![](/screenshots/88ba5b9b-3498-4736-aa95-c7b7cd2221a9.png)
login.microsoftonline.us
Open in
urlscan Pro
2001:489a:3500:48::1
Public Scan
Effective URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On November 14 via api from IN — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2023. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 2001:489a:220... 2001:489a:2200:5c5::2 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
28 | 2600:141b:e80... 2600:141b:e800:38::17c6:d65b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2001:489a:350... 2001:489a:3500:48::1 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.245.128.79 52.245.128.79 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2620:1ec:bdf::38 2620:1ec:bdf::38 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2603:1036:302... 2603:1036:302:4000::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2600:141b:e80... 2600:141b:e800:3a::17ce:79c7 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
52 | 7 |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pod51501.office365.us |
ASN20940 (AKAMAI-ASN1, NL)
res-dod.cdn.office.net |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pf.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com |
ASN20940 (AKAMAI-ASN1, NL)
r4.res.office365.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
office.net
res-dod.cdn.office.net — Cisco Umbrella Rank: 120977 |
1 MB |
11 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 982 |
297 KB |
8 |
office365.com
outlook.office365.com — Cisco Umbrella Rank: 45 r4.res.office365.com — Cisco Umbrella Rank: 194 |
690 KB |
4 |
office365.us
2 redirects
pod51501.office365.us — Cisco Umbrella Rank: 117805 |
11 KB |
2 |
microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 11713 |
26 KB |
1 |
microsoft.com
pf.events.data.microsoft.com — Cisco Umbrella Rank: 62988 |
587 B |
52 | 6 |
Domain | Requested by | |
---|---|---|
28 | res-dod.cdn.office.net |
pod51501.office365.us
res-dod.cdn.office.net |
11 | aadcdn.msauth.net |
login.microsoftonline.us
aadcdn.msauth.net |
7 | r4.res.office365.com |
outlook.office365.com
|
4 | pod51501.office365.us |
2 redirects
res-dod.cdn.office.net
|
2 | login.microsoftonline.us |
res-dod.cdn.office.net
aadcdn.msauth.net |
1 | outlook.office365.com |
aadcdn.msauth.net
|
1 | pf.events.data.microsoft.com |
res-dod.cdn.office.net
|
52 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webmail.apps.mil Entrust Certification Authority - L1K |
2023-07-26 - 2024-07-26 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2023-04-17 - 2024-04-17 |
a year | crt.sh |
login.microsoftonline.us DigiCert SHA2 Secure Server CA |
2023-08-25 - 2024-08-25 |
a year | crt.sh |
*.pipe.aria.microsoft.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-16 - 2024-09-10 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-10-29 - 2024-10-29 |
a year | crt.sh |
outlook.com DigiCert Cloud Services CA-1 |
2023-10-31 - 2024-10-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=31b55a9d-2f56-adef-8da6-1a2aaf97c088&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638355761957267112.be95cee9-5651-4221-862a-0c31da2ab172&state=DcuxjoJAEIBhON_FjpOZvd11C2NhYixYEjkJSjezbKFGIdwCp829-lF8f_fHURQtZh-zOJ0TaSXWQkqtwEiNSgPgJ3sjnfcmkUpC8oUIyVohJakT0BASg8Z4fv9W7USr7U-g4Dew7H1z7b0Lp3ZDhyJ1B6uyl5kYj2BP5WS_5Vg_6u6C5Tu_lUNztiNX-4535ukeBtzO3BmLjs52YJSBqvzFIh_r53G4oAmZKNq6ykfG356q4p1N_w&sso_reload=true
Frame ID: 2C923194154DFB096053224C800C0061
Requests: 44 HTTP requests in this frame
Frame:
https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 4DC0475A0A3A37D00DC4675355E19DCB
Requests: 8 HTTP requests in this frame
Screenshot
![](/screenshots/88ba5b9b-3498-4736-aa95-c7b7cd2221a9.png)
Page Title
Sign in to OutlookPage URL History Show full URLs
-
http://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/
HTTP 307
https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/ Page URL
-
https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?authRedirect=true&state=0
HTTP 302
https://pod51501.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9wb2Q1MTUwMS5vZmZpY2UzNjUudXMvbWFpbC9ncm91... HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/
HTTP 307
https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/ Page URL
