learn.microsoft.com
Open in
urlscan Pro
95.100.65.213
Public Scan
Effective URL: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=...
Submission: On January 11 via manual from US — Scanned from SE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on September 2nd 2022. Valid for: a year.
This is the only time learn.microsoft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 96.16.143.41 96.16.143.41 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 12 | 95.100.65.213 95.100.65.213 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 13.107.237.44 13.107.237.44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 23.37.44.90 23.37.44.90 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
8 | 184.30.21.171 184.30.21.171 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2.18.233.62 2.18.233.62 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
22 | 5 |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-143-41.deploy.static.akamaitechnologies.com
aka.ms |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-65-213.deploy.static.akamaitechnologies.com
learn.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wcpstatic.microsoft.com | |
js.monitor.azure.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-90.deploy.static.akamaitechnologies.com
videoplayercdn.osi.office.net |
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-171.deploy.static.akamaitechnologies.com
www.microsoft.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-62.deploy.static.akamaitechnologies.com
c.s-microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
microsoft.com
2 redirects
learn.microsoft.com — Cisco Umbrella Rank: 17750 wcpstatic.microsoft.com — Cisco Umbrella Rank: 8216 www.microsoft.com — Cisco Umbrella Rank: 360 |
1 MB |
1 |
s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 16440 |
34 KB |
1 |
office.net
1 redirects
videoplayercdn.osi.office.net — Cisco Umbrella Rank: 45137 |
266 B |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3564 |
61 KB |
1 |
aka.ms
1 redirects
aka.ms — Cisco Umbrella Rank: 7432 |
523 B |
22 | 5 |
Domain | Requested by | |
---|---|---|
12 | learn.microsoft.com |
2 redirects
learn.microsoft.com
|
8 | www.microsoft.com |
learn.microsoft.com
www.microsoft.com |
2 | wcpstatic.microsoft.com |
learn.microsoft.com
www.microsoft.com |
1 | c.s-microsoft.com |
www.microsoft.com
|
1 | videoplayercdn.osi.office.net | 1 redirects |
1 | js.monitor.azure.com |
learn.microsoft.com
|
1 | aka.ms | 1 redirects |
22 | 7 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
learn.microsoft.com Microsoft Azure TLS Issuing CA 05 |
2022-09-02 - 2023-08-28 |
a year | crt.sh |
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-06 - 2023-12-06 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 05 |
2022-12-23 - 2023-12-18 |
a year | crt.sh |
www.microsoft.com Microsoft Azure TLS Issuing CA 06 |
2022-10-04 - 2023-09-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=o365-worldwide
Frame ID: 0B1820D94802F9806B567D503842C0EC
Requests: 13 HTTP requests in this frame
Frame:
https://www.microsoft.com/videoplayer/embed/RE2jvOb?csid=ux-cms-en-us-msoffice&uuid=RE2jvOb&AutoPlayVideo=false
Frame ID: 8AD7F07BD36712B79A3F22CF90301604
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Responding to a Compromised Email Account - Office 365 | Microsoft LearnPage URL History Show full URLs
-
https://aka.ms/O365-compromise
HTTP 301
https://learn.microsoft.com/microsoft-365/security/office-365-security/responding-to-a-compromised-email... HTTP 301
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised... HTTP 301
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Download Microsoft Edge
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Microsoft 365 Defender portal trials hub
Search URL Search Domain Scan URL
Title: https://admin.microsoft.com
Search URL Search Domain Scan URL
Title: https://admin.microsoft.com/Adminportal/Home#/users
Search URL Search Domain Scan URL
Title: https://admin.exchange.microsoft.com
Search URL Search Domain Scan URL
Title: https://admin.exchange.microsoft.com/#/mailboxes
Search URL Search Domain Scan URL
Title: https://security.microsoft.com
Search URL Search Domain Scan URL
Title: https://security.microsoft.com/emailandcollabpermissions
Search URL Search Domain Scan URL
Title: https://admin.exchange.microsoft.com/#/adminRoles
Search URL Search Domain Scan URL
Title: Internet Crime Complaint Center
Search URL Search Domain Scan URL
Title: Securities and Exchange Commission - "Phishing" Fraud
Search URL Search Domain Scan URL
Title: Use the Report Message add-in
Search URL Search Domain Scan URL
Title: This product
Search URL Search Domain Scan URL
Title: View all page feedback
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Trademarks
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://aka.ms/O365-compromise
HTTP 301
https://learn.microsoft.com/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account HTTP 301
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account HTTP 301
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=o365-worldwide Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://videoplayercdn.osi.office.net/hub/?csid=ux-cms-en-us-msoffice&uuid=RE2jvOb&AutoPlayVideo=false HTTP 302
- https://www.microsoft.com/videoplayer/embed/RE2jvOb?csid=ux-cms-en-us-msoffice&uuid=RE2jvOb&AutoPlayVideo=false
