URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Submission: On April 17 via manual from GB

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 23.102.191.170, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is w2.outlook.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on October 7th 2020. Valid for: a year.
This is the only time w2.outlook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 23.102.191.170 8075 (MICROSOFT...)
6 2606:2800:133... 15133 (EDGECAST)
3 2620:1ec:46::19 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2606:2800:233... 15133 (EDGECAST)
2 51.107.59.180 8075 (MICROSOFT...)
2 51.140.157.153 8075 (MICROSOFT...)
22 7
Domain Requested by
6 ol.azureedge.net w2.outlook.com
6 w2.outlook.com w2.outlook.com
3 assets.outlook.com w2.outlook.com
2 pipe.skype.com az416426.vo.msecnd.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
1 az815563.vo.msecnd.net w2.outlook.com
1 az416426.vo.msecnd.net w2.outlook.com
1 img-prod-cms-rt-microsoft-com.akamaized.net w2.outlook.com
22 8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
app.adjust.com
www.microsoft.com
Subject Issuer Validity Valid
w2.outlook.com
Microsoft RSA TLS CA 01
2020-10-07 -
2021-10-07
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2020-11-16 -
2021-11-10
a year crt.sh
assets.outlook.com
Microsoft RSA TLS CA 02
2020-10-07 -
2021-10-07
a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2020-07-15 -
2021-09-13
a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02
2021-03-09 -
2022-03-09
a year crt.sh
sni748bgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2020-11-10 -
2021-11-16
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01
2020-09-14 -
2021-09-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Frame ID: A5D4AC8B4F2A06300DC55C2C678BAADD
Requests: 20 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

603 kB
Transfer

933 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set mobile
w2.outlook.com/l/
9 KB
4 KB
Document
General
Full URL
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.102.191.170 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd44aede69858fa1dd7e8a533cef20a5808c8d973b09d1b1b06ae8af453bb284

Request headers

Host
w2.outlook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Length
3492
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
TiPMix=8.08443976942657; path=/; HttpOnly; Domain=w2.outlook.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=w2.outlook.com; Max-Age=3600; Secure
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:7b58e0d3-c9d9-4a20-b44a-d6ab09daaadd
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Sat, 17 Apr 2021 02:57:03 GMT
bootstrap.min.css
w2.outlook.com/l/assets/sms/non-localizable/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://w2.outlook.com/l/assets/sms/non-localizable/css/bootstrap.min.css
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.102.191.170 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
w2.outlook.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Cookie
TiPMix=8.08443976942657; x-ms-routing-name=self
Connection
keep-alive
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 02:57:04 GMT
Content-Encoding
gzip
ETag
"0cc5cbcdcad71:0"
Last-Modified
Wed, 24 Feb 2021 18:42:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
19633
l2-sms-page.css
w2.outlook.com/l/assets/sms/non-localizable/css/
31 KB
5 KB
Stylesheet
General
Full URL
https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.102.191.170 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f0ecc0a814cb89be1dabad4e5533d16730e5c0b2ea342d4fbb5d234bf631c72

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
w2.outlook.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Cookie
TiPMix=8.08443976942657; x-ms-routing-name=self
Connection
keep-alive
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 02:57:04 GMT
Content-Encoding
gzip
ETag
"0cc5cbcdcad71:0"
Last-Modified
Wed, 24 Feb 2021 18:42:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
5333
logotype-white-text.png
ol.azureedge.net/eas/p2/m2/L2-landing-page/
2 KB
2 KB
Image
General
Full URL
https://ol.azureedge.net/eas/p2/m2/L2-landing-page/logotype-white-text.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1D) /
Resource Hash
b8e37157a337c4b0a891b2aa58910965fd29b171b49373de1a548a6ca9f0dc02

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Fri, 20 Sep 2019 17:53:19 GMT
server
ECAcc (frc/8F1D)
content-md5
rDNapaNt7k45uv8As1FZXA==
age
205102
etag
0x8D73DF36C22CA0E
x-ms-meta-cbmodifiedtime
Fri, 20 Sep 2019 17:35:43 GMT
x-cache
HIT
content-type
image/png
x-ms-request-id
917de9c2-401e-0107-4657-310486000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
1769
ic-error-32-x-32.png
ol.azureedge.net/eas/p2/m2/outlook-sms/
834 B
1007 B
Image
General
Full URL
https://ol.azureedge.net/eas/p2/m2/outlook-sms/ic-error-32-x-32.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FB1) /
Resource Hash
b621c9420c557c3c362b58df146af5dd0e3fc8294adf882e20331e9418f7e482

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Tue, 28 Feb 2017 19:53:58 GMT
server
ECAcc (frc/8FB1)
content-md5
SqpJn4XVnIQTRqe0+/S+DA==
age
593938
etag
0x8D4601388F9FB4B
x-ms-meta-cbmodifiedtime
Tue, 28 Feb 2017 19:53:23 GMT
x-cache
HIT
content-type
image/png
x-ms-request-id
71cef588-601e-0139-11ce-2db2a7000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
834
564910928.png
assets.outlook.com/qrprod/
391 B
861 B
Image
General
Full URL
https://assets.outlook.com/qrprod/564910928.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
20704401b7cadde643ecad5b2a1eb66e662fa2c23a1b981a653bcc169a895bda

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Tue, 04 Feb 2020 23:18:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7A9C88F9671D9
x-azure-ref
0gE56YAAAAABvaYzvnzJDR5UNy8X1R38wRlJBRURHRTEwMTMAOTI4OTc0MmUtMjA1Ni00OWYyLTk0ZmUtZGE2ZWQwMDY2N2Ex
x-cache
TCP_HIT
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f1bb1b35-d01e-0052-50b7-32ca15000000
cache-control
max-age=86400
x-ms-version
2009-09-19
x-azure-ref-originshield
0dPJ5YAAAAABzgoHuPdF7T7ts5TpgJ87+TE9OMjFFREdFMTUxMAA5Mjg5NzQyZS0yMDU2LTQ5ZjItOTRmZS1kYTZlZDAwNjY3YTE=
content-length
391
RE2Vb9Z
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/
113 KB
114 KB
Image
General
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2Vb9Z?ver=c787&q=90&m=2&h=768&w=1024&b=%23FFFFFFFF&aim=true
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a8b63dbd15ac4650bb23af2dd8ac9ead497810426d4905c584ef2723fc97d294

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:57:04 GMT
x-check-cacheable
YES
x-serial
1448
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=299087
last-modified
Thu, 15 Apr 2021 14:03:15 GMT
content-length
116138
server
Akamai Image Manager
expires
Tue, 20 Apr 2021 14:01:51 GMT
apple_store_badge.png
ol.azureedge.net/eas/p2/m2/outlook-sms/localized/en-US/
9 KB
9 KB
Image
General
Full URL
https://ol.azureedge.net/eas/p2/m2/outlook-sms/localized/en-US/apple_store_badge.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC3) /
Resource Hash
6972b3d569ca50da0e0fd9ac3cd508b0fa5e1b9d3b082528de204e23a331a3fc

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Thu, 27 Jul 2017 18:08:45 GMT
server
ECAcc (frc/8FC3)
content-md5
24iPmi+/bHV084jt48ZfiQ==
age
64142
etag
0x8D4D51A85727DB4
x-cache
HIT
content-type
application/octet-stream
x-ms-request-id
25db92b5-001e-0026-09a0-322fe2000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
9192
google-play-badge.png
ol.azureedge.net/eas/p2/m2/outlook-sms/localized/en-US/
11 KB
11 KB
Image
General
Full URL
https://ol.azureedge.net/eas/p2/m2/outlook-sms/localized/en-US/google-play-badge.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8B) /
Resource Hash
7851c14bd8e8d4e5ef5dd83c57fb9bfaf405ea05bee152689a247422e56957ee