-
https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?authRedirect=true&state=0
HTTP 302
https://pod51501.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9wb2Q1MTUwMS5vZmZpY2UzNjUudXMvbWFpbC9ncm91cC9kb2RpaXMub25taWNyb3NvZnQuY29tL3RoZWNvb2xraWRzLw HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=31b55a9d-2f56-adef-8da6-1a2aaf97c088&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638355761957267112.be95cee9-5651-4221-862a-0c31da2ab172&state=DcuxjoJAEIBhON_FjpOZvd11C2NhYixYEjkJSjezbKFGIdwCp829-lF8f_fHURQtZh-zOJ0TaSXWQkqtwEiNSgPgJ3sjnfcmkUpC8oUIyVohJakT0BASg8Z4fv9W7USr7U-g4Dew7H1z7b0Lp3ZDhyJ1B6uyl5kYj2BP5WS_5Vg_6u6C5Tu_lUNztiNX-4535ukeBtzO3BmLjs52YJSBqvzFIh_r53G4oAmZKNq6ykfG356q4p1N_w Page URL
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=31b55a9d-2f56-adef-8da6-1a2aaf97c088&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638355761957267112.be95cee9-5651-4221-862a-0c31da2ab172&state=DcuxjoJAEIBhON_FjpOZvd11C2NhYixYEjkJSjezbKFGIdwCp829-lF8f_fHURQtZh-zOJ0TaSXWQkqtwEiNSgPgJ3sjnfcmkUpC8oUIyVohJakT0BASg8Z4fv9W7USr7U-g4Dew7H1z7b0Lp3ZDhyJ1B6uyl5kYj2BP5WS_5Vg_6u6C5Tu_lUNztiNX-4535ukeBtzO3BmLjs52YJSBqvzFIh_r53G4oAmZKNq6ykfG356q4p1N_w&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/ HTTP 307
- https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/
- https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?authRedirect=true&state=0 HTTP 302
- https://pod51501.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9wb2Q1MTUwMS5vZmZpY2UzNjUudXMvbWFpbC9ncm91cC9kb2RpaXMub25taWNyb3NvZnQuY29tL3RoZWNvb2xraWRzLw HTTP 302
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=31b55a9d-2f56-adef-8da6-1a2aaf97c088&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638355761957267112.be95cee9-5651-4221-862a-0c31da2ab172&state=DcuxjoJAEIBhON_FjpOZvd11C2NhYixYEjkJSjezbKFGIdwCp829-lF8f_fHURQtZh-zOJ0TaSXWQkqtwEiNSgPgJ3sjnfcmkUpC8oUIyVohJakT0BASg8Z4fv9W7USr7U-g4Dew7H1z7b0Lp3ZDhyJ1B6uyl5kYj2BP5WS_5Vg_6u6C5Tu_lUNztiNX-4535ukeBtzO3BmLjs52YJSBqvzFIh_r53G4oAmZKNq6ykfG356q4p1N_w
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/ Redirect Chain
|
14 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-light.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
34 KB 35 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-semibold.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
31 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-semilight.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.mailindex.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
403 KB 160 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.extframework.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
240 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.graphql.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
393 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.fluent.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
242 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.fluentIcons.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.956337.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.342106.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.16025.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.18838.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.191538.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.309598.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.524889.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.862600.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.782831.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.436856.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.452772.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.344953.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.807402.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.348139.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.197777.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.MailBoot.m.css
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
127 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.MailBoot.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
3 MB 800 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.svg
