login.microsoftonline.us Open in urlscan Pro
20.140.232.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/
Effective URL:
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On January 05 via automatic, source openphish (January 5th 2022, 1:11:23 pm UTC) — Scanned from US

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 10 domains to perform 44 HTTP transactions. The main IP is 20.140.232.135, located in and belongs to . The main domain is login.microsoftonline.us.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 12th 2021. Valid for: a year.

This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.72.27.219 13.72.27.219	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:8229	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2001:489a:220... 2001:489a:2200:5b4::2	8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	52.244.33.223 52.244.33.223	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.245.136.46 52.245.136.46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.140.232.135 20.140.232.135	() ()
1	23.217.44.136 23.217.44.136	16625 (AKAMAI-AS) (AKAMAI-AS)
1	40.126.24.81 40.126.24.81	() ()
9	152.199.4.44 152.199.4.44	() ()
1	2603:1036:302... 2603:1036:302:4831::2	() ()
44	11

1 13.72.27.219 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

outlook-dod.office365.us.mcas-gov.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:8229 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:489a:2200:5b4::2 (Cheyenne, United States) 2 redirects

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

outlook-dod.office365.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 52.244.33.223 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

res-dod.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.245.136.46 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pf.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.140.232.135 (None, )

ASN- ()

login.microsoftonline.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.217.44.136 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-44-136.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.24.81 (None, )

ASN- ()

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 152.199.4.44 (None, )

ASN- ()

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1036:302:4831::2 (None, )

ASN- ()

outlook.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	office.net res-dod.cdn.office.net	2 MB
9	msftauth.net aadcdn.msftauth.net	210 KB
4	office365.us 2 redirects outlook-dod.office365.us	258 KB
3	microsoftonline.us login.microsoftonline.us	102 KB
3	azureedge.net mcasproxy.azureedge.net	44 KB
1	office365.com outlook.office365.com r4.res.office365.com Failed	3 KB
1	live.com login.live.com
1	sharepointonline.com static2.sharepointonline.com	36 KB
1	microsoft.com pf.pipe.aria.microsoft.com	406 B
1	mcas-gov.us outlook-dod.office365.us.mcas-gov.us	1 KB
44	10

	Domain	Requested by
21	res-dod.cdn.office.net	outlook-dod.office365.us
9	aadcdn.msftauth.net	login.microsoftonline.us aadcdn.msftauth.net
4	outlook-dod.office365.us	2 redirects outlook-dod.office365.us
3	login.microsoftonline.us	outlook-dod.office365.us login.microsoftonline.us aadcdn.msftauth.net
3	mcasproxy.azureedge.net	outlook-dod.office365.us.mcas-gov.us mcasproxy.azureedge.net
1	outlook.office365.com	aadcdn.msftauth.net
1	login.live.com	login.microsoftonline.us
1	static2.sharepointonline.com
1	pf.pipe.aria.microsoft.com	outlook-dod.office365.us
1	outlook-dod.office365.us.mcas-gov.us
0	r4.res.office365.com Failed	outlook.office365.com
44	11

This site contains no links.

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft RSA TLS CA 01	`2021-10-28` - `2022-10-28`	a year	crt.sh
webmail.apps.mil Entrust Certification Authority - L1K	`2020-06-11` - `2022-06-11`	2 years	crt.sh
res-dod.cdn.office.net DigiCert SHA2 Secure Server CA	`2021-10-25` - `2022-10-25`	a year	crt.sh
*.pipe.aria.microsoft.com Microsoft Azure TLS Issuing CA 05	`2021-09-24` - `2022-09-19`	a year	crt.sh
login.microsoftonline.us DigiCert SHA2 Secure Server CA	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-11-20` - `2022-11-20`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2021-05-13` - `2022-05-13`	a year	crt.sh
outlook.com DigiCert Cloud Services CA-1	`2021-12-12` - `2022-12-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
Frame ID: 74E563EB5C1C557F6B0A4C61ACC290CA
Requests: 40 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.8.15/html/session-context-restore.html?action=store&contextData=http%3A%2F%2Foutlook-dod.office365.us%2Fmail%2F%3A7318%3A12%2F
Frame ID: BA2CB9F03BFC8C0DB021233F5FF329B8
Requests: 2 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: EFD883BA444D68F079E4EE9607AC0FC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/ Page URL
http://outlook-dod.office365.us/mail/:7318:12/ HTTP 307
https://outlook-dod.office365.us/mail/:7318:12/ Page URL
https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0 HTTP 302
https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86... HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