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Thu, 27 Jul 2017 18:08:45 GMT
server
ECAcc (frc/8F8B)
content-md5
GLO2bRhkKHRk21iRVFTKfg==
age
593135
etag
0x8D4D51A85B31843
x-cache
HIT
content-type
application/octet-stream
x-ms-request-id
0f88b4d7-a01e-00ce-67d0-2dd219000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
11028
ms-logo-footer.png
ol.azureedge.net/eas/p2/m2/L2-landing-page/
2 KB
2 KB
Image
General
Full URL
https://ol.azureedge.net/eas/p2/m2/L2-landing-page/ms-logo-footer.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F07) /
Resource Hash
dafede64557d45c31a863e4c59808a6c76d801138f9df34a9698b523a25a204d

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Mon, 23 Jan 2017 21:03:11 GMT
server
ECAcc (frc/8F07)
content-md5
wzzU0fJ57RdbeTJrgM+UJw==
age
524565
etag
0x8D443D33D8491D4
x-ms-meta-cbmodifiedtime
Fri, 13 Jan 2017 22:57:05 GMT
x-cache
HIT
content-type
image/png
x-ms-request-id
aab42641-e01e-00a4-236f-2e8eb2000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
1720
vendor.js
w2.outlook.com/l/assets/sms/non-localizable/js/
192 KB
62 KB
Script
General
Full URL
https://w2.outlook.com/l/assets/sms/non-localizable/js/vendor.js
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.102.191.170 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad5adf52c1d4d5822b75c895555ebb6cc38a06ee66baa32ac031d9c44bdc1db7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
w2.outlook.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Cookie
TiPMix=8.08443976942657; x-ms-routing-name=self
Connection
keep-alive
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 02:57:04 GMT
Content-Encoding
gzip
ETag
"0cc5cbcdcad71:0"
Last-Modified
Wed, 24 Feb 2021 18:42:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
63389
l2-sms-page.js
w2.outlook.com/l/assets/sms/non-localizable/js/
5 KB
2 KB
Script
General
Full URL
https://w2.outlook.com/l/assets/sms/non-localizable/js/l2-sms-page.js
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.102.191.170 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29d4710520745a3ee8c63096c784e340951e82c1ed40d1f2998e9895c685545e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
w2.outlook.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Cookie
TiPMix=8.08443976942657; x-ms-routing-name=self
Connection
keep-alive
Referer
https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 02:57:04 GMT
Content-Encoding
gzip
ETag
"0cc5cbcdcad71:0"
Last-Modified
Wed, 24 Feb 2021 18:42:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2006
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/mobile?WT.mc_id=OutlookAndroidSignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
138
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41e2f15d-e01e-0000-2135-33e875000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 17 Apr 2021 03:27:04 GMT
ic-cell-phone-32-x-32.png
ol.azureedge.net/eas/p2/m2/outlook-sms/
1 KB
1 KB
Image
General
Full URL
https://ol.azureedge.net/eas/p2/m2/outlook-sms/ic-cell-phone-32-x-32.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F56) /
Resource Hash
37eed2fdb8b71e95b582ba69f200c15ed12fa6803c7af6d80a363a8b11b35453

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
last-modified
Wed, 22 Feb 2017 00:06:41 GMT
server
ECAcc (frc/8F56)
content-md5
obGZqP7jY4RnB0ah6eotWA==
age
336370
etag
0x8D45AB6AE28832F
x-ms-meta-cbmodifiedtime
Tue, 21 Feb 2017 22:48:21 GMT
x-cache
HIT
content-type
image/png
x-ms-request-id
ba333796-701e-00aa-7c26-3062b9000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
1187
latest.woff
assets.outlook.com/fonts/Segoe-UI/West-European/Light/
33 KB
33 KB
Font
General
Full URL
https://assets.outlook.com/fonts/Segoe-UI/West-European/Light/latest.woff
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9

