Apr 2020 21:33:20 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
eusXXXXdc00003Y
microsoft_logo_white_WV6SBtQnTELCe2bjcfpjPQ2.svg
account.live.com/Resources/images/
0
2 KB
Other
General
Full URL
https://account.live.com/Resources/images/microsoft_logo_white_WV6SBtQnTELCe2bjcfpjPQ2.svg
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
1443
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: D4739434FFAC41B4A10B13CA9DDD24DF Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:21Z
date
Tue, 07 Apr 2020 21:33:20 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
wusXXXXfd00003F
favicon.ico
account.live.com/Resources/images/
0
17 KB
Other
General
Full URL
https://account.live.com/Resources/images/favicon.ico
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
17174
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: F7B38AF7A2CD49C7B654CE69F3665CF9 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:21Z
date
Tue, 07 Apr 2020 21:33:20 GMT
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
eusXXXXdc00003B
progressindicator_wUhh5ZjCtR9iStMrcpxgoA2.gif
account.live.com/Resources/images/
0
12 KB
Other
General
Full URL
https://account.live.com/Resources/images/progressindicator_wUhh5ZjCtR9iStMrcpxgoA2.gif
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
12304
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: 41EC86FC954243BDB6C3B1342F3CB333 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:21Z
date
Tue, 07 Apr 2020 21:33:20 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
eusXXXXdc000033
datarequestpackage_dT3VZJ_4lD5UykUFoE8W2w2.js
acctcdn.msauth.net/
7 KB
3 KB
Script
General
Full URL
https://acctcdn.msauth.net/datarequestpackage_dT3VZJ_4lD5UykUFoE8W2w2.js
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AE2) /
Resource Hash
480bc3c8ca5055e5a01a873ad15484078d114f348ed8986c27b8d31f4f03ff14

Request headers

Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Apr 2020 21:33:21 GMT
content-encoding
gzip
content-md5
dT3VZJ/4lD5UykUFoE8W2w==
age
19876296
x-cache
HIT
status
200
content-length
3287
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2019 19:12:02 GMT
server
ECAcc (ama/8AE2)
etag
0x8D724D91DB36445
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
719386fc-201e-005c-585e-58518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, public
x-ms-version
2009-09-19
ReportClientEvent
account.live.com/API/
504 B
814 B
XHR
General
Full URL
https://account.live.com/API/ReportClientEvent
Requested by
Host: acctcdn.msauth.net
URL: https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
efbec53145f2ad3207597317ba24fdc640ce91327acf250d57cc966c8bef9de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

x-ms-apiVersion
2
uaid
bec3a0cafa3946afbe4e16f31ba2db18
Origin
https://account.live.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
canary
MtbKBnuataNQxxU3O6F1J7/vLsta/l5qYQ8hSToR+st/q8h7WKCVE83/1ooVrqXTGaOKkvWfyYNBQqd8Bk4TTlN90FBjg89Y/adsjDohx6pNrIrmg5FuQFPuIZQgvbQtOfGdg89k4kZJYzA4Xme56HHW9A+OZs8tMKX3cOjhUcE23m3QZV7rpHfeCU4nQ20NTkjJDQ962V95Y3ZVrDgmnJgTjllAyUVZAbHXcGF9QM6bjgYZIBNVJbUsedBlGcnC:2:3c
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
hpgid
200705
Accept
application/json
tcxt
WNz+7q4Y/HS5Upnr5xfNgll/LuydhA8jq4R9n4KpV8obIxYuKn8MtJjcxatURiPFC0m18zpOI3TvY9EFlwYkS66mqa3whFIuQCzDxyOaf9qlB+3l3XhFvJArHfbiruYvbcMHSarCEv/H7p23BLx1W+wO8pgymcYoA+XucybGV/X/qx/DxyuJZToqcUnaDsD4:2:3
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
uiflvr
1001
Referer
https://account.live.com/acsr
scid
100101
x-ms-apiTransport
xhr

