![](/screenshots/c86da120-0eaf-4869-926b-2f863f8974b9.png)
login.microsoftonline.us
Open in
urlscan Pro
20.140.232.135
Public Scan
Effective URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On January 05 via automatic, source openphish — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 12th 2021. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.72.27.219 13.72.27.219 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2600:141b:13:... 2600:141b:13::17d7:8229 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 4 | 2001:489a:220... 2001:489a:2200:5b4::2 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 52.244.33.223 52.244.33.223 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.245.136.46 52.245.136.46 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 20.140.232.135 20.140.232.135 | () () | |
1 | 23.217.44.136 23.217.44.136 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 40.126.24.81 40.126.24.81 | () () | |
9 | 152.199.4.44 152.199.4.44 | () () | |
1 | 2603:1036:302... 2603:1036:302:4831::2 | () () | |
44 | 11 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook-dod.office365.us.mcas-gov.us |
ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook-dod.office365.us |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
res-dod.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pf.pipe.aria.microsoft.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-217-44-136.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
office.net
res-dod.cdn.office.net |
2 MB |
9 |
msftauth.net
aadcdn.msftauth.net |
210 KB |
4 |
office365.us
2 redirects
outlook-dod.office365.us |
258 KB |
3 |
microsoftonline.us
login.microsoftonline.us |
102 KB |
3 |
azureedge.net
mcasproxy.azureedge.net |
44 KB |
1 |
office365.com
outlook.office365.com r4.res.office365.com Failed |
3 KB |
1 |
live.com
login.live.com |
|
1 |
sharepointonline.com
static2.sharepointonline.com |
36 KB |
1 |
microsoft.com
pf.pipe.aria.microsoft.com |
406 B |
1 |
mcas-gov.us
outlook-dod.office365.us.mcas-gov.us |
1 KB |
44 | 10 |
Domain | Requested by | |
---|---|---|
21 | res-dod.cdn.office.net |
outlook-dod.office365.us
|
9 | aadcdn.msftauth.net |
login.microsoftonline.us
aadcdn.msftauth.net |
4 | outlook-dod.office365.us |
2 redirects
outlook-dod.office365.us
|
3 | login.microsoftonline.us |
outlook-dod.office365.us
login.microsoftonline.us aadcdn.msftauth.net |
3 | mcasproxy.azureedge.net |
outlook-dod.office365.us.mcas-gov.us
mcasproxy.azureedge.net |
1 | outlook.office365.com |
aadcdn.msftauth.net
|
1 | login.live.com |
login.microsoftonline.us
|
1 | static2.sharepointonline.com | |
1 | pf.pipe.aria.microsoft.com |
outlook-dod.office365.us
|
1 | outlook-dod.office365.us.mcas-gov.us | |
0 | r4.res.office365.com Failed |
outlook.office365.com
|
44 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azureedge.net Microsoft RSA TLS CA 01 |
2021-10-28 - 2022-10-28 |
a year | crt.sh |
webmail.apps.mil Entrust Certification Authority - L1K |
2020-06-11 - 2022-06-11 |
2 years | crt.sh |
res-dod.cdn.office.net DigiCert SHA2 Secure Server CA |
2021-10-25 - 2022-10-25 |
a year | crt.sh |
*.pipe.aria.microsoft.com Microsoft Azure TLS Issuing CA 05 |
2021-09-24 - 2022-09-19 |
a year | crt.sh |
login.microsoftonline.us DigiCert SHA2 Secure Server CA |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
*.sharepointonline.com Microsoft RSA TLS CA 01 |
2021-07-08 - 2022-07-08 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2021-11-20 - 2022-11-20 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2021-05-13 - 2022-05-13 |
a year | crt.sh |
outlook.com DigiCert Cloud Services CA-1 |
2021-12-12 - 2022-12-12 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true
Frame ID: 74E563EB5C1C557F6B0A4C61ACC290CA
Requests: 40 HTTP requests in this frame
Frame:
https://mcasproxy.azureedge.net/proxyweb/1.8.15/html/session-context-restore.html?action=store&contextData=http%3A%2F%2Foutlook-dod.office365.us%2Fmail%2F%3A7318%3A12%2F
Frame ID: BA2CB9F03BFC8C0DB021233F5FF329B8
Requests: 2 HTTP requests in this frame
Frame:
https://outlook.office365.com/owa/prefetch.aspx
Frame ID: EFD883BA444D68F079E4EE9607AC0FC7
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/c86da120-0eaf-4869-926b-2f863f8974b9.png)
Page URL History Show full URLs
- http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/ Page URL
-
http://outlook-dod.office365.us/mail/:7318:12/
HTTP 307
https://outlook-dod.office365.us/mail/:7318:12/ Page URL
-
https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0
HTTP 302
https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86... HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/ Page URL
-
http://outlook-dod.office365.us/mail/:7318:12/
HTTP 307
https://outlook-dod.office365.us/mail/:7318:12/ Page URL
-
https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0
HTTP 302
https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86NzMxODoxMi8 HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_ Page URL
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- http://outlook-dod.office365.us/mail/:7318:12/ HTTP 307
- https://outlook-dod.office365.us/mail/:7318:12/
- https://outlook-dod.office365.us/mail/:7318:12/?authRedirect=true&state=0 HTTP 302
- https://outlook-dod.office365.us/owa/?state=1&redirectTo=aHR0cHM6Ly9vdXRsb29rLWRvZC5vZmZpY2UzNjUudXMvbWFpbC86NzMxODoxMi8 HTTP 302
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook-dod.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=2a0ab1f9-97ec-d6be-dbf1-23e620517fb6&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703&state=DcuxDoIwFEBR0H9xqxSwfY-BOGAMA8WEaEC2FkqCiYEAVuTr7XDudl3HcfbWznKpjQM8BOARMoqUAzIO7Mi4BL9DJEwxJCcehERBhARCpYOmkxpo6Nq38oav9M7zIhcd-4dJt_2km-U-xDItaJMKnv0i01bFrIJoysrC1Akz9bsen8Fjy1-PT1sJo8rrqBLk-SbW22VYRY9_
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
outlook-dod.office365.us.mcas-gov.us/mail/:7318:12/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.8.15/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.8.15/html/ Frame BA2C |
281 B 729 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.8.15/js/ Frame BA2C |
37 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
outlook-dod.office365.us/mail/:7318:12/ Redirect Chain
|
247 KB 252 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.5.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
57 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.7.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
39 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.9.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
125 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.11.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.SharedBoot.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
749 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.1.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
74 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.2.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.3.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.4.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.MailBoot.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
2 MB 392 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.vendors~OfflineResolvers~ResolversWeb.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ResolversWeb.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.LocalStateResolvers.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
313 B 511 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.279.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
879 KB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.LegacyAppBar.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
333 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
startupdata.ashx
outlook-dod.office365.us/owa/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics-ping.js
res-dod.cdn.office.net/owamail/20211129004.15/resources/ |
34 B 481 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
pf.pipe.aria.microsoft.com/Collector/3.0/ |
0 406 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.us/common/oauth2/ Redirect Chain
|
147 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.42.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.vendors~MailRoutes.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.MailRibbon.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
2 MB 559 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.1831.js
res-dod.cdn.office.net/owamail/20211129004.15/scripts/ |
467 B 690 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.us/common/oauth2/ |
185 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
459 KB 126 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.aspx
outlook.office365.com/owa/ Frame EFD8 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_472fa3a12b65cf387ccd.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
78 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_o71-iz4tb7logt_eqer98w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 13 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ |
987 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53_8b36337037cff88c3df203bb73d58e41.png
aadcdn.msftauth.net/shared/1.0/content/images/applogos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
reportpageload
login.microsoftonline.us/common/instrumentation/ |
264 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.4867.5/scripts/ Frame EFD8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 772 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- r4.res.office365.com
- URL
- https://r4.res.office365.com/owa/prem/15.20.4867.5/scripts/boot.worldwide.0.mouse.js
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
outlook-dod.office365.us/ | Name: ClientId Value: 580B9711F51D4025B2D4B4A9307D611D |
|
outlook-dod.office365.us/ | Name: OIDC Value: 1 |
|
outlook-dod.office365.us/ | Name: OpenIdConnect.nonce.v3.0p68GRknM5bEn4nVu9lq5pnjp1Mxci2pJsnpQv6HKfU Value: 637769850806785675.56a71f88-5b58-4623-b798-73be2cfae703 |
|
outlook-dod.office365.us/ | Name: X-OWA-RedirectHistory Value: Ale6VTEBmv3K3UzQ2Qg |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
login.live.com
login.microsoftonline.us
mcasproxy.azureedge.net
outlook-dod.office365.us
outlook-dod.office365.us.mcas-gov.us
outlook.office365.com
pf.pipe.aria.microsoft.com
r4.res.office365.com
res-dod.cdn.office.net
static2.sharepointonline.com
r4.res.office365.com
13.72.27.219
152.199.4.44
20.140.232.135
2001:489a:2200:5b4::2
23.217.44.136
2600:141b:13::17d7:8229
2603:1036:302:4831::2
40.126.24.81
52.244.33.223
52.245.136.46
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1d512d8db7a64059a53de9e32f5a389e345842b2cfcff56cd5a93cf0e09ec180
206897bade530830fc516b4509157f004376ce0ddb201fd0c62754d13f3b3ec3
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
74fb5622cedcdb722028686abcc2f70ba64e51028452ae62c334e54fff4e0779
8107918f356929699757f0dea8f0762eddf2a52ca33159fc600f3a36087372ab
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
96dd0fff7981064ce2b819905c93085e9c0f93d23ab456ff673ff3187ee9aa94
a48a4ac02ea742f3e5a7e801d8fe789cda74ed3e31cc13038c0b9df6f2d2e35f
a7e4d5443d2c18901a532a38ae41cfbcfc45eed0caaa0bf253a9afd0bc0c17da
ad6380161cd39b976ab27949c0dce7e1328dc626f5a43d7994956317b3e79868
b85f990ab6ffa38a2ef0d6eb6406dba56edbae8de65aefab6bceed44fbe9401f
bdb3b5a6f823f9fc626a3c3040ecc74731c183fdd843707f6f7dad7941efad1f
bf7666a3f566a58a04bef9dc824993e2eca52be13f2ce6d09d1880227a6465c5
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
cf03042188af409d96ba7c3ca8d0ffa24430d21c1f023ceadaa771d365b48cfd
d185159b6a77cd02ed536f44197af7913ecfd6fd264b113eac65fce9a97482f5
d27265ff19b922292793d809aea7e415ba0cd7fb8d34eb654aa68f0c26f0d157
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e26dc183efa3391f4ac99d44b4776479bec4d72f7cbb444d28d6eed31a35e473
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
e6ca894d3bbd4bcf53c8eb76045fb8f65841ac01b3a9df2fb7f57c192929a4fb