44
Requests

95 %
HTTPS

30 %
IPv6

10
Domains

11
Subdomains

11
IPs

1
Countries

2274 kB
Transfer

7662 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/ Page URL
http://outlook-dod.office365.us/mail/:7318:12/ HTTP 307
https://outlook-dod.office365.us/mail/:7318:12/ Page URL
https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0 HTTP 302
https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86NzMxODoxMi8 HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_ Page URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://outlook-dod.office365.us/mail/:7318:12/ HTTP 307
https://outlook-dod.office365.us/mail/:7318:12/

Request Chain 23

https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0 HTTP 302
https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86NzMxODoxMi8 HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/ 1 KB
1 KB 422ms
57ms Document
text/html 13.72.27.219
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/

Protocol

HTTP/1.1

Server

13.72.27.219 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Date: Wed, 05 Jan 2022 13:11:16 GMT
X-MCAS-Request-Id: 479bcbb90fafe9161189477d09c6191c
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=31536000
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
X-MCAS-Upstream-Time: n/a
X-MCAS-Processing-Time: 3
Content-Encoding: gzip
X-MCAS-Cache-Status: MISS

GET
H2 200 session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.8.15/js/ 5 KB
5 KB 198ms
47ms Script
application/javascript 2600:141b:13::17d7:8229
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.8.15/js/session-context-store-helper.min.js
Requested by: Host: outlook-dod.office365.us.mcas-gov.us
URL: http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8229 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://outlook-dod.office365.us.mcas-gov.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:16 GMT
last-modified: Fri, 29 Oct 2021 23:51:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PLOXavfa2pddds7xHBr81w==
etag: 0x8D99B370BD00432
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b939d4d5-c01e-0107-06e4-d0e404000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26113346
x-ms-version: 2009-09-19
content-length: 5084

GET
H2 200 session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.8.15/html/ Frame BA2C 281 B
729 B 44ms
44ms Document
text/html 2600:141b:13::17d7:8229
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.8.15/html/session-context-restore.html?action=store&contextData=http%3A%2F%2Foutlook-dod.office365.us%2Fmail%2F%3A7318%3A12%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.8.15/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8229 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://outlook-dod.office365.us.mcas-gov.us/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Fri, 29 Oct 2021 23:51:33 GMT
etag: 0x8D99B37094DFA20
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b939d565-c01e-0107-0ae4-d0e404000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=26113229
date: Wed, 05 Jan 2022 13:11:16 GMT

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.8.15/js/ Frame BA2C 37 KB
38 KB 49ms
48ms Script
application/javascript 2600:141b:13::17d7:8229
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.8.15/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.8.15/html/session-context-restore.html?action=store&contextData=http%3A%2F%2Foutlook-dod.office365.us%2Fmail%2F%3A7318%3A12%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8229 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.8.15/html/session-context-restore.html?action=store&contextData=http%3A%2F%2Foutlook-dod.office365.us%2Fmail%2F%3A7318%3A12%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:17 GMT
last-modified: Fri, 29 Oct 2021 23:51:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: tq/ygwKPKTrL5Z5G4qeCKQ==
etag: 0x8D99B370B737263
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 66f41896-a01e-007e-5047-d0cb1b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26046232
x-ms-version: 2009-09-19
content-length: 38109

GET
H/1.1

200
OK

/ Show response
outlook-dod.office365.us/mail/:7318:12/
Redirect Chain

http://outlook-dod.office365.us/mail/:7318:12/?
https://outlook-dod.office365.us/mail/:7318:12/?

247 KB
252 KB

537ms
133ms

Document
text/html

2001:489a:2200:5b4::2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:489a:2200:5b4::2 Cheyenne, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a48a4ac02ea742f3e5a7e801d8fe789cda74ed3e31cc13038c0b9df6f2d2e35f