res-dod.cdn.office.net/assets/framework/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
startupdata.ashx
pod51501.office365.us/owa/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics-ping.js
res-dod.cdn.office.net/owamail/20231020006.27/resources/ |
34 B 685 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.us/common/oauth2/ Redirect Chain
|
20 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
pf.events.data.microsoft.com/OneCollector/1.0/ |
0 587 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.us/common/oauth2/ |
41 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
420 KB 116 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_orpt-59zawtpatdv5lgnaa2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
52 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_44b450e8d543eb53930d.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prefetch.aspx
outlook.office365.com/owa/ Frame 4DC0 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/ |
987 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49_6ffe0a92d779c878835b40171ffc2e13.jpg
aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53_7a3c80bf9694448bac31a9589d2e9e92.png
aadcdn.msauth.net/shared/1.0/content/images/applogos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_b76d35ed531a6647c36c.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.6933.29/scripts/ Frame 4DC0 |
648 KB 176 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.6933.29/scripts/ Frame 4DC0 |
644 KB 160 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.6933.29/scripts/ Frame 4DC0 |
647 KB 166 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.6933.29/scripts/ Frame 4DC0 |
645 KB 142 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.6933.29/resources/images/0/ Frame 4DC0 |
132 B 327 B |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.6933.29/resources/images/0/ Frame 4DC0 |
994 B 503 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.6933.29/resources/styles/0/ Frame 4DC0 |
227 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_44b450e8d543eb53930d boolean| __convergedlogin_pstringcustomizationhelper_b76d35ed531a6647c36c17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pod51501.office365.us/ | Name: ClientId Value: DB1B71E560F240CF8A945CCBC64D0CC1 |
|
pod51501.office365.us/ | Name: OIDC Value: 1 |
|
pod51501.office365.us/ | Name: OpenIdConnect.nonce.v3.l20A7tnabNlZjxYj5EvBaGXx2licm7tECKMks_OYHzE Value: 638355761957267112.be95cee9-5651-4221-862a-0c31da2ab172 |
|
pod51501.office365.us/ | Name: X-OWA-RedirectHistory Value: Ale6VTEBqGbJ7y7l2wg |
|
.microsoft.com/ | Name: MC1 Value: GUID=5e56b1d0ed234fff905caa5970017121&HASH=5e56&LV=202311&V=4&LU=1699979395863 |
|
.microsoft.com/ | Name: MS0 Value: 4281255716554229b8e45510c9b466ac |
|
login.microsoftonline.us/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.us/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.us/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.us/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.us/ | Name: buid Value: 0.CwUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mxPRU1rfs2KUr3qZI-uSH17_1Fhf0MdDVcbonja751__yO8FAS3K3QASRotj6k-JWdP3Jev3mbD6YaUKvKTvaHXmF8qnQRyRzpinAO-jRJxMgAA |
|
.login.microsoftonline.us/ | Name: esctx Value: PAQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mYhMXTHDvJoqp-XB7O2Io6-9Uo9jnVdHJCq6zpXLHvk_8sUM2a6vqRzBGJ5ZajAz_vzurmeWuUuT5kwR6R0XGyV9qerhBKZptvqrjUegf8qWex2v0xLbrUHorpAwYHoArfvmwwvgBMuPyUUrivdDPZ2LKXBNHjTbcpka9Asph7MUgAA |
|
.login.microsoftonline.us/ | Name: esctx-udZPUUrbHUk Value: AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5m0QBzjbNRlLWVkHblszQC5WKnLoxtLNKdu78CJ5DTgaJcWkiES3orT8yPTBNfTr7OFYtj8I-BXP98hDw3ZKuC_3Xuaa7aR4UGuwymTwr2Gr7fy0nkCwh1bbL6HR39_lXMQzxsdNSos_mGI9HwOT2kaSAA |
|
login.microsoftonline.us/ | Name: fpc Value: AjknObVpYI5FkMW6QVYh3daerOTJAQAAAIOX5dwOAAAA |
|
.login.microsoftonline.us/ | Name: brcap Value: 0 |
|
outlook.office365.com/ | Name: ClientId Value: 80206BAAC3E349A789A4FD8E4D9A43F5 |
|
outlook.office365.com/ | Name: OIDC Value: 1 |