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
x-ms-amserver-tm
140ms
content-length
504
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-msedge-ref
Ref A: D26F0ED6ED944D088959D6D749A5E480 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:21Z
date
Tue, 07 Apr 2020 21:33:20 GMT
x-frame-options
deny
content-type
application/json; charset=utf-8
x-ms-request-id
d26f0ed6-ed94-4d08-8959-d6d749a5e480
cache-control
no-cache, no-store
x-ms-amserver
wusXXXX0028 (2.0.1514.0)
amserver
wusXXXXfd000028
expires
-1
BTSubmit
wus.client.hip.live.com/
0
491 B
XHR
General
Full URL
https://wus.client.hip.live.com/BTSubmit?SessionId=bec3a0cafa3946afbe4e16f31ba2db18&PartnerId=15030
Requested by
Host: acctcdn.msauth.net
URL: https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.9.98 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://account.live.com
Referer
https://account.live.com/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Request-Method
POST, GET, OPTIONS
x-content-type-options
nosniff
Date
Tue, 07 Apr 2020 21:33:28 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Origin
*
x-ms-request-id
ab56e62d-f4f7-474c-8268-25cc6384c3cb
Cache-Control
private
x-ms-version
1.0.781.0
Access-Control-Allow-Headers
X-PINGOTHER, Content-Type, Origin, Accept
Content-Length
0
x-ms-server
HIPPRDWUS000000
microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
account.live.com/Resources/images/
4 KB
2 KB
Fetch
General
Full URL
https://account.live.com/Resources/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
1464
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: A0F964D003A84DB8939EAE7C2E322013 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:28Z
date
Tue, 07 Apr 2020 21:33:28 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
wcuXXXXfd00000U
microsoft_logo_white_WV6SBtQnTELCe2bjcfpjPQ2.svg
account.live.com/Resources/images/
4 KB
2 KB
Fetch
General
Full URL
https://account.live.com/Resources/images/microsoft_logo_white_WV6SBtQnTELCe2bjcfpjPQ2.svg
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d047cc83543f391406788c0b5921b0c48e2c592cc7ccacdb3be545c21e03d00e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
1443
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: 9C5990DC4FC14B919242409376735BDB Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:28Z
date
Tue, 07 Apr 2020 21:33:28 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
wusXXXXfd000022
favicon.ico
account.live.com/Resources/images/
17 KB
17 KB
Fetch
General
Full URL
https://account.live.com/Resources/images/favicon.ico
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
17174
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: 530FCB41BC0A4E5299E92AC8DC3E3A78 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:28Z
date
Tue, 07 Apr 2020 21:33:28 GMT
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
wusXXXXfd00003L
progressindicator_wUhh5ZjCtR9iStMrcpxgoA2.gif
account.live.com/Resources/images/
12 KB
12 KB
Fetch
General
Full URL
https://account.live.com/Resources/images/progressindicator_wUhh5ZjCtR9iStMrcpxgoA2.gif
Requested by
Host: account.live.com
URL: https://account.live.com/acsr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::22 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfbfc72e2b282d309847621829b78cc68d8dc1e7e1a79899e7846935c18c1969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.live.com/acsr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
status
200
content-length
12304
x-xss-protection
1; mode=block
last-modified
Thu, 26 Mar 2020 01:21:44 GMT
x-msedge-ref
Ref A: A92168476A564EE78216F0249C7D64B3 Ref B: FRAEDGE0714 Ref C: 2020-04-07T21:33:28Z
date
Tue, 07 Apr 2020 21:33:28 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
public,max-age=31536000
etag
"0c424e9c3d61:0"
accept-ranges
bytes
timing-allow-origin
*
amserver
wusXXXXfd00002L
BTSubmit
wus.client.hip.live.com/
0
491 B
XHR
General
Full URL
https://wus.client.hip.live.com/BTSubmit?SessionId=bec3a0cafa3946afbe4e16f31ba2db18&PartnerId=15030
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.9.98 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://account.live.com/
Origin
https://account.live.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Request-Method
POST, GET, OPTIONS
x-content-type-options
nosniff
Date
Tue, 07 Apr 2020 21:33:28 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Origin
*
x-ms-request-id
d8d484e5-9985-47cc-aa95-c472d2f9c2b2
Cache-Control
private
x-ms-version
1.0.781.0
Access-Control-Allow-Headers
X-PINGOTHER, Content-Type, Origin, Accept
Content-Length
0
x-ms-server
HIPPRDWUS000002

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| $Debug object| $Do function| $Loader object| $WebWatson object| Debug function| $setVar function| registerNamespace object| wLive object| $ClientTelemetry object| $Api function| $EventApi object| $ClientEvents object| $DataRequest function| _ge object| _d object| _dh object| $U function| GetString object| $B object| $Config object| $ReportEvent function| $ function| jQuery object| jQuery110209192032907757433 function| _ce function| _get object| $Utility object| $Beacon object| $css object| $Cookie object| $edh object| $f object| $footer object| $baseMaster object| $UI object| KnockoutExtensions object| ko object| g_renderDates string| cookieName string| cookieValue boolean| useSameSite boolean| AllowErrorPageRedirect string| phBaseURL string| phMarket string| gCommonQueryStringParams string| gFatalErrorCode function| AleGetString object| live object| ale_wlive function| getId function| getKey function| defineNamespace function| defineClass function| defineSubClass function| appendFunction function| mix function| bind function| Encrypt function| PackageSAData function| PackagePwdOnly function| PackagePinOnly function| PackageLoginIntData function| PackageSADataForProof function| PackageNewPwdOnly function| PackageNewAndOldPwd function| mapByteToBase64 function| base64Encode function| byteArrayToBase64 function| parseRSAKeyFromString function| RSAEncrypt function| RSAEncryptBlock function| JSMPnumber function| duplicateMP function| byteArrayToMP function| mpToByteArray function| modularExp function| modularMultiply function| multiplyMP function| normalizeJSMP function| removeLeadingZeroes function| divideMP function| multiplyAndSubtract function| applyPKCSv2Padding function| MGF function| XORarrays function| SHA1 function| wordToBytes function| PadSHA1Input function| SHA1RoundFunction function| rotateLeft function| hexStringToMP function| __extends string| Key string| randomNum string| SKI object| HIPAMFE function| setFocus function| addHeadphonesWarning function| setFocusOnField function| evt_master_onload function| GetHIPAMFE function| uiStream function| uiStreamLoaded string| _wutGetRequestUri object| _wutGetRequest string| _btSubmitURL string| _btSessionID string| _btPartnerId number| _btSubmitFrequency number| _btSubmitMaxEventSize number| _btMaxSubmitCallCount number| _btMouseGranularityInPx boolean| _btHPEnabled object| UserTracker undefined| jq function| TrackerInitOnReady function| _btLoadJavascriptDependency object| requests object| excessEvents

