urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
40.126.32.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://autodiscover.dedagroup.ch/
Effective URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On November 13 via api from IT — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 40.126.32.74, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 19.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.98.179.120 8075 (MICROSOFT...)
1 2 52.98.253.98 8075 (MICROSOFT...)
4 40.126.32.74 8075 (MICROSOFT...)
11 152.199.23.37 15133 (EDGECAST)
7 23.38.98.83 ()
1 13.107.213.44 ()
1 20.190.159.73 ()
25 6
1    52.98.179.120 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autodiscover.dedagroup.ch
2    52.98.253.98 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com
4    40.126.32.74 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
login.live.com
11    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
7    23.38.98.83 (None, )

ASN- ()
r4.res.office365.com
1    13.107.213.44 (None, )

ASN- ()
aadcdn.msftauthimages.net
1    20.190.159.73 (None, )

ASN- ()
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
11 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1018
312 KB
9 office365.com
outlook.office365.com — Cisco Umbrella Rank: 45
r4.res.office365.com
694 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 19
28 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com
1 KB
1 msftauthimages.net
aadcdn.msftauthimages.net
8 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 77
1 dedagroup.ch
autodiscover.dedagroup.ch
545 B
25 7
Domain Requested by
11 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
7 r4.res.office365.com outlook.office365.com
3 login.microsoftonline.com aadcdn.msftauth.net
2 outlook.office365.com 1 redirects aadcdn.msftauth.net
1 autologon.microsoftazuread-sso.com
1 aadcdn.msftauthimages.net
1 login.live.com login.microsoftonline.com
1 autodiscover.dedagroup.ch 1 redirects
25 8

This site contains no links.

Subject Issuer Validity Valid
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-08-25 -
2024-08-25		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-01-31 -
2024-01-31		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-11-11 -
2024-11-11		 a year crt.sh
outlook.com
DigiCert Cloud Services CA-1		 2023-10-31 -
2024-10-30		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2023-04-17 -
2024-04-17		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2023-07-04 -
2024-07-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
Frame ID: E41A0B65A5A484807A6A6DDACC49AFB6
Requests: 17 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 1DBB0D551088CFF1DE6E6C261F0228AF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Outlook anmelden

Page URL History Show full URLs

  1. http://autodiscover.dedagroup.ch/ HTTP 301
    https://outlook.office365.com/owa/?realm=dedagroup.ch&vd=autodiscover HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
  2. https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

1041 kB
Transfer

3970 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://autodiscover.dedagroup.ch/ HTTP 301
    https://outlook.office365.com/owa/?realm=dedagroup.ch&vd=autodiscover HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw Page URL
  2. https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://autodiscover.dedagroup.ch/ HTTP 301
  • https://outlook.office365.com/owa/?realm=dedagroup.ch&vd=autodiscover HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • http://autodiscover.dedagroup.ch/
  • https://outlook.office365.com/owa/?realm=dedagroup.ch&vd=autodiscover
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d092237fff7ec586a7b6397f0498438190b844b6dcb2e19a879a9ea97602ac49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8390
Content-Type
text/html; charset=utf-8
Date
Mon, 13 Nov 2023 15:16:33 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16729.6 - NEULR1 ProdSlices
x-ms-request-id
f3d50955-b9cb-4d19-92da-32d07c12af00

Redirect headers

alt-svc
h3=":443",h3-29=":443"
content-length
861
content-type
text/html; charset=utf-8
date
Mon, 13 Nov 2023 15:16:32 GMT
location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=FRA"}],"include_subdomains":true}
request-id
cc213cfa-81b6-c629-3cdb-e5c7749d276f
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2023-11-13T15:16:32.959
x-backend-end
2023-11-13T15:16:32.959
x-backendhttpstatus
302 302
x-beserver
BEZP281MB3253
x-besku
WCS7
x-calculatedbetarget
BEZP281MB3253.DEUP281.PROD.OUTLOOK.COM
x-calculatedfetarget
BE1P281CU016.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
BEZP281MB3253
x-feefzinfo
FRA
x-feproxyinfo
FR4P281CA0075.DEUP281.PROD.OUTLOOK.COM
x-feserver
BE1P281CA0195 FR4P281CA0075
x-firsthopcafeefz
FRA
x-iids
0
x-owa-diagnosticsinfo
1;0;0
x-proxy-backendserverstatus
302
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6696) /
Resource Hash
954ca1cc229daa74bda398b3a9bf1f240387dbf0489f94fc699b1fb3d33ff36b