23 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-TBsa6C7YfUv34mmZ05sxOQ==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office.com *.res.office365.com *.cdn.office.net *.services.web.outlook.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.dod.online.office365.us *.outlook.live.net *.spoppe.com *.onedrive.com substrate.office.us *.office365.us pf.pipe.aria.microsoft.com dev.virtualearth.net media.licdn.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.dod.online.office365.us wss://*.augloop.dod.online.office365.us dod-graph.microsoft.us d*.office.microsoft.com www.onenote.com *.storage.msn.com nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint.com *.sharepoint-mil.us wss://dod.loki.office365.us:443 dod.loki.office365.us web.vortex.data.microsoft.com *.events.data.microsoft.com *.oscs.protection.office365.us *.safelinks.protection.office365.us od.apps.mil attachments-dod.office365-net.us 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com; base-uri pf.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms login.microsoftonline.com od.apps.mil *.dod.online.office365.us; object-src *.office.net 'self' attachments-dod.office365-net.us; frame-ancestors 'self'; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.sharepoint-df.com *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com attachments-dod.office365-net.us; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri ; upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
login.microsoftonline.us
outlook.office365.com
pf.events.data.microsoft.com
pod51501.office365.us
r4.res.office365.com
res-dod.cdn.office.net
2001:489a:2200:5c5::2
2001:489a:3500:48::1
2600:141b:e800:38::17c6:d65b
2600:141b:e800:3a::17ce:79c7
2603:1036:302:4000::2
2620:1ec:bdf::38
52.245.128.79
0165b26bd1709b0dfee472d6572c09e9d06bc0775499990f6aa9ca32ac8e7e30
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
05a1bfab02c01fc0c870b6c12d51a76d0d70cb6129263dd763a86deb94548b94
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
125f2e9ed3f2da5f8f1226d28461c20b5e8beded7c626c64b480571124e02b10
143d717a017b3c984a2f9002c7cbd3885205cb7a74e3bb50da53b2f76f77ed57
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99
1a5ffa4351f1376bb2b201dc7110cf967a64a1f08c8887c79eea9db1c0681727
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
264510057071e67c512debabde59ce953de552b0333a4891914213e3930524e2
27332e3ff8802c18556e306d6bfaa2f936689db1efba1dc7fc9ea43de81ebca9
2ccf8e0f95662c2a36d6d7a14c2481f9172c6a9a95312de1b37c006fff81a9fa
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
3cc9c22545b910fbd4360c04aa9e64a1605d2770f2615cd234d2b9ec9194bda3
3f297da5a3a34d9f2ec41ed805ccd6bd2d711c7b36624f9edffdb589c5f535b6
52ef7362a35af9b69e3c372b203be15d3ed9cff22112c2209a82ef9d34cc0c7f
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
5ab5ed6f9345a602dfd5e66bb50843bb2c2599415fdb4439a100b17ee0c59bf4
5e01e9df61e28e86742abac18ac03b4690e769cc20a6189868dca5752f16b601
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
64c71c2065e451ac1e23464d89156e39f8c381f0ba8f56ddfccc2da2eea7f93c
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
7800b81af455ea27630d9e4e0bd530426e446e912d478a2653c58f1ab7e62052
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
806e93ee46c4b65ddda655220068bcbca6f65b0b2c74cc3a58eb9b0bcfc90e9b
83227d13d34a72320045bd6cf123354019b7dbe4f4c3f5330ce00fa3dd64deb1
8358daa2520cdca1a5e2df51eed0becdfa8de3b61665528e4d9b9b7f663050cf
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
954ca1cc229daa74bda398b3a9bf1f240387dbf0489f94fc699b1fb3d33ff36b
96b2259b500096a26ec0ba5d67d0c4dcee535718be7494953ae823be6a2e535a
a5bd1269f9588405c402ab868596945a46bf19b7593c057dc0cf83963b463af1
b2b0bc9c8ce24c9222e4311641f4b3205d5bed668613e1220336284a4e656214
baca974e912500d33f871b452ac223aa3009d82bbd738858e9e75ded2f89bad7
c59bf03deddd5fee2363ffb0cabe59b16d8d6c9b0a6e31d8ebd277eb63a5e20f
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
c9166e45fd0bbd06bba45897bb1e8705fd55addad14a54b399ec011f9bd03326
cb6785b8c76032ea82e2fc42183fad749cdb28e3c20c03cbfc33f05ab0b4884d
ce2c89ab531beb667fd622383175b9e730c5070813c048238723851d047badd5
cf9903d84fb8bf3da1935e4b92a0a5d2293b54fe1cd51be9d952cd154ae81d84
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
ecd16cbd6210f8d47ed288a5f98f624f2a08a513d79a29d94dcc90d248e75bcf
f7869fd46fb3df86508937f479afccf436545f27130908aa70863804ecd57a20
fcb536b5c96681e6f2a531edd7591b6f42f1712d4c7d1d9962362c4aa534e6a5