urlscan.io logo urlscan.io
SecurityTrails logo

outlook.office.com Open in urlscan Pro
2603:1026:c0d:828::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fr.nutrastores.cl/
Effective URL: https://outlook.office.com/mail/
Submission: On October 05 via api from CA — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2603:1026:c0d:828::2, located in and belongs to . The main domain is outlook.office.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on July 26th 2022. Valid for: a year.
This is the only time outlook.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 185.182.185.196 51167 (CONTABO)
1 1 3.226.62.59 14618 (AMAZON-AES)
1 3 154.26.135.70 141995 (CAPL-AS-A...)
1 2603:1026:c0d... ()
6 4
Apex Domain
Subdomains		 Transfer
3 ucapitale.net
xpi.ucapitale.net
23 KB
3 nutrastores.cl
fr.nutrastores.cl
23 KB
1 office.com
outlook.office.com
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 48618
287 B
0 microsoft.com Failed
csp.microsoft.com Failed
6 5
Domain Requested by
3 xpi.ucapitale.net 1 redirects fr.nutrastores.cl
xpi.ucapitale.net
3 fr.nutrastores.cl 1 redirects fr.nutrastores.cl
1 outlook.office.com xpi.ucapitale.net
1 rebrand.ly 1 redirects
0 csp.microsoft.com Failed fr.nutrastores.cl
6 5

This site contains no links.

Subject Issuer Validity Valid
nutrastores.cl
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
ucapitale.net
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
outlook.com
DigiCert Cloud Services CA-1		 2022-07-26 -
2023-07-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://outlook.office.com/mail/
Frame ID: 3A92F3798D1BB4EAF823DA693E860E60
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fr.nutrastores.cl/ Page URL
  2. https://fr.nutrastores.cl/ HTTP 302
    https://rebrand.ly/dwv943w HTTP 301
    https://xpi.ucapitale.net/ Page URL
  3. https://xpi.ucapitale.net/ HTTP 302
    https://outlook.office.com/mail/ Page URL

Page Statistics

6
Requests

83 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

46 kB
Transfer

149 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fr.nutrastores.cl/ Page URL
  2. https://fr.nutrastores.cl/ HTTP 302
    https://rebrand.ly/dwv943w HTTP 301
    https://xpi.ucapitale.net/ Page URL
  3. https://xpi.ucapitale.net/ HTTP 302
    https://outlook.office.com/mail/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://fr.nutrastores.cl/ HTTP 302
  • https://rebrand.ly/dwv943w HTTP 301
  • https://xpi.ucapitale.net/

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
fr.nutrastores.cl/ 		58 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fr.nutrastores.cl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.185.196 Milan, Italy, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1001129.contaboserver.net
Software
nginx/1.21.6 /
Resource Hash
4ffbad76605c3779c3a2f28735ce4c74b21f127e78f9e0283630f47a1e0e59aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 12:22:07 GMT
server
nginx/1.21.6
vary
Accept-Encoding
/
fr.nutrastores.cl/ 		25 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr.nutrastores.cl/
Requested by
Host: fr.nutrastores.cl
URL: https://fr.nutrastores.cl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.185.196 Milan, Italy, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1001129.contaboserver.net
Software
nginx/1.21.6 /
Resource Hash
d6f7d41ab3ade667a96a0c28242919d97ed7e18db8c9492e9a1bcb39f49675c5

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Oct 2022 12:22:08 GMT
content-encoding
gzip
server
nginx/1.21.6
vary
Accept-Encoding
content-type
application/json
/
xpi.ucapitale.net/
Redirect Chain
  • https://fr.nutrastores.cl/
  • https://rebrand.ly/dwv943w
  • https://xpi.ucapitale.net/?
58 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xpi.ucapitale.net/?
Requested by
Host: fr.nutrastores.cl
URL: https://fr.nutrastores.cl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.135.70 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1001142.contaboserver.net
Software
nginx/1.21.6 /
Resource Hash
2ec69961c0ce3465faa2832e9d80b90aca57d22383ee194069caba389e3d221b

Request headers

Referer
https://fr.nutrastores.cl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 12:22:10 GMT
server
nginx/1.21.6
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 05 Oct 2022 12:22:08 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://xpi.ucapitale.net/?
Strict-Transport-Security
max-age=15552000
/
xpi.ucapitale.net/ 		25 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xpi.ucapitale.net/?
Requested by
Host: xpi.ucapitale.net
URL: https://xpi.ucapitale.net/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.135.70 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1001142.contaboserver.net
Software
nginx/1.21.6 /
Resource Hash
d6f7d41ab3ade667a96a0c28242919d97ed7e18db8c9492e9a1bcb39f49675c5