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:35 GMT
content-encoding
gzip
content-md5
MomJ1KqQYMdZ/Wd0Ixaldg==
age
2107348
x-cache
HIT
content-length
48778
x-ms-lease-status
unlocked
last-modified
Tue, 17 Oct 2023 10:42:23 GMT
server
ECAcc (frb/6696)
etag
0x8DBCEFDBF9A546F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
71c19b8e-901e-0076-4d19-03522a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.com/common/oauth2/ 		39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cecffb45d9043982cbfd063c5cc363aec88ba9e538244cbd9b4fd53fb4efc4f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15688
Content-Type
text/html; charset=utf-8
Date
Mon, 13 Nov 2023 15:16:34 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16729.5 - SEC ProdSlices
x-ms-request-id
c9464709-1727-4d88-98a2-37de4bf76200
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/670C) /
Resource Hash
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:35 GMT
content-encoding
gzip
content-md5
znAMuOwBXwRYMjVZ8p4wCw==
age
5782593
x-cache
HIT
content-length
20208
x-ms-lease-status
unlocked
last-modified
Wed, 06 Sep 2023 21:24:15 GMT
server
ECAcc (frb/670C)
etag
0x8DBAF1F9F5D8653
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1cda790c-001e-00df-36ac-e1e75f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		420 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67AC) /
Resource Hash
fcb536b5c96681e6f2a531edd7591b6f42f1712d4c7d1d9962362c4aa534e6a5

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:35 GMT
content-encoding
gzip
content-md5
a0nrYa6nCkIWh9n3t2618Q==
age
835560
x-cache
HIT
content-length
117990
x-ms-lease-status
unlocked
last-modified
Thu, 02 Nov 2023 07:21:59 GMT
server
ECAcc (frb/67AC)
etag
0x8DBDB74670250A9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a24d4abe-e01e-00b9-47aa-0e5f71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_g7u9c2x6y83hp3xuhnq1dq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_g7u9c2x6y83hp3xuhnq1dq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/678D) /
Resource Hash
3670c19182b07c1e3690f23281570abf658517de218e12c534caa7a4e3e6decd

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:35 GMT
content-encoding
gzip
content-md5
NSKh7H4Nvb3b9L51ktFcyQ==
age
2100597
x-cache
HIT
content-length
16665
x-ms-lease-status
unlocked
last-modified
Wed, 18 Oct 2023 19:03:15 GMT
server
ECAcc (frb/678D)
etag
0x8DBD00CE20BFCCC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b38ae290-901e-000e-2b29-03f83b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
oneDs_f2e0f4a029670f10d892.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/675C) /
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:36 GMT
content-encoding
gzip
content-md5
wegr9xrdYirQ87+FcvY0/A==
age
7726474
x-cache
HIT
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:37 GMT
server
ECAcc (frb/675C)
etag
0x8DB5D44A2CEB430
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ad940714-b01e-0048-3efe-cfd126000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_44b450e8d543eb53930d.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_44b450e8d543eb53930d.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67B6) /
Resource Hash
7800b81af455ea27630d9e4e0bd530426e446e912d478a2653c58f1ab7e62052