Request headers

Origin
https://w2.outlook.com
Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
x-azure-ref-originshield
0KCl6YAAAAACSDqpXAqhdR7a8f7Hy3g8ITE9OMjFFREdFMDIyMgA5Mjg5NzQyZS0yMDU2LTQ5ZjItOTRmZS1kYTZlZDAwNjY3YTE=
x-ms-meta-cbmodifiedtime
Mon, 25 Jun 2018 22:20:55 GMT
x-cache
TCP_HIT
content-length
33556
x-ms-lease-status
unlocked
last-modified
Mon, 25 Jun 2018 22:48:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5DAEDC5731F96
x-azure-ref
0gE56YAAAAABp7g3aX2qARbFZrvUxSguIRlJBRURHRTEwMTMAOTI4OTc0MmUtMjA1Ni00OWYyLTk0ZmUtZGE2ZWQwMDY2N2Ex
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
a629ccba-301e-0065-7dfa-3118b9000000
access-control-expose-headers
x-ms-meta-CbModifiedTime
x-ms-version
2009-09-19
latest.woff
assets.outlook.com/fonts/Segoe-UI/West-European/Normal/
40 KB
41 KB
Font
General
Full URL
https://assets.outlook.com/fonts/Segoe-UI/West-European/Normal/latest.woff
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1

Request headers

Origin
https://w2.outlook.com
Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
x-azure-ref-originshield
0hhl5YAAAAAC9mENvroloRpJa9QSuk3xzTE9OMjFFREdFMDExMAA5Mjg5NzQyZS0yMDU2LTQ5ZjItOTRmZS1kYTZlZDAwNjY3YTE=
x-ms-meta-cbmodifiedtime
Mon, 25 Jun 2018 22:29:02 GMT
x-cache
TCP_HIT
content-length
41280
x-ms-lease-status
unlocked
last-modified
Mon, 25 Jun 2018 22:50:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5DAEE12CADE9F
x-azure-ref
0gE56YAAAAAB/jVNEpZI8QK257OB6YqCgRlJBRURHRTEwMTMAOTI4OTc0MmUtMjA1Ni00OWYyLTk0ZmUtZGE2ZWQwMDY2N2Ex
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
956610fa-901e-006c-797d-315d6a000000
access-control-expose-headers
x-ms-meta-CbModifiedTime
x-ms-version
2009-09-19
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://w2.outlook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 02:57:04 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
96 B
236 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9dd2fe73416da9beab56c5029ed68be6f15cb808291ec4ace4349eb1185b4065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://w2.outlook.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
00CCABA6-E14F-40F7-B94F-926477670A94
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 02:57:05 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
utils.js
az815563.vo.msecnd.net/cle/assets/v2/non-localizable/js/
204 KB
204 KB
Script
General
Full URL
https://az815563.vo.msecnd.net/cle/assets/v2/non-localizable/js/utils.js
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/assets/sms/non-localizable/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F29) /
Resource Hash
c89de9e815bf284cb36d89ccf397dd2f332b58968d6230f60d2d23c4e81d3142

Request headers

Referer
https://w2.outlook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Apr 2021 02:57:04 GMT
content-md5
U1gC9HrkV/nJIlHRoxE7ug==
age
309807
x-ms-meta-cbmodifiedtime
Wed, 12 Jul 2017 18:59:36 GMT
x-cache
HIT
content-length
208539
x-ms-lease-status
unlocked
last-modified
Tue, 31 Oct 2017 19:48:22 GMT
server
ECAcc (frc/8F29)
etag
0x8D520985830ECD0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f3fd88d8-c01e-005e-7a64-305d1d000000
access-control-expose-headers
x-ms-meta-CbModifiedTime
x-ms-version
2009-09-19
accept-ranges
bytes
flags.png
w2.outlook.com/l/assets/sms/non-localizable/img/
68 KB
68 KB
Image
General
Full URL
https://w2.outlook.com/l/assets/sms/non-localizable/img/flags.png
Requested by
Host: w2.outlook.com
URL: https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.102.191.170 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d100f398338bd655212c0c50a9d164da6497376ac13486d66412893b2746a89

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
w2.outlook.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
Cookie
TiPMix=8.08443976942657; x-ms-routing-name=self; ai_user=KtVSZ|2021-04-17T02:57:04.572Z; ai_session=SoUA8|1618628224874.795|1618628224874.795
Connection
keep-alive
Referer
https://w2.outlook.com/l/assets/sms/non-localizable/css/l2-sms-page.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 02:57:04 GMT
Last-Modified
Wed, 24 Feb 2021 18:42:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0cc5cbcdcad71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
69169
/
pipe.skype.com/Collector/3.0/
0
397 B
XHR
General
Full URL
https://pipe.skype.com/Collector/3.0/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.157.153 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w2.outlook.com/
x-apikey
13b4590d686349a08ebe1c208adb50af-533c025c-955d-414b-9d56-9480606b5f18-7125
Client-ID
NO_AUTH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/bond-compact-binary

Response headers

Date
Sat, 17 Apr 2021 02:57:06 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
197
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
pipe.skype.com/Collector/3.0/
0
0
Preflight
General
Full URL
https://pipe.skype.com/Collector/3.0/
Protocol
HTTP/1.1
Server
51.140.157.153 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
client-id,content-type,x-apikey
Origin
https://w2.outlook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
Accept, Client-Id, Content-Type, Content-Encoding, SDK-Name, SDK-Version, x-apikey
Date
Sat, 17 Apr 2021 02:57:06 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| olcExternals object| appInsights object| AI object| Microsoft function| __extends function| _endsWith object| clienttelemetry_build object| sct object| microsoft object| AriaTracking object| html5 object| Modernizr function| $ function| jQuery object| ariatracking object| smsapiendpoint object| csrfvalidate object| intlTelInputUtils

3 Cookies

Domain/Path Name / Value
w2.outlook.com/ Name: ai_user
Value: KtVSZ|2021-04-17T02:57:04.572Z
.w2.outlook.com/ Name: x-ms-routing-name
Value: self
.w2.outlook.com/ Name: TiPMix
Value: 8.08443976942657

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.outlook.com
az416426.vo.msecnd.net
az815563.vo.msecnd.net
dc.services.visualstudio.com
img-prod-cms-rt-microsoft-com.akamaized.net
ol.azureedge.net
pipe.skype.com
w2.outlook.com
23.102.191.170
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:46::19
2a02:26f0:6c00::210:ba28
51.107.59.180
51.140.157.153
0d100f398338bd655212c0c50a9d164da6497376ac13486d66412893b2746a89
0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9
1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1
20704401b7cadde643ecad5b2a1eb66e662fa2c23a1b981a653bcc169a895bda
29d4710520745a3ee8c63096c784e340951e82c1ed40d1f2998e9895c685545e
2f0ecc0a814cb89be1dabad4e5533d16730e5c0b2ea342d4fbb5d234bf631c72
37eed2fdb8b71e95b582ba69f200c15ed12fa6803c7af6d80a363a8b11b35453
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
6972b3d569ca50da0e0fd9ac3cd508b0fa5e1b9d3b082528de204e23a331a3fc
7851c14bd8e8d4e5ef5dd83c57fb9bfaf405ea05bee152689a247422e56957ee
9dd2fe73416da9beab56c5029ed68be6f15cb808291ec4ace4349eb1185b4065
a8b63dbd15ac4650bb23af2dd8ac9ead497810426d4905c584ef2723fc97d294
ad5adf52c1d4d5822b75c895555ebb6cc38a06ee66baa32ac031d9c44bdc1db7
b621c9420c557c3c362b58df146af5dd0e3fc8294adf882e20331e9418f7e482
b8e37157a337c4b0a891b2aa58910965fd29b171b49373de1a548a6ca9f0dc02
c89de9e815bf284cb36d89ccf397dd2f332b58968d6230f60d2d23c4e81d3142
dafede64557d45c31a863e4c59808a6c76d801138f9df34a9698b523a25a204d
dd44aede69858fa1dd7e8a533cef20a5808c8d973b09d1b1b06ae8af453bb284
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855