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
responding-to-a-compromised-email-account
learn.microsoft.com/en-us/microsoft-365/security/office-365-security/ Redirect Chain
|
55 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52323849.site-ltr.css
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
468 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ |
273 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67a45209.deprecation.js
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/global/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
310a0a17.index-docs.js
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ |
2 MB 538 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
itpro-eac-moreoptionsicon.png
learn.microsoft.com/en-us/microsoft-365/media/ |
384 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scc-toggle-on.png
learn.microsoft.com/en-us/microsoft-365/media/ |
996 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m365-cc-sc-delete-icon.png
learn.microsoft.com/en-us/microsoft-365/media/ |
520 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
docons.9a89adae.woff2
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SegoeUI-Roman-VF_web.woff2
learn.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/ |
116 KB 117 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RE2jvOb
www.microsoft.com/videoplayer/embed/ Frame 8AD7 Redirect Chain
|
78 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
195 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
learn.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mwfmdl2-v3.54.woff2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ Frame 8AD7 |
22 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider
www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/button/glyph/heading/image/list/pagebehaviors/selectmenu/ Frame 8AD7 |
174 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb-ddc7e5
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/mscomhp/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/76-fd2264/19-19fa02/ Frame 8AD7 |
30 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/ Frame 8AD7 |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ Frame 8AD7 |
273 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ae-07eb21
www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/49-a00ab0/92-02e55d/d5-bf34c0/a9-078595/44-f01b50/48-7cd437/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/6f-2bab60/... Frame 8AD7 |
321 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17-d38c55
www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/88-3d3ba4/ Frame 8AD7 |
206 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider
www.microsoft.com/mwf/js/MWF_20220915_56101889/button/glyph/heading/image/list/pagebehaviors/selectmenu/ Frame 8AD7 |
55 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ Frame 8AD7 |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange object| msDocs function| WcpConsent function| mscc object| e function| t object| oneDS object| __dynProto$Gbl object| awa function| FormBehaviorElement function| applyFocusVisiblePolyfill object| litHtmlVersions6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
learn.microsoft.com/en-us/microsoft-365/security/office-365-security | Name: original_req_url Value: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account |
|
learn.microsoft.com/microsoft-365/security/office-365-security | Name: original_req_url Value: https://learn.microsoft.com/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account |
|
.learn.microsoft.com/ | Name: ARRAffinity Value: 6932f15aacbcddad59baccd7ce183bb8bb314c0aee6f8ecbfd618e801c02bb4c |
|
.learn.microsoft.com/ | Name: ARRAffinitySameSite Value: 6932f15aacbcddad59baccd7ce183bb8bb314c0aee6f8ecbfd618e801c02bb4c |
|
www.microsoft.com/ | Name: akacd_OneRF Value: 1681236389~rv=17~id=4ece57e8f46da418e5f7a464449f67d3 |
|
www.microsoft.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: a4266739-bbca-4c3d-b4c7-76da3ae577d9 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aka.ms
c.s-microsoft.com
js.monitor.azure.com
learn.microsoft.com
videoplayercdn.osi.office.net
wcpstatic.microsoft.com
www.microsoft.com
13.107.237.44
184.30.21.171
2.18.233.62
23.37.44.90
95.100.65.213
96.16.143.41
0261431ab809a0017c96df9052ca966d60f00523f6166c588eae6aac44ba987f
0d00e8058bd29f8c1f8a6cbfaf73ad122bbb5920e21cfae7531c049a3b9c947f
0f631eed7fa0222fd2e7bb55c0d9f8dd393bb5abcb6176b530eb35ae9908b5c6
219c396d92947d8981a84be1a2e8fe5bb404d4325fa93d6f3537293780475366
3c2f7401a27b902dc1a9ae266d58bdf730dd23c654e91d17945cfd8be33e19c8
4edc5c4040f8ff71828bdae0a1328901dd2c1cc5a838ddbe3a113ca2b6346db7
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
641fd5e865f778cc22f8761c7e53ea73a0e70643c8f7bff907ba2270d193323c
789f2ef4fb3fafc238f5e411eb9f23930c67e560a81051a49f210bc19fcb640a
a2f8ad05455b5a566d1877473402d19b940d30774adb7cfd142cc0e0513b7b16
a9856cd083df197ad1952591a6b1a37689d5e40a1048d7a71657139c652bdf8d
b1673b864f292c9da91c42ffdde9d60a2df7c6b72bbb3d2c3a390a02d351b637
badc6612f8cd2d66e004f1699d91fd8be0a5ab97bae09e638f65037c1940a2e2
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03
dc38ba12c4c74a9b7f56f1f6c64efcec67ed0ec2e9a258e15eb0d3f35198c40a
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f8ae8a1dc7ce7877b9fb9299183d2ebb3befad0b6489ae785d99047ec2eb92d1
fa8932c1aaa839c663f45c804a6f439134b78b2473a2bf75447f4aadc1c42a32