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:36 GMT
content-encoding
gzip
content-md5
gt6bdNfL2HUUpRZC1IrWUA==
age
2122704
x-cache
HIT
content-length
34602
x-ms-lease-status
unlocked
last-modified
Tue, 17 Oct 2023 10:42:04 GMT
server
ECAcc (frb/67B6)
etag
0x8DBCEFDB430252C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0ec89761-001e-009b-21f6-029846000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
prefetch.aspx
outlook.office365.com/owa/ Frame 1DBB 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.98.253.98 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e800b7c46fd8f2af26157503c78caf00bc78f70b1b4be399c3030c83d16093f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443",h3-29=":443"
cache-control
private, no-store
content-length
2745
content-type
text/html; charset=utf-8
date
Mon, 13 Nov 2023 15:16:42 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=FRA"}],"include_subdomains":true}
request-id
b6ff6477-f69d-bfbc-3ed3-4b01f005add6
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2023-11-13T15:16:42.898
x-backend-end
2023-11-13T15:16:42.898
x-backendhttpstatus
200 200
x-beserver
BEVP281MB3608
x-besku
WCS7
x-calculatedbetarget
BEVP281MB3608.DEUP281.PROD.OUTLOOK.COM
x-calculatedfetarget
BE1P281CU029.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
BEVP281MB3608
x-feefzinfo
FRA
x-feproxyinfo
FR4P281CA0075.DEUP281.PROD.OUTLOOK.COM
x-feserver
BE1P281CA0416 FR4P281CA0075
x-firsthopcafeefz
FRA
x-iids
0
x-owa-diagnosticsinfo
4;0;0
x-owa-version
15.20.6977.29
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
convergedlogin_pfetchsessionsprogress_7eee75fddc0da0f12778.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7eee75fddc0da0f12778.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/675E) /
Resource Hash
4027579f15834b1c1d57235d08fd2efa25c2e11095881e9e66df2549e5aa3438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:43 GMT
content-encoding
gzip
content-md5
QMJ9TByb+rJwWQvX6jCV7Q==
age
2105571
x-cache
HIT
content-length
5511
x-ms-lease-status
unlocked
last-modified
Tue, 17 Oct 2023 10:42:04 GMT
server
ECAcc (frb/675E)
etag
0x8DBCEFDB4169F63
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bee8ed5d-701e-0068-2c1d-034015000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6733) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:43 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
7726496
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/6733)
etag
0x8DB5C3F4982FD30
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
28eeb129-b01e-00cc-74fe-cf2a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FE) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:43 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
14407089
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/67FE)
etag
0x8DB5C3F492F3EE5
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
e096ecc6-801e-0082-3e3c-932bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.6977.29/scripts/ Frame 1DBB 		648 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/scripts/boot.worldwide.0.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:31:30 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
179692
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-x9isavbxks2sp-l1vyk2kkclp76bts1un37ooxzsvg0/logintenantbranding/0/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-x9isavbxks2sp-l1vyk2kkclp76bts1un37ooxzsvg0/logintenantbranding/0/bannerlogo?ts=637323162791049057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8a1364e581a6d7f3017785bc22c4f30514dc2d1257c5f9fa061e6c2c3d4291c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:43 GMT
x-azure-ref-originshield
063NRZQAAAAD4MtImWqRKS6IBETj8bKXwRlJBMjMxMDUwNDE3MDM3ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5
ThZJAdhnWeaWTFupxfaJMA==
x-cache
TCP_HIT
content-length
7450
x-ms-lease-status
unlocked
last-modified
Thu, 06 Aug 2020 13:11:19 GMT
etag
0x8D83A0A35735270
x-azure-ref
02z1SZQAAAAD6Fkko2k3eTYGF3Bz5ljcXWlJIRURHRTEzMDgANTk2NjU3MTUtNDI2YS00ZjFjLWEwNTktZDVkZmQ0MGFlNmI5
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
f3b5924c-801e-005b-4f4c-156297000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6733) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:43 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
7726496
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/6733)
etag
0x8DB5C3F4982FD30
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
28eeb129-b01e-00cc-74fe-cf2a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FE) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Nov 2023 15:16:43 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
14407089
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/67FE)
etag
0x8DB5C3F492F3EE5
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
e096ecc6-801e-0082-3e3c-932bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/dedagroup.ch/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/dedagroup.ch/winauth/ssoprobe?client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&_=1699888603299
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.73 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 15:16:43 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
25724c54-f9ed-4e92-813d-0ab5fe083000
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.16729.6 - NEULR1 ProdSlices
Expires
-1
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.6977.29/scripts/ Frame 1DBB 		644 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/scripts/boot.worldwide.1.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:31:20 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
163064
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.6977.29/scripts/ Frame 1DBB 		647 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/scripts/boot.worldwide.2.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:31:30 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
169666
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.6977.29/scripts/ Frame 1DBB 		645 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/scripts/boot.worldwide.3.mouse.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:31:21 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
145599
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.6977.29/resources/images/0/ Frame 1DBB 		132 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/resources/images/0/sprite1.mouse.png
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:40:58 GMT
server
AkamaiNetStorage
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
132
dssostatus
login.microsoftonline.com/common/instrumentation/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b1ab2c780bb6b78c2c42268f91e64e299b85bb7bea0b1158eaa7bd99018dc03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
c9464709-1727-4d88-98a2-37de4bf76200
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
client-request-id
cc213cfa-81b6-c629-3cdb-e5c7749d276f
canary
PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ--FrOXeaKXCgFZGHm718fpkniMGOsGab357mr_tObbBbEAMHLKHLgz4jACUXHPRUddyOfFd6H4VXNq_4zZexs60TjUmu-Ef_Z4d3mA4Imu7wJGrGM4STT0-OURA3hjREigWjYbE4lhetcHY65SZ3UBxYt_bNkKLk-3MIALqjdsZlUnx-EOq_E6nx5AU4ECxnuJpl54EFagixBo-9bLcYwqCAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dedagroup.ch&nonce=638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b&state=DctBDoIwEEDRVu9C3BQsndLpgniWYWaCJJiaKnh9u3h_960x5tpcGntvMWkKGCJgDHnMMSeE3LMHAmZyCbw4YGWHyJMLykLqQZZxse29DeVHw6Mq7a9ZVGit5Xj3_OxOmen4Ftk-XE6tfw&sso_reload=true
hpgact
1800

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 13 Nov 2023 15:16:43 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
cc213cfa-81b6-c629-3cdb-e5c7749d276f
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
c2e3d4e8-ac01-4d9f-9abb-fce318cd7600
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16729.5 - FRC ProdSlices
Expires
-1
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.6977.29/resources/images/0/ Frame 1DBB 		994 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/resources/images/0/sprite1.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:40:56 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
288
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.6977.29/resources/styles/0/ Frame 1DBB 		227 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.6977.29/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.83 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://outlook.office365.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:16:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Nov 2023 23:41:26 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
44144

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __

17 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: ClientId
Value: 7759E14E82E74E81A960F1370DAB4A17
outlook.office365.com/ Name: OIDC
Value: 1
outlook.office365.com/ Name: domainName
Value: dedagroup.ch
outlook.office365.com/ Name: OpenIdConnect.nonce.v3.mWywn01x0eXm69EZbS0VAG-z6ZZuPIh_JocnWHSM1kU
Value: 638354853929597849.c14a4cca-741d-4cec-88c6-3ecdae14db2b
outlook.office365.com/ Name: X-OWA-RedirectHistory
Value: ArLym14BmbsehVvk2wg
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AXsAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-2zCibg2qqgjcZjtaWfnD9o0KzwZWmzCNo_11jpg3_7lMz9xNpBQahcBNTUOovm18pJHcXQSB-8qkU7finy7_es35zJXtHVmFjNK9cc68OY8gAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-hnE9OJAV1o3-Kvj0St_a0IBK7OwGW9jRqyewu1EbkrmZvI9U1Y2tJiI7hYNV8IpFeTauMSTaFfRO0jPO3mbEkGhVbK9HRufSObbfD3SFuo6Kon6_F8Wluu4WJ0taUzjaL7QCDbQBR-uXjpv-ky7Wfs1Ah0reXKEmxPmHPAgbgfMgAA
.login.microsoftonline.com/ Name: esctx-bXmE9rLF028
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-n0tb6uqtXE0vj8VsEkn5mIi2xdw3PBovHPZVUbVWQ91t1d9KpfiuL7HB21Rrb4FCp5i_U5pxGG1xjnMOuaQB_g9L0YXT4wJMmLMLc3C_NXH92wuetxfSajkONHm13Z7UK1W4FyK6y6kzlnIMVZuDfSAA
login.microsoftonline.com/ Name: fpc
Value: ArA-cjsNw-9NugTEVeYVPaaerOTJAQAAANI05NwOAAAA
.login.live.com/ Name: uaid
Value: 8d8eae2cf3204117b64c76b1e8948a8f
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1699888595&co=1
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 2f012688-7470-40d9-8aa3-6c0bd457ef9a
.login.microsoftonline.com/ Name: brcap
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/dedagroup.ch/winauth/ssoprobe?client-request-id=cc213cfa-81b6-c629-3cdb-e5c7749d276f&_=1699888603299
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autodiscover.dedagroup.ch
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
outlook.office365.com
r4.res.office365.com
13.107.213.44
152.199.23.37
20.190.159.73
23.38.98.83
40.126.32.74
52.98.179.120
52.98.253.98
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99
1b1ab2c780bb6b78c2c42268f91e64e299b85bb7bea0b1158eaa7bd99018dc03
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
3670c19182b07c1e3690f23281570abf658517de218e12c534caa7a4e3e6decd
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
4027579f15834b1c1d57235d08fd2efa25c2e11095881e9e66df2549e5aa3438
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
7800b81af455ea27630d9e4e0bd530426e446e912d478a2653c58f1ab7e62052
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
954ca1cc229daa74bda398b3a9bf1f240387dbf0489f94fc699b1fb3d33ff36b
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
cecffb45d9043982cbfd063c5cc363aec88ba9e538244cbd9b4fd53fb4efc4f6
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d092237fff7ec586a7b6397f0498438190b844b6dcb2e19a879a9ea97602ac49
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
e800b7c46fd8f2af26157503c78caf00bc78f70b1b4be399c3030c83d16093f7
f8a1364e581a6d7f3017785bc22c4f30514dc2d1257c5f9fa061e6c2c3d4291c
fcb536b5c96681e6f2a531edd7591b6f42f1712d4c7d1d9962362c4aa534e6a5