Security Headers

Name

Value

Content-Security-Policy

default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-l5BNxfLkszDQX2cTg65dZw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com fabriciss.azureedge.net *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'unsafe-inline' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com fonts.googleapis.com acthemeconfigs.blob.core.windows.net *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office.com *.res.office365.com *.cdn.office.net *.services.web.outlook.com *.res.outlook.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.dod.online.office365.us *.outlook.live.net *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com substrate.office.us *.office365.us pf.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com client.arkoselabs.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.dod.online.office365.us wss://*.augloop.dod.online.office365.us graph.microsoft.com *.graph.microsoft.com graph.microsoft.us *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com www.onenote.com *.storage.msn.com asgsmsproxyapi.azurewebsites.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint.com wss://dod.loki.office365.us:443 dod.loki.office365.us web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com *.oscs.protection.office365.us *.safelinks.protection.office365.us od.apps.mil attachments-dod.office365-net.us 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com; base-uri pf.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de *.odwebp.svc.ms od.apps.mil *.dod.online.office365.us; object-src *.office.net 'self' attachments-dod.office365-net.us; frame-ancestors 'self'; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.de *.office365-net.us *.office.com ssl.gstatic.com 'self' *.yammer.com attachments-dod.office365-net.us; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri ; upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://outlook-dod.office365.us.mcas-gov.us/

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Length: 253226
Content-Type: text/html
Expires: -1
Server: Microsoft-IIS/10.0
request-id: 586bcab6-8f31-a0d6-fab8-769e54fb5c37
X-CalculatedBETarget: SN5P111MB0829.NAMP111.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 200
x-web-server-version: 21.12.22.1
RUNTIME_MODEL: B2
X-BEServer: SN5P111MB0829
X-Clique: CLNAMP111SAT01
Content-Security-Policy: default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-l5BNxfLkszDQX2cTg65dZw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com fabriciss.azureedge.net *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'unsafe-inline' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com fonts.googleapis.com acthemeconfigs.blob.core.windows.net *.googleapis.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office.com *.res.office365.com *.cdn.office.net *.services.web.outlook.com *.res.outlook.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.dod.online.office365.us *.outlook.live.net *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com substrate.office.us *.office365.us pf.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com client.arkoselabs.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.dod.online.office365.us wss://*.augloop.dod.online.office365.us graph.microsoft.com *.graph.microsoft.com graph.microsoft.us *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com www.onenote.com *.storage.msn.com asgsmsproxyapi.azurewebsites.net wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint.com wss://dod.loki.office365.us:443 dod.loki.office365.us web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com *.oscs.protection.office365.us *.safelinks.protection.office365.us od.apps.mil attachments-dod.office365-net.us 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com; base-uri pf.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.sharepoint.de *.odwebp.svc.ms od.apps.mil *.dod.online.office365.us; object-src *.office.net 'self' attachments-dod.office365-net.us; frame-ancestors 'self'; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com fonts.gstatic.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.de *.office365-net.us *.office.com ssl.gstatic.com 'self' *.yammer.com attachments-dod.office365-net.us; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri ; upgrade-insecure-requests;
x-app-name: Mail
Referrer-Policy: no-referrer
X-Client-Version: 20211129004.15
x-besku: UNKNOWN
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 200
X-FirstHopCafeEFZ: CYS
X-BEPartition: CLNAMP111SAT01
MS-CV: tsprWDGP1qD6uHaeVPtcNw.1
X-Powered-By: ASP.NET
X-FEServer: CY1P111CA0088
Date: Wed, 05 Jan 2022 13:11:16 GMT

Redirect headers

Location: https://outlook-dod.office365.us/mail/:7318:12/?
Non-Authoritative-Reason: HSTS

GET
H2 200 owa.5.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 57 KB
16 KB 1554ms
251ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.5.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d512d8db7a64059a53de9e32f5a389e345842b2cfcff56cd5a93cf0e09ec180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:14 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAACbp223LXJ4SrBtoqCPlQkQcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 31d39e36-701e-0006-71b8-f86a95000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.7.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 39 KB
9 KB 1377ms
81ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.7.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bdb3b5a6f823f9fc626a3c3040ecc74731c183fdd843707f6f7dad7941efad1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:13 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAADEpCNt+IdNR62u4MQGkdOOcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 59bd0a87-f01e-001c-19b8-f845fa000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.9.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 125 KB
32 KB 1424ms
131ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.9.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b85f990ab6ffa38a2ef0d6eb6406dba56edbae8de65aefab6bceed44fbe9401f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:21 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAAd7dPP75dORo+kLsKTNjzjcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 391a0590-701e-000d-24b8-f872e1000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.11.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 8 KB
3 KB 1380ms
90ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.11.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d27265ff19b922292793d809aea7e415ba0cd7fb8d34eb654aa68f0c26f0d157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:20:27 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAArppvNKHnTTatox8TO5nPscGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75089eea-201e-0015-6ab8-f85f74000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.SharedBoot.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 749 KB
200 KB 1475ms
184ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.SharedBoot.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7e4d5443d2c18901a532a38ae41cfbcfc45eed0caaa0bf253a9afd0bc0c17da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:24 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAAeR4qL26oHTpmxMG+Q+SuXcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a187b21d-a01e-0026-4a3e-010659000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.1.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 74 KB
19 KB 1468ms
178ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.1.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad6380161cd39b976ab27949c0dce7e1328dc626f5a43d7994956317b3e79868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:20:32 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAABIf8kOqM9xQIkBBCRHk4vecGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 450c4d58-101e-001d-04b8-f84407000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.2.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 18 KB
5 KB 222ms
220ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.2.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

206897bade530830fc516b4509157f004376ce0ddb201fd0c62754d13f3b3ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:21:55 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAADAE8yX/0uQT4vOA5TiC1NkcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f0a74dfa-d01e-0029-70b8-f8ebaf000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.3.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 25 KB
9 KB 224ms
223ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.3.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf03042188af409d96ba7c3ca8d0ffa24430d21c1f023ceadaa771d365b48cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:21:42 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAADhdDNq0+0bRZyBBXc2CRSWcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7716c5b5-a01e-0004-143e-01686f000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.4.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 12 KB
5 KB 225ms
224ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.4.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e26dc183efa3391f4ac99d44b4776479bec4d72f7cbb444d28d6eed31a35e473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:21:42 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAAaDJ6IdD6xS4cyo25iqsZmcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 93ebdf6a-001e-0009-30b8-f88763000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.MailBoot.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 2 MB
392 KB 227ms
226ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.MailBoot.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:37 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAACH03oJtt0HTaan7FhKwXWCcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 796e8ac8-701e-000d-7c3e-0172e1000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.vendors~OfflineResolvers~ResolversWeb.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 15 KB
4 KB 247ms
246ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.vendors~OfflineResolvers~ResolversWeb.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8107918f356929699757f0dea8f0762eddf2a52ca33159fc600f3a36087372ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:27 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAD4jPSK0YSbRpWbnH2wMpqWcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ac7a5891-a01e-000f-29b8-f8701b000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.ResolversWeb.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 24 KB
8 KB 248ms
247ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.ResolversWeb.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

96dd0fff7981064ce2b819905c93085e9c0f93d23ab456ff673ff3187ee9aa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:22 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAABf7/871YIeRIYOAZWSO0EfcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 24f7c731-b01e-001b-75b8-f8b37f000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.LocalStateResolvers.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 313 B
511 B 273ms
272ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.LocalStateResolvers.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:25 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAAspXTf540FRJKd9iwm2Jc2cGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d6e5f4b9-901e-000c-7c3f-01731c000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 313

GET
H2 200 owa.279.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 879 KB
222 KB 274ms
272ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.279.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:21:46 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAA3qYlsDAZnSZk7cQcaRp1JcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f0b0b2bc-d01e-0029-3cbb-f8ebaf000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.LegacyAppBar.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 333 KB
97 KB 279ms
278ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.LegacyAppBar.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:37 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAABJ5Lbpxnr2RqHn3an24bFEcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 24f7c729-b01e-001b-70b8-f8b37f000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

POST
H/1.1 401
Unauthorized startupdata.ashx
outlook-dod.office365.us/owa/ 0
0 190ms
189ms Fetch 2001:489a:2200:5b4::2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://outlook-dod.office365.us/owa/startupdata.ashx?app=Mail&n=0

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:489a:2200:5b4::2 Cheyenne, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

x-message-count: 32
x-owa-sessionid: 20df7416-6ed8-4c4b-9fff-23c483be51e4
x-req-source: Mail
x-owa-canary: X-OWA-CANARY_cookie_is_null_or_empty
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
action: StartupData
Referer
x-owa-correlationid: f7ef173a-af93-ee4e-856e-7e1b3ea1b57f
ms-cv: s8ccQVqF6at4WVDuFNvUKK.0
x-js-experiment: 5

Response headers

X-BEServer: SN5P111MB0511
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", authorization_uri="https://login.microsoftonline.us/common/oauth2/authorize"
X-Proxy-BackendServerStatus: 401
X-BackEnd-End: 2022-01-05T13:11:18.128
X-OWA-Forest: NAMP111.PROD.OUTLOOK.COM
X-FEServer: CY1P111CA0088
X-CalculatedBETarget: SN5P111MB0511.NAMP111.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 401
X-RUM-Validated: 1
request-id: 876affec-bad6-a395-38be-b90a49647b96
Content-Length: 0
X-BackEnd-Begin: 2022-01-05T13:11:18.128
X-UA-Compatible: IE=EmulateIE7
X-OWA-DAG: NAMP111DG032
Server: Microsoft-IIS/10.0
Date: Wed, 05 Jan 2022 13:11:17 GMT
X-IIDs: 0
X-FirstHopCafeEFZ: CYS
X-DiagInfo: SN5P111MB0511
X-BeSku: Gen9
X-OWA-CorrelationId: f7ef173a-af93-ee4e-856e-7e1b3ea1b57f
X-OWA-DiagnosticsInfo: 0;0;0
X-Proxy-RoutingCorrectness: 1
X-Content-Type-Options: nosniff

GET
H2 200 analytics-ping.js Show response
res-dod.cdn.office.net/owamail/20211129004.15/resources/ 34 B
481 B 1151ms
77ms Fetch
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/resources/analytics-ping.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:20:07 GMT
date: Wed, 05 Jan 2022 13:11:18 GMT
x-azure-ref: 095jVYQAAAAAlzEZ0KwyPS5GoX3dovgWucGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c488e785-e01e-002a-4eb8-f8e8a8000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 34

POST
H/1.1 403
Throttling on # requests / Show response
pf.pipe.aria.microsoft.com/Collector/3.0/ 0
406 B 222ms
38ms XHR
text/plain 52.245.136.46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pf.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=3b1ea01450be48f29759d868931e225d-7167685b-f6ff-421c-aa64-8ae16fe92128-7283
Requested by: Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.245.136.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 13:11:18 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Collector-Error: Throttling on # requests
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H/1.1

200
OK

authorize
login.microsoftonline.us/common/oauth2/
Redirect Chain

https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0
https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86NzMxODoxMi8
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00...

147 KB
53 KB

375ms
72ms

Document
text/html

20.140.232.135

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.140.232.135 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://outlook-dod.office365.us/mail/:7318:12/?

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 63500a2c-385b-4a51-b366-5a88d8d11600
x-ms-ests-server: 2.1.12261.17 - BNO1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 05 Jan 2022 13:11:20 GMT
Content-Length: 53831

Redirect headers

Content-Length: 896
Content-Type: text/html; charset=utf-8
Location: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_
Server: Microsoft-IIS/10.0
request-id: 2a0ab1f9-97ec-d6be-dbf1-23e620517fb6
X-CalculatedBETarget: BN3P111MB0435.NAMP111.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: Gen9
X-OWA-DiagnosticsInfo: 1;0;0
X-IIDs: 0
X-BackEnd-Begin: 2022-01-05T13:11:20.677
X-BackEnd-End: 2022-01-05T13:11:20.679
X-DiagInfo: BN3P111MB0435
X-BEServer: BN3P111MB0435
X-UA-Compatible: IE=EmulateIE7
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 302
X-FirstHopCafeEFZ: CYS
X-FEServer: CY1P111CA0088
Date: Wed, 05 Jan 2022 13:11:19 GMT

GET
H2 200 owa.42.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 15 KB
4 KB 78ms
78ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.42.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:21:40 GMT
date: Wed, 05 Jan 2022 13:11:19 GMT
x-azure-ref: 0+JjVYQAAAAAIKvj1eQqkRrAZWB3pBWsacGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6f6ccd13-001e-0002-7b3e-019f17000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.vendors~MailRoutes.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 19 KB
6 KB 77ms
77ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.vendors~MailRoutes.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:22 GMT
date: Wed, 05 Jan 2022 13:11:19 GMT
x-azure-ref: 0+JjVYQAAAABBw9THZXoZSZHn37QslvincGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4b5ba5c2-401e-000e-23b8-f871e6000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 35 KB
36 KB 441ms
51ms Font
application/font-woff2 23.217.44.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.44.136 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-44-136.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://outlook-dod.office365.us/
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:20 GMT
last-modified: Wed, 22 Nov 2017 20:18:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D531E6235E7909
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 120318ff-201e-0040-3923-c76e9e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=24801853
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 owa.MailRibbon.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 2 MB
559 KB 79ms
79ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.MailRibbon.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:22:24 GMT
date: Wed, 05 Jan 2022 13:11:19 GMT
x-azure-ref: 0+JjVYQAAAAAyDi7ZHW3OTZRdbGCWUcJIcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e2d23e29-c01e-001f-17b8-f846fd000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 owa.1831.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ 467 B
690 B 77ms
77ms Script
application/javascript 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/owamail/20211129004.15/scripts/owa.1831.js

Requested by

Host: outlook-dod.office365.us
URL: https://outlook-dod.office365.us/mail/:7318:12/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 13:21:50 GMT
date: Wed, 05 Jan 2022 13:11:20 GMT
x-azure-ref: 0+JjVYQAAAADwL/dCZ7w4SKrtLrmQg96qcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 22b10be6-201e-001e-3cbb-f84700000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 467

GET
H2 200 segoeui-regular.woff2
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/segoeui-westeuropean/ 35 KB
36 KB 80ms
80ms Font
font/woff2 52.244.33.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/segoeui-westeuropean/segoeui-regular.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.33.223 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://outlook-dod.office365.us/
Origin: https://outlook-dod.office365.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 16 Jun 2021 15:44:42 GMT
date: Wed, 05 Jan 2022 13:11:20 GMT
x-azure-ref: 0+JjVYQAAAADh47cnKs61R7Txl/3KPPZVcGh4MDItZmR2Mi01OTljZGJkY2M5LWZkOGJqAGQzMTZhODQ1LWJiNzktNDMzZC1iNjk2LWFlZWMwZTZjZDc2MQ==
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: dd2a59c0-c01e-001f-2e85-f546fd000000
access-control-expose-headers: date
cache-control: public, max-age=31536000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 36344

GET
H/1.1 200
OK Primary Request authorize Show response
login.microsoftonline.us/common/oauth2/ 185 KB
47 KB 105ms
105ms Document
text/html 20.140.232.135

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.140.232.135 -, , ASN (),

Reverse DNS

Software

Resource Hash

74fb5622cedcdb722028686abcc2f70ba64e51028452ae62c334e54fff4e0779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 65b3840f-f7d6-451b-8f90-3a5f53dd0800
x-ms-ests-server: 2.1.12261.17 - BNO1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 05 Jan 2022 13:11:20 GMT
Content-Length: 46510

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 188ms
52ms Other
text/html 40.126.24.81

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.24.81 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 459 KB
126 KB 116ms
28ms Script
application/x-javascript 152.199.4.44

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/87C0) /
Resource Hash: ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d

Request headers

Referer: https://login.microsoftonline.us/
Origin: https://login.microsoftonline.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-encoding: gzip
content-md5: e+GEpArZIh9idGnWSOj0zg==
age: 2385924
x-cache: HIT
content-length: 128665
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (aga/87C0)
etag: 0x8D99FD6608B3F3E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bd3f5078-601e-003c-5182-ecd37f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK prefetch.aspx Show response
outlook.office365.com/owa/ Frame EFD8 3 KB
3 KB 224ms
70ms Document
text/html 2603:1036:302:4831::2

General

Check archive.org

Show headers Download Go to

Full URL

https://outlook.office365.com/owa/prefetch.aspx

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1036:302:4831::2 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e6ca894d3bbd4bcf53c8eb76045fb8f65841ac01b3a9df2fb7f57c192929a4fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/

Response headers

Cache-Control: private, no-store
Content-Length: 1235
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
request-id: c754508b-7d37-44d4-8967-0420dd70bb59
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedFETarget: DM3PR12CU004.internal.outlook.com
X-BackEndHttpStatus: 200 200
X-FEProxyInfo: DM3PR12CA0113.NAMPRD12.PROD.OUTLOOK.COM
X-CalculatedBETarget: DM6PR13MB3323.namprd13.prod.outlook.com
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS5
X-OWA-Version: 15.20.4867.7
X-OWA-DiagnosticsInfo: 1;0;0
X-IIDs: 0
X-BackEnd-Begin: 2022-01-05T13:11:22.517
X-BackEnd-End: 2022-01-05T13:11:22.519
X-DiagInfo: DM6PR13MB3323
X-BEServer: DM6PR13MB3323
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 200
X-FEServer: DM3PR12CA0113 BL1PR13CA0099
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ: MNZ
Date: Wed, 05 Jan 2022 13:11:21 GMT

GET
H2 200 oneDs_472fa3a12b65cf387ccd.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 78 KB
26 KB 188ms
101ms Script
application/x-javascript 152.199.4.44

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/6D33) /
Resource Hash: 235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-encoding: gzip
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
age: 6296759
x-cache: HIT
content-length: 26117
x-ms-lease-status: unlocked
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (aga/6D33)
etag: 0x8D9942E72241B02
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7b8c28d0-801e-002f-47f0-c89f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 154ms
87ms Other
text/css 152.199.4.44

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/6D08) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 8111470
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (aga/6D08)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6cacbdfd-901e-0041-4b6f-b8dc2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en.min_o71-iz4tb7logt_eqer98w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
13 KB 135ms
68ms Other
application/x-javascript 152.199.4.44

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_o71-iz4tb7logt_eqer98w2.js
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/6D11) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-encoding: gzip
content-md5: TYaL+AGTXfxbZBdZyg21Og==
age: 6296759
x-cache: HIT
content-length: 12552
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (aga/6D11)
etag: 0x8D992B5E40D12D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b956b66a-d01e-0045-77f0-c83786000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ 987 B
1 KB 109ms
57ms Image
image/jpeg 152.199.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/86F0) /
Resource Hash: 8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-md5: 5YqvyYBhSpzXeWvqe16o8A==
age: 15249595
x-cache: HIT
content-length: 987
x-ms-lease-status: unlocked
last-modified: Fri, 27 Mar 2020 19:42:36 GMT
server: ECAcc (aga/86F0)
etag: 0x8D7D287001BC861
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: aa133521-b01e-0037-7084-770730000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 49_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ 17 KB
17 KB 107ms
58ms Image
image/jpeg 152.199.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/8706) /
Resource Hash: d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-md5: eRaolOvefSnCzCmyZ/Epnw==
age: 14957088
x-cache: HIT
content-length: 17453
x-ms-lease-status: unlocked
last-modified: Fri, 27 Mar 2020 19:42:36 GMT
server: ECAcc (aga/8706)
etag: 0x8D7D2870015D3DE
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: cf6e3889-a01e-007e-4a2d-7a22b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 53_8b36337037cff88c3df203bb73d58e41.png
aadcdn.msftauth.net/shared/1.0/content/images/applogos/ 5 KB
5 KB 93ms
79ms Image
image/png 152.199.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/8737) /
Resource Hash: e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-md5: izYzcDfP+Iw98gO7c9WOQQ==
age: 9656865
x-cache: HIT
content-length: 5139
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 03:12:17 GMT
server: ECAcc (aga/8737)
etag: 0x8D7AF695D6C58F2
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e6cb2522-f01e-0057-5c61-aa85c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
2 KB 107ms
93ms Image
image/svg+xml 152.199.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/86CF) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
age: 19292082
x-cache: HIT
content-length: 1435
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (aga/86CF)
etag: 0x8D79A1B9F5E121A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e194747d-b01e-0037-7fbf-520730000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H/1.1 200
OK reportpageload Show response
login.microsoftonline.us/common/instrumentation/ 264 B
1 KB 45ms
44ms XHR
application/json 20.140.232.135

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.us/common/instrumentation/reportpageload?mkt=en-US

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.140.232.135 -, , ASN (),

Reverse DNS

Software

Resource Hash

bf7666a3f566a58a04bef9dc824993e2eca52be13f2ce6d09d1880227a6465c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

hpgrequestid: 65b3840f-f7d6-451b-8f90-3a5f53dd0800
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
client-request-id: 2a0ab1f9-97ec-d6be-dbf1-23e620517fb6
canary: AQABAAAAAgBXxJ9NxOLiQKGXj-vdb8BdUGv6lbgMzHzeWkYsdQTBAykP6-HRM24JLFa0PKdVVm-J7PEKHN3D1YxYr8PLlBUUQacVr3gE_ZKk1XUvGSH9-1U0uuuYmP1J8cVc3bu0hLS1wS7lyNOo91NLRSOuKYe8gKG3QC-ZVvFjtgc1KQxxHFBY9q-3mF7F016R5a-n1yitkFHEPGMiKAktO6Rx0L_-Gg0cKDL0BDGg0x1SwZ3pWiAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
hpgact: 1800

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
client-request-id: 2a0ab1f9-97ec-d6be-dbf1-23e620517fb6
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 264
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 05 Jan 2022 13:11:21 GMT
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoft.us/
x-ms-request-id: eba8f1b8-3e7c-4c5d-a8b5-73009fcd3500
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
x-ms-ests-server: 2.1.12261.17 - BNO1 ProdSlices
Expires: -1

GET boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.4867.5/scripts/ Frame EFD8 0
0

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
772 B 27ms
26ms Image
image/svg+xml 152.199.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (aga/86CD) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Jan 2022 13:11:22 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 12139524
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: ECAcc (aga/86CD)
etag: 0x8D8852A740F01B9
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cbcd66fe-301e-0015-74cd-93740c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r4.res.office365.com
URL: https://r4.res.office365.com/owa/prem/15.20.4867.5/scripts/boot.worldwide.0.mouse.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
outlook-dod.office365.us/	1970-01-20 08:42:04	Name: ClientId Value: 580B9711F51D4025B2D4B4A9307D611D
outlook-dod.office365.us/	1970-01-20 04:17:06	Name: OIDC Value: 1
outlook-dod.office365.us/	1970-01-19 23:56:31	Name: OpenIdConnect.nonce.v3.0p68GRknM5bEn4nVu9lq5pnjp1Mxci2pJsnpQv6HKfU Value: 637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703
outlook-dod.office365.us/	1970-01-19 23:56:50	Name: X-OWA-RedirectHistory Value: Ale6VTEBmv3K3UzQ2Qg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://outlook-dod.office365.us/owa/startupdata.ashx?app=Mail&n=0 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://pf.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=3b1ea01450be48f29759d868931e225d-7167685b-f6ff-421c-aa64-8ae16fe92128-7283 Message: Failed to load resource: the server responded with a status of 403 (Throttling on # requests)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
login.live.com
login.microsoftonline.us
mcasproxy.azureedge.net
outlook-dod.office365.us
outlook-dod.office365.us.mcas-gov.us
outlook.office365.com
pf.pipe.aria.microsoft.com
r4.res.office365.com
res-dod.cdn.office.net
static2.sharepointonline.com
r4.res.office365.com
13.72.27.219
152.199.4.44
20.140.232.135
2001:489a:2200:5b4::2
23.217.44.136
2600:141b:13::17d7:8229
2603:1036:302:4831::2
40.126.24.81
52.244.33.223
52.245.136.46
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1d512d8db7a64059a53de9e32f5a389e345842b2cfcff56cd5a93cf0e09ec180
206897bade530830fc516b4509157f004376ce0ddb201fd0c62754d13f3b3ec3
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
74fb5622cedcdb722028686abcc2f70ba64e51028452ae62c334e54fff4e0779
8107918f356929699757f0dea8f0762eddf2a52ca33159fc600f3a36087372ab
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
96dd0fff7981064ce2b819905c93085e9c0f93d23ab456ff673ff3187ee9aa94
a48a4ac02ea742f3e5a7e801d8fe789cda74ed3e31cc13038c0b9df6f2d2e35f
a7e4d5443d2c18901a532a38ae41cfbcfc45eed0caaa0bf253a9afd0bc0c17da
ad6380161cd39b976ab27949c0dce7e1328dc626f5a43d7994956317b3e79868
b85f990ab6ffa38a2ef0d6eb6406dba56edbae8de65aefab6bceed44fbe9401f
bdb3b5a6f823f9fc626a3c3040ecc74731c183fdd843707f6f7dad7941efad1f
bf7666a3f566a58a04bef9dc824993e2eca52be13f2ce6d09d1880227a6465c5
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
cf03042188af409d96ba7c3ca8d0ffa24430d21c1f023ceadaa771d365b48cfd
d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5
d27265ff19b922292793d809aea7e415ba0cd7fb8d34eb654aa68f0c26f0d157
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e26dc183efa3391f4ac99d44b4776479bec4d72f7cbb444d28d6eed31a35e473
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
e6ca894d3bbd4bcf53c8eb76045fb8f65841ac01b3a9df2fb7f57c192929a4fb

login.microsoftonline.us Open in urlscan Pro 20.140.232.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

44 Requests

95 %HTTPS

30 %IPv6

10 Domains

11 Subdomains

11 IPs

1 Countries

2274 kBTransfer

7662 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.microsoftonline.us Open in urlscan Pro
20.140.232.135 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

30 %
IPv6

10
Domains

11
Subdomains

11
IPs

1
Countries

2274 kB
Transfer

7662 kB
Size

4
Cookies

44 HTTP transactions
0 data transactions