dortonline.youroffice365.com Open in urlscan Pro
208.109.19.66  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response dortonline.youroffice365.com/	9 KB 3 KB	578ms 214ms	Document text/html	208.109.19.66 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL http://dortonline.youroffice365.com/ Protocol HTTP/1.1 Server 208.109.19.66 , United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS 66.19.109.208.host.secureserver.net Software Apache / PHP/7.4.33 Resource Hash 7c7a0fad635b290aa06ab6fd91b4e2db03d9866815ef90a9c80abfd0dbfa022c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 2915 Content-Type text/html; charset=UTF-8 Date Mon, 30 Oct 2023 15:28:27 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5 Pragma no-cache Server Apache Upgrade h2,h2c Vary Accept-Encoding X-Powered-By PHP/7.4.33
GET H2	200	smlogin.css login.uillinois.edu/auth/SystemLogin/css/	8 KB 2 KB	1509ms 140ms	Stylesheet text/css	64.22.183.57 ASN-UIUC-REGION-AS
General Check archive.org Show headers Download Go to Full URL https://login.uillinois.edu/auth/SystemLogin/css/smlogin.css?version=2.2 Requested by Host: dortonline.youroffice365.com URL: http://dortonline.youroffice365.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.22.183.57 , United States, ASN698 (ASN-UIUC-REGION-AS, US), Reverse DNS login.uillinois.edu Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6766608fde0f454afae47de2205ddba8617bcdf254cd14149dd0328e2462101d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer http://dortonline.youroffice365.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers date Mon, 30 Oct 2023 15:28:28 GMT content-encoding gzip last-modified Fri, 08 Jun 2018 15:44:25 GMT server Microsoft-IIS/10.0 etag "80d2b4933fffd31:0" x-powered-by ASP.NET vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css accept-ranges bytes content-length 2269
GET H2	200	css fonts.googleapis.com/	3 KB 905 B	177ms 61ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Requested by Host: dortonline.youroffice365.com URL: http://dortonline.youroffice365.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 71a7dec8accff33fd5e0674e294bab68b15f294381fa307ecd7f73a774504562 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer http://dortonline.youroffice365.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers strict-transport-security max-age=31536000 date Mon, 30 Oct 2023 15:28:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 30 Oct 2023 14:42:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 30 Oct 2023 15:28:27 GMT
GET H/1.1	200 OK	outlook.jpg dortonline.youroffice365.com/	27 KB 27 KB	200ms 199ms	Image image/jpeg	208.109.19.66 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://dortonline.youroffice365.com/outlook.jpg Requested by Host: dortonline.youroffice365.com URL: http://dortonline.youroffice365.com/ Protocol HTTP/1.1 Server 208.109.19.66 , United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS 66.19.109.208.host.secureserver.net Software Apache / Resource Hash 43319372f6e1f43a86fb8ba8f6b55ff19486d45db3a6e7766f97e2c5e21d8e5b Request headers accept-language en-GB,en;q=0.9 Referer http://dortonline.youroffice365.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Mon, 30 Oct 2023 15:28:27 GMT Last-Modified Fri, 16 Sep 2022 21:41:02 GMT Server Apache ETag "441941-6c6c-5e8d237ef48a3" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 27756
GET H2	200	info.png login.uillinois.edu/auth/SystemLogin/images/	372 B 544 B	1507ms 139ms	Image image/png	64.22.183.57 ASN-UIUC-REGION-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.uillinois.edu/auth/SystemLogin/images/info.png Requested by Host: dortonline.youroffice365.com URL: http://dortonline.youroffice365.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.22.183.57 , United States, ASN698 (ASN-UIUC-REGION-AS, US), Reverse DNS login.uillinois.edu Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8163b68cd26aac41b33bd3d1dcf9346cb294c49d180ffbdeb024a40a40275f63 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer http://dortonline.youroffice365.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers date Mon, 30 Oct 2023 15:28:28 GMT last-modified Fri, 08 Jun 2018 15:44:25 GMT server Microsoft-IIS/10.0 etag "80d2b4933fffd31:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 372
GET H2	200	info.png login.uillinois.edu/auth/SystemLogin/images/	372 B 409 B	138ms 138ms	Image image/png	64.22.183.57 ASN-UIUC-REGION-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.uillinois.edu/auth/SystemLogin/images/info.png Requested by Host: dortonline.youroffice365.com URL: http://dortonline.youroffice365.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.22.183.57 , United States, ASN698 (ASN-UIUC-REGION-AS, US), Reverse DNS login.uillinois.edu Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8163b68cd26aac41b33bd3d1dcf9346cb294c49d180ffbdeb024a40a40275f63 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer http://dortonline.youroffice365.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers date Mon, 30 Oct 2023 15:28:28 GMT last-modified Fri, 08 Jun 2018 15:44:25 GMT server Microsoft-IIS/10.0 etag "80d2b4933fffd31:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 372
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v24/	14 KB 14 KB	165ms 52ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://dortonline.youroffice365.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers date Tue, 24 Oct 2023 17:37:58 GMT x-content-type-options nosniff age 510631 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13980 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Oct 2024 17:37:58 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| type object| authReason object| method object| agentName object| target string| theAcctURL string| theHelpURL function| show function| infoKeypress function| displayOff function| getQueryString function| submitForm function| clearCookie

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dortonline.youroffice365.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d04a9177c0c7a888614dacebb08da805

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dortonline.youroffice365.com
fonts.googleapis.com
fonts.gstatic.com
login.uillinois.edu
208.109.19.66
2a00:1450:4001:810::200a
2a00:1450:4001:82b::2003
64.22.183.57
43319372f6e1f43a86fb8ba8f6b55ff19486d45db3a6e7766f97e2c5e21d8e5b
6766608fde0f454afae47de2205ddba8617bcdf254cd14149dd0328e2462101d
71a7dec8accff33fd5e0674e294bab68b15f294381fa307ecd7f73a774504562
7c7a0fad635b290aa06ab6fd91b4e2db03d9866815ef90a9c80abfd0dbfa022c
8163b68cd26aac41b33bd3d1dcf9346cb294c49d180ffbdeb024a40a40275f63
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0