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Oct 2022 12:22:11 GMT
content-encoding
gzip
server
nginx/1.21.6
vary
Accept-Encoding
content-type
application/json
Primary Request /
outlook.office.com/mail/
Redirect Chain
  • https://xpi.ucapitale.net/?
  • https://outlook.office.com/mail/
33 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office.com/mail/
Requested by
Host: xpi.ucapitale.net
URL: https://xpi.ucapitale.net/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:c0d:828::2 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-2hshWZ6PDeAx6tCBXf0Glw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.services.web.outlook.com login.live.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com aesir.office.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com arc.msn.com *.dynamics.com api.tenor.com attachment.outlook.live.net *.msedge.net; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms; object-src *.office.net 'self' attachments.office.net attachment.outlook.live.net; frame-ancestors 'self' teams.microsoft.com; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com attachments.office.net attachment.outlook.live.net; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xpi.ucapitale.net/?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443",h3-29=":443"
cache-control
no-cache
content-encoding
br
content-security-policy
default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-2hshWZ6PDeAx6tCBXf0Glw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com 'unsafe-inline'; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net *.services.web.outlook.com login.live.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.officeapps.live.com *.skype.com *.skypeassets.com *.spoppe.com *.onedrive.com my.microsoftpersonalcontent.com browser.pipe.aria.microsoft.com *.gateway.messenger.live.com dev.virtualearth.net *.trouter.skype.com *.trouter.io wss://*.trouter.skype.com wss://*.trouter.skype.com:443 wss://*.trouter.io:443 media.licdn.com *.facebook.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.office.com wss://*.augloop.office.com outlook.live.com graph.microsoft.com *.graph.microsoft.com *.googleapis.com *.office.microsoft.com api.box.com api.dropboxapi.com *.users.storage.live.com www.onenote.com *.storage.msn.com wss://*.pushd.svc.ms wss://*.pushs.svc.ms wss://*.pushb.svc.ms wss://*.pushp.svc.ms wss://*.svc.ms nleditor.osi.officeppe.net pptservicescast.officeapps.live.com *.sharepoint-df.com *.sharepoint.com wss://*.delve.office.com:443 wss://*.loki.delve.office.com:443 wss://*.loki.delve.office.com *.delve.office.com *.loki.delve.office.com web.vortex.data.microsoft.com *.events.data.microsoft.com *.online.lync.com *.infra.lync.com wss://*.cortana.ai *.cortana.ai fs.microsoft.com 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com wss://augloop-dogfood.officeppe.com wss://*.augloop-dogfood.officeppe.com wss://augloop-gcc.office.com wss://*.augloop-gcc.office.com aesir.office.com *.oscs.protection.outlook.com *.safelinks.protection.outlook.com arc.msn.com *.dynamics.com api.tenor.com attachment.outlook.live.net *.msedge.net; base-uri browser.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms; object-src *.office.net 'self' attachments.office.net attachment.outlook.live.net; frame-ancestors 'self' teams.microsoft.com; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com attachments.office.net attachment.outlook.live.net; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD; upgrade-insecure-requests;
content-type
text/html
date
Wed, 05 Oct 2022 12:22:11 GMT
expires
-1
ms-cv
BGn1NR2C+9BcwPQUPE5WtQ.1.1
pragma
no-cache
referrer-policy
no-referrer
request-id
35f56904-821d-d0fb-5cc0-f4143c4e56b5
runtime_model
B2
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-app-name
Mail
x-backendhttpstatus
200 200
x-bepartition
CLDEUP281FRA00
x-beserver
FRYP281MB2559
x-besku
UNKNOWN
x-calculatedbetarget
FRYP281MB2559.DEUP281.PROD.OUTLOOK.COM
x-calculatedfetarget
AS8PR04CU005.internal.outlook.com
x-client-version
20220923004.19
x-clique
CLDEUP281FRA00
x-feefzinfo
HHN
x-feproxyinfo
FR3P281CA0133.DEUP281.PROD.OUTLOOK.COM
x-feserver
AS8PR04CA0139 FR3P281CA0133
x-firsