login.microsoftonline.com Open in urlscan Pro
20.190.144.160  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://engage.cloud.microsoft/main/nanfung.com?allow_app_redirect=1&trk_event=de_cta_click&trk_network=6769592&trk_notif_id=ab7da527e274179aac942e2989ff2499501f0b7a41bc8fddace133675a0e37bb&trk_outlook_origin=glam_static&trk_scenario_type=de&trk_user=3124293713920 Page URL
2. https://login.microsoftonline.com/nanfung.com/oauth2/v2.0/authorize?client_id=c1c74fed-04c9-4704-80dc-9f79a2e515cb&scope=https%3A%2F%2Fwww.yammer.com%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fengage.cloud.microsoft%2Fmain%2Fauthredirect&client-request-id=f1d27464-a865-4b49-be45-97e70db75905&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.7.0&client_info=1&code_challenge=sYvFDNenTWzc9IKBHMLCPrD8FyWeDV-3six8bll1fUc&code_challenge_method=S256&nonce=b44e67f8-96ab-4cd2-a9ce-ce33bc3cca55&state=eyJpZCI6Ijg2YWU3MTRmLTAxYmMtNGVmMy04OWY0LWViNDQ5MDBlN2E5OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	nanfung.com Show response engage.cloud.microsoft/main/	1 KB 4 KB	1332ms 751ms	Document text/html	13.107.6.159 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://engage.cloud.microsoft/main/nanfung.com?allow_app_redirect=1&trk_event=de_cta_click&trk_network=6769592&trk_notif_id=ab7da527e274179aac942e2989ff2499501f0b7a41bc8fddace133675a0e37bb&trk_outlook_origin=glam_static&trk_scenario_type=de&trk_user=3124293713920 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.6.159 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4eb48351b5ce84c848129253c09eb709ea4589dcddc4d2f7532e56b5fc403305 Security Headers Name Value Strict-Transport-Security max-age=1234513412313; includeSubDomain X-Frame-Options sameorigin Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache content-encoding gzip content-length 587 content-security-policy-report-only base-uri 'self'; child-src 'self'; connect-src https://*.assets-yammer.com/ https://*.cdn.office.net/ https://*.delve.office.com/ https://*.engage.cloud.microsoft/ https://*.events.data.microsoft.com/ https://*.fp.measure.office.com https://*.office.com https://*.res.office365.com/ https://*.sharepoint-df.com https://*.sharepoint.com https://*.svc.ms/ https://*.yammer.com/ https://a-ring.msedge.net https://admin.microsoft.com https://aesir.office.com https://api.tenor.com/ https://atm-fp-direct.office.com https://b-ring.msedge.net https://browser.pipe.aria.microsoft.com/ https://clients.config.office.net/ https://config.edge.skype.com/ https://ecs.office.com/ https://engage.cloud.microsoft/ https://files.yammerusercontent.com/ https://gtm-dyn-direct.office365.com https://k-ring.msedge.net https://login.microsoftonline.com https://m365.cloud.microsoft/ https://oness.microsoft.com/ https://outlook.cloud.microsoft/ https://outlook.live.com https://outlook.office365.com https://petrol-int.office.microsoft.com/ https://petrol.office.microsoft.com https://s-ring.msedge.net https://shell.azurefd.eaglex.ic.gov https://shell.azurefd.microsoft.scloud https://shellprod.msocdn.com https://spoprod-a.akamaihd.net/ https://teams.cloud.microsoft/ https://web.vortex.data.microsoft.com wss://*.delve.office.com/ wss://*.rt.yammer.com/cometd/ 'self'; default-src https://*.cdn.office.net/ https://*.res.office365.com/ 'self'; font-src https://*.cdn.office.net/ https://*.delve.office.com/ https://*.engage.cloud.microsoft/ https://*.res.office365.com/ https://*.yammer.com/ https://aesir.office.com https://c.s-microsoft.com https://maxcdn.bootstrapcdn.com/bootstrap/ https://res-1.cdn.office.net https://spoppe-b.azureedge.net https://spoprod-a.akamaihd.net/ https://static2.sharepointonline.com https://thumbnails.yammer.com/ https://www.microsoft.com data: 'self'; form-action https://*.sharepoint.com https://*.sharepoint-df.com; frame-ancestors https://*.engage.cloud.microsoft/ https://*.microsoft365.com/ https://*.office.com/ https://*.skype.com/ https://*.teams.microsoft.com/ https://*.yammer.com/ https://engage.cloud.microsoft/ https://m365.cloud.microsoft/ https://outlook-sdf.office.com/ https://outlook-sdf.office365.com/ https://outlook.cloud.microsoft/ https://outlook.live.com/ https://outlook.office.com/ https://outlook.office365.com/ https://teams.cloud.microsoft.com.rproxy.goskope.com/ https://teams.cloud.microsoft.mcas.ms/ https://teams.cloud.microsoft/ https://teams.microsoft.com.mcas.ms/ https://teams.microsoft.com.rproxy.goskope.com/ https://teams.microsoft.com/ 'self'; frame-src https: blob: 'self'; img-src blob: data: https: 'self'; manifest-src https://*.cdn.office.net/ https://*.res.office365.com/ 'self'; media-src https://*.cdn.office.net/yammer-teams-app/ https://*.engage.cloud.microsoft/ https://*.sharepoint.com https://*.yammer.com/ https://engage.cloud.microsoft/ blob: 'self'; object-src 'self'; prefetch-src https://*.cdn.office.net/ https://*.res.office365.com/ 'self'; script-src 'nonce-L5JQp/IiDMb34iySD/98puo6s/jWmqf4Mkf1Ee5RleU=' https://*.cdn.office.net/ https://*.delve.office.com/ https://*.engage.cloud.microsoft/ https://*.microsoft.com https://*.res.office365.com/ https://*.yammer.com/ https://admin.microsoft.com https://aesir.office.com https://amcdn.msauth.net/ https://amcdn.msftauth.net/ https://engage.cloud.microsoft/ https://js.monitor.azure.com/ https://shell.azurefd.eaglex.ic.gov https://shell.azurefd.microsoft.scloud https://shellprod.msocdn.com https://statics.teams.cloud.microsoft https://statics.teams.microsoft.com wss://*.delve.office.com 'strict-dynamic' 'self'; script-src-elem https://*.cdn.office.net.rproxy.goskope.com/ https://*.cdn.office.net/ https://*.engage.cloud.microsoft/ https://*.res.office365.com/ https://*.yammer.com/ https://amcdn.msauth.net/ https://amcdn.msftauth.net/ https://engage.cloud.microsoft/ https://js.monitor.azure.com/ blob: 'self'; style-src https://*.cdn.office.net/ https://*.engage.cloud.microsoft/ https://*.res.office365.com/ https://*.yammer.com/ https://engage.cloud.microsoft/ https://shell.azurefd.eaglex.ic.gov https://shell.azurefd.microsoft.scloud https://shellprod.msocdn.com https://www.microsoft.com 'unsafe-inline' 'self'; style-src-attr https://*.cdn.office.net/ https://*.engage.cloud.microsoft/ https://*.res.office365.com/ https://*.yammer.com/ https://engage.cloud.microsoft/ 'unsafe-inline' 'self'; style-src-elem https://*.cdn.office.net/ https://*.engage.cloud.microsoft/ https://*.res.office365.com/ https://*.yammer.com/ https://engage.cloud.microsoft/ https://visualsponline.azurewebsites.net/app/js/ 'unsafe-inline' 'self'; worker-src https://*.cdn.office.net/ https://web.yammer.com/ blob: 'self'; report-uri https://csp.microsoft.com/report/Yammer-ModernClients-PROD; report-to https://csp.microsoft.com/report/Yammer-ModernClients-PROD content-type text/html date Thu, 20 Jun 2024 09:31:39 GMT expires -1 nel {"report_to":"default","max_age":3600,"success_fraction": 0.001} pragma no-cache report-to {"max_age":3600,"endpoints":[{"url":"https://mmay.nelreports.net/api/report?cat=yammer-prod_east_1"}]} strict-transport-security max-age=1234513412313; includeSubDomain vary Accept-Encoding x-cache CONFIG_NOCACHE x-frame-options sameorigin x-lodbrok-cell prod_east_1-c1 x-msedge-ref Ref A: 8D435A12C75A403191DA2CFB1C2908A4 Ref B: SG2EDGE2522 Ref C: 2024-06-20T09:31:39Z x-robots-tag none
GET H2	200	3-render-renderer.js Show response outlook-1.cdn.office.net/yammer/20240611001.6292679/	776 KB 240 KB	466ms 34ms	Script application/javascript	23.52.40.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://outlook-1.cdn.office.net/yammer/20240611001.6292679/3-render-renderer.js Requested by Host: engage.cloud.microsoft URL: https://engage.cloud.microsoft/main/nanfung.com?allow_app_redirect=1&trk_event=de_cta_click&trk_network=6769592&trk_notif_id=ab7da527e274179aac942e2989ff2499501f0b7a41bc8fddace133675a0e37bb&trk_outlook_origin=glam_static&trk_scenario_type=de&trk_user=3124293713920 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.40.168 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-168.deploy.static.akamaitechnologies.com Software / Resource Hash d111a37e770dea09e4c53a687cb6d7b5767162761805d95da56887ee4298bb05 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://engage.cloud.microsoft/ Origin https://engage.cloud.microsoft Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 09:31:40 GMT content-encoding gzip x-content-type-options nosniff akamai-cache-status Hit from child nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} strict-transport-security max-age=31536000; includeSubDomains server-timing clientrtt; dur=9, clienttt; dur=, origin; dur=0 , cdntime; dur=0 alt-svc h3=":443"; ma=93600 content-length 245237 last-modified Tue, 11 Jun 2024 21:29:38 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SINGAPORE&ASN=20940&Country=SG&Region=&RequestIdentifier=0.9c283417.1718875900.e101ab8&TotalRTCDNTime=9&CompressionType=gzip&FileSize=245237"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id d23aa97c-d01e-0073-524b-bcd888000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 akamai-request-bc [a=23.52.40.156,b=235936440,c=g,n=SG__SINGAPORE,o=20940] timing-allow-origin *
GET H2	200	0-config.js Show response outlook-1.cdn.office.net/yammer/20240611001.6292679/	13 KB 6 KB	464ms 39ms	Script application/javascript	23.52.40.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://outlook-1.cdn.office.net/yammer/20240611001.6292679/0-config.js Requested by Host: engage.cloud.microsoft URL: https://engage.cloud.microsoft/main/nanfung.com?allow_app_redirect=1&trk_event=de_cta_click&trk_network=6769592&trk_notif_id=ab7da527e274179aac942e2989ff2499501f0b7a41bc8fddace133675a0e37bb&trk_outlook_origin=glam_static&trk_scenario_type=de&trk_user=3124293713920 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.40.168 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-168.deploy.static.akamaitechnologies.com Software / Resource Hash 2e604726636fb9ded17c59c181d35f27602081588c53637207d52e8b1bd293d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://engage.cloud.microsoft/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 09:31:40 GMT content-encoding gzip x-content-type-options nosniff akamai-cache-status Hit from child nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} strict-transport-security max-age=31536000; includeSubDomains server-timing clientrtt; dur=9, clienttt; dur=, origin; dur=0 , cdntime; dur=0 content-length 5637 last-modified Tue, 11 Jun 2024 21:29:44 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SINGAPORE&ASN=20940&Country=SG&Region=&RequestIdentifier=0.9e283417.1718875900.1f9605c1&TotalRTCDNTime=9&CompressionType=gzip&FileSize=5637"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id d9688ea7-c01e-0032-654b-bc806c000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 akamai-request-bc [a=23.52.40.158,b=529925569,c=g,n=SG__SINGAPORE,o=20940] timing-allow-origin *
GET H2	200	1-auth.js Show response outlook-1.cdn.office.net/yammer/20240611001.6292679/	122 KB 41 KB	467ms 42ms	Script application/javascript	23.52.40.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://outlook-1.cdn.office.net/yammer/20240611001.6292679/1-auth.js Requested by Host: engage.cloud.microsoft URL: https://engage.cloud.microsoft/main/nanfung.com?allow_app_redirect=1&trk_event=de_cta_click&trk_network=6769592&trk_notif_id=ab7da527e274179aac942e2989ff2499501f0b7a41bc8fddace133675a0e37bb&trk_outlook_origin=glam_static&trk_scenario_type=de&trk_user=3124293713920 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.40.168 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-168.deploy.static.akamaitechnologies.com Software / Resource Hash beb5757ceb5bc071769513bb0186ce9f427bf18ebd35e3b68f8be9ec7d6985ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://engage.cloud.microsoft/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 09:31:40 GMT content-encoding gzip x-content-type-options nosniff akamai-cache-status Hit from child nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} strict-transport-security max-age=31536000; includeSubDomains server-timing clientrtt; dur=9, clienttt; dur=, origin; dur=0 , cdntime; dur=0 alt-svc h3=":443"; ma=93600 content-length 41226 last-modified Tue, 11 Jun 2024 21:29:34 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SINGAPORE&ASN=20940&Country=SG&Region=&RequestIdentifier=0.9e283417.1718875900.1f9605c0&TotalRTCDNTime=9&CompressionType=gzip&FileSize=41226"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id d137e233-a01e-008d-6970-bfb7c9000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 akamai-request-bc [a=23.52.40.158,b=529925568,c=g,n=SG__SINGAPORE,o=20940] timing-allow-origin *
GET H2	200	4-auth-msal.js Show response outlook-1.cdn.office.net/yammer/20240611001.6292679/	267 KB 65 KB	26ms 24ms	Script application/javascript	23.52.40.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://outlook-1.cdn.office.net/yammer/20240611001.6292679/4-auth-msal.js Requested by Host: outlook-1.cdn.office.net URL: https://outlook-1.cdn.office.net/yammer/20240611001.6292679/1-auth.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.40.168 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-168.deploy.static.akamaitechnologies.com Software / Resource Hash ecd9ddb975467ff36ed182a92908323fcfc8b00738dbb43fd9ebd7edb707f5cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://engage.cloud.microsoft/ Origin https://engage.cloud.microsoft Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 09:31:41 GMT content-encoding gzip x-content-type-options nosniff akamai-cache-status Hit from child nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} strict-transport-security max-age=31536000; includeSubDomains server-timing clientrtt; dur=19, clienttt; dur=, origin; dur=0 , cdntime; dur=0 content-length 65788 last-modified Tue, 11 Jun 2024 21:29:42 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SINGAPORE&ASN=20940&Country=SG&Region=&RequestIdentifier=0.9c283417.1718875901.e101d0f&TotalRTCDNTime=19&CompressionType=gzip&FileSize=65788"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id d2012a29-101e-001e-1f4b-bc6cc3000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 akamai-request-bc [a=23.52.40.156,b=235937039,c=g,n=SG__SINGAPORE,o=20940] timing-allow-origin *
GET H2	200	openid-configuration Show response login.microsoftonline.com/nanfung.com/v2.0/.well-known/	2 KB 3 KB	903ms 113ms	Fetch application/json	40.126.16.165 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/nanfung.com/v2.0/.well-known/openid-configuration Requested by Host: outlook-1.cdn.office.net URL: https://outlook-1.cdn.office.net/yammer/20240611001.6292679/4-auth-msal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 40.126.16.165 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ded18cfc259051338977336d270f504086a8d950d75b68df4ad1488eea89edcc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://engage.cloud.microsoft/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 20 Jun 2024 09:31:41 GMT x-content-type-options nosniff nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" content-length 1753 x-xss-protection 0 x-ms-srs 1.P referrer-policy strict-origin-when-cross-origin access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-ms-request-id 4567b271-e940-4355-8920-d58c3d3d4000 access-control-expose-headers x-ms-srs cache-control max-age=86400, private report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]} x-ms-ests-server 2.1.18298.5 - KRC ProdSlices
GET H2	200	favicon.ico outlook-1.cdn.office.net/yammer/20240611001.6292679/	30 KB 31 KB	42ms 41ms	Other image/vnd.microsoft.icon	23.52.40.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://outlook-1.cdn.office.net/yammer/20240611001.6292679/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.40.168 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-168.deploy.static.akamaitechnologies.com Software / Resource Hash 677d05073ebabe6869f4c92463b40d9e459544b4c6ed568e34d59c0b51b2365f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://engage.cloud.microsoft/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 09:31:41 GMT akamai-cache-status Hit from child strict-transport-security max-age=31536000; includeSubDomains nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} server-timing clientrtt; dur=21, clienttt; dur=, origin; dur=0 , cdntime; dur=0 content-length 30415 last-modified Tue, 11 Jun 2024 21:29:45 GMT x-cdn-provider Akamai report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SINGAPORE&ASN=20940&Country=SG&Region=&RequestIdentifier=0.9e283417.1718875901.1f960aaa&TotalRTCDNTime=21&CompressionType=&FileSize=30415"}],"include_subdomains ":true} content-type image/vnd.microsoft.icon access-control-allow-origin * x-ms-request-id d23aaa51-d01e-0073-224b-bcd888000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 akamai-request-bc [a=23.52.40.158,b=529926826,c=g,n=SG__SINGAPORE,o=20940] timing-allow-origin *
GET H2	200	Primary Request authorize Show response login.microsoftonline.com/nanfung.com/oauth2/v2.0/	20 KB 9 KB	994ms 241ms	Document text/html	20.190.144.160 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/nanfung.com/oauth2/v2.0/authorize?client_id=c1c74fed-04c9-4704-80dc-9f79a2e515cb&scope=https%3A%2F%2Fwww.yammer.com%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fengage.cloud.microsoft%2Fmain%2Fauthredirect&client-request-id=f1d27464-a865-4b49-be45-97e70db75905&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.7.0&client_info=1&code_challenge=sYvFDNenTWzc9IKBHMLCPrD8FyWeDV-3six8bll1fUc&code_challenge_method=S256&nonce=b44e67f8-96ab-4cd2-a9ce-ce33bc3cca55&state=eyJpZCI6Ijg2YWU3MTRmLTAxYmMtNGVmMy04OWY0LWViNDQ5MDBlN2E5OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D Requested by Host: outlook-1.cdn.office.net URL: https://outlook-1.cdn.office.net/yammer/20240611001.6292679/4-auth-msal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.190.144.160 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 62449d24e68bbdcb00d6538dc20126a229cae37fbff479d1a12e0fd9505b3db8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Referer https://engage.cloud.microsoft/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache content-encoding gzip content-length 8484 content-type text/html; charset=utf-8 date Thu, 20 Jun 2024 09:31:42 GMT expires -1 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]} strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-ms-clitelem 1,50168,0,, x-ms-ests-server 2.1.18298.5 - SEASLR1 ProdSlices x-ms-request-id 9f637eea-1508-4a2f-b511-f2b250b34200 x-ms-srs 1.P x-xss-protection 0
GET		BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js aadcdn.msftauth.net/shared/1.0/content/js/	0 0
GET		BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js aadcdn.msauth.net/shared/1.0/content/js/	0 0
GET		watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 0
GET		BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js aadcdn.msftauth.net/shared/1.0/content/js/	0 0
GET H2	200	watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Show response aadcdn.msauth.net/ests/2.1/content/cdnbundles/	117 KB 40 KB	373ms 38ms	Script application/x-javascript	13.107.246.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/nanfung.com/oauth2/v2.0/authorize?client_id=c1c74fed-04c9-4704-80dc-9f79a2e515cb&scope=https%3A%2F%2Fwww.yammer.com%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fengage.cloud.microsoft%2Fmain%2Fauthredirect&client-request-id=f1d27464-a865-4b49-be45-97e70db75905&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.7.0&client_info=1&code_challenge=sYvFDNenTWzc9IKBHMLCPrD8FyWeDV-3six8bll1fUc&code_challenge_method=S256&nonce=b44e67f8-96ab-4cd2-a9ce-ce33bc3cca55&state=eyJpZCI6Ijg2YWU3MTRmLTAxYmMtNGVmMy04OWY0LWViNDQ5MDBlN2E5OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.246.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 09:31:44 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 40454 x-ms-lease-status unlocked last-modified Fri, 26 Feb 2021 06:13:13 GMT etag 0x8D8DA1D997CA245 x-azure-ref 20240620T093144Z-r15dffc5bd6cbhz43c5uhsk96000000003u00000000004t0 content-type application/x-javascript access-control-allow-origin * x-ms-request-id 2f12907d-401e-005e-4fe2-c024b0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET		frameworksupport.min_oadrnc13magb009k4d20lg2.js aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aadcdn.msftauth.net

URL

https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js

Domain

aadcdn.msauth.net

URL

https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js

Domain

aadcdn.msftauth.net

URL

https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

Domain

aadcdn.msftauth.net

URL

https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js

Domain

aadcdn.msftauth.net

URL

https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-sOKH9mr4Eqw Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYrh0IpsPG6jx2sMeJg8zUOHm46DhRwdm4Z-AeZ73mQPIAupKKC8iKG7xj9C5q55cfb1Qi4bhBJfhdYWzwkDdmMQHxg5lElVbJVyPXs2MZF2uyVmTbtg-XTSQ65X7XYyS1FdaH8LYrpOnexeNKlWCAaSAA
			login.microsoftonline.com/	1970-01-20 22:11:07	Name: fpc Value: Al3toF1YaQdPjTHbHbVJ9V4
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYkdO1E1-DQCSAH7zp0n3denQ26pOGjEultfiAl2Wdhs0iLQlQVrTNmNcEXBp1xzJyTdvhluuMF9vPxk22TfbjUJ7dN7G98xpjMlZg8M90flSX5CNtjP72ik7eYGd07Fhqf6RS7ZvtqiVXdSkYkLaVPZirZ2o8wkiJgUuRrWlggCkgAA
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://engage.cloud.microsoft/main/nanfung.com?allow_app_redirect=1&trk_event=de_cta_click&trk_network=6769592&trk_notif_id=ab7da527e274179aac942e2989ff2499501f0b7a41bc8fddace133675a0e37bb&trk_outlook_origin=glam_static&trk_scenario_type=de&trk_user=3124293713920 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1234513412313; includeSubDomain
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
engage.cloud.microsoft
login.microsoftonline.com
outlook-1.cdn.office.net
aadcdn.msauth.net
aadcdn.msftauth.net
13.107.246.59
13.107.6.159
20.190.144.160
23.52.40.168
40.126.16.165
2e604726636fb9ded17c59c181d35f27602081588c53637207d52e8b1bd293d0
4eb48351b5ce84c848129253c09eb709ea4589dcddc4d2f7532e56b5fc403305
62449d24e68bbdcb00d6538dc20126a229cae37fbff479d1a12e0fd9505b3db8
677d05073ebabe6869f4c92463b40d9e459544b4c6ed568e34d59c0b51b2365f
beb5757ceb5bc071769513bb0186ce9f427bf18ebd35e3b68f8be9ec7d6985ec
d111a37e770dea09e4c53a687cb6d7b5767162761805d95da56887ee4298bb05
ded18cfc259051338977336d270f504086a8d950d75b68df4ad1488eea89edcc
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
ecd9ddb975467ff36ed182a92908323fcfc8b00738dbb43fd9ebd7edb707f5cb