1 Cookies

Domain/Path Name / Value
.live.com/ Name: amsc
Value: k8ZAUCzee8+HXNb9TkCQWjJhYFcQ3NGvoJG7aD7WYGQGGeFo9BVvh+zpRkUeA3/IB/igh7Vf0QlH/DBmKKAux/ldXyoCFMRhJdHrQxtZm36iGhpbIFcabJ4cCrTYkm0kIaLYcghRY0ISTCY7BSJmK2jxbU7/6v3vZ9BaSHoEAOsZpirg6Dipv0fBLv/QTAKOO+b9+xEtRq7gyf3ChsCy6IkJrWZIJHbAgpltlCM8bSHEce7xQTiCvKMHVgO2Et9W1gnt+iuUHqlZtOYR7U7TmiD9BPidLjk8lWxPzy2hQPXij9eKm2ykv0OUdHe+BStX:2:3c

11 Console Messages

Source Level URL
Text
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:FlowController.showControl(landing)
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:New State [landing] from [none]
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:Hooking control events for [landing]
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:PageDialogControl.show()
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:PageDialogControl.getButton [action(#recoveryPlusLandingAction)] = 1
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:PageDialogControl.on(Click) [action]
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:FlowController.handleControlEvent [onSetupEvents] for [landing]
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:FlowController.handleControlEvent [onShow] for [landing]
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:PageDialogControl.~show()
console-api log URL: https://account.live.com/acsr(Line 64)
Message:
Tue, 07 Apr 2020 21:33:20 GMT:FlowController.notifyVisible [landing]
console-api log URL: https://wus.client.hip.live.com/BTGetScripts?SessionId=bec3a0cafa3946afbe4e16f31ba2db18&PartnerId=15030&rand=90f079c0-549c-41f6-bd6b-6c1ab51570b7(Line 1)
Message:
[BT] submitting successfully

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.live.com
acctcdn.msauth.net
client.hip.live.com
scu.client.hip.live.com
wus.client.hip.live.com
192.229.221.185
20.190.137.64
2620:1ec:21::22
40.126.9.98
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0b568b2d83c341c836c95536c44eeaf0915b179dbda73fddc73216f90b0e2037
15083be41a31501b531451cb1e47501f92b091f834a622a55e6a2979e62573b6
20765c1aa45654aba95d64a80b64434ed8f8ffbd77371e660291a7fb6aaefb7a
27b92cb429026174a27f57ab4956a0317e3a7b73dc3897095b3fcd8c5b02de4f
2d37191a3ff388d282c09350ecf39a3eb9e6da48296b9ea35beccbff92d1725b
33c58d7cc8509487dec20f9159ba576da3b69622dbc25f77c866b679f565f818
480bc3c8ca5055e5a01a873ad15484078d114f348ed8986c27b8d31f4f03ff14
5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c
64a94a9ee3ca3b1632d5491539713a997bcbad7158ef592facf06c1637c736d5
6bfa590f1ea9fd9632fe01d9e5676bee592172c8d8adfbdbfd82b2acc3d0af93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
97aaded71c0575ace10fabd282fba4cfa72352c70349d86fb5f2f297a84834b1
d047cc83543f391406788c0b5921b0c48e2c592cc7ccacdb3be545c21e03d00e
d7cc1e5f8a97092013abf085b7da77c010862505e4c135173c83efb241950daf
d8bbfae5f4f37ab5f234bb664ec1eef2a47b397dde70090b01f4ee18f07060b8
dfbfc72e2b282d309847621829b78cc68d8dc1e7e1a79899e7846935c18c1969
e02b6002a64d71687ee26e9bf5228bf5e79a01980e92338371bc79f6a259cedd
e27de0660e9230e5f95a35b03d401c4112435dfe1f333d478d6fec71a707e6d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efbec53145f2ad3207597317ba24fdc640ce91327acf250d57cc966c8bef9de1
f335cee868a97809bd5569fca9e72095ed9a92b7dcc4fdcd278b406bec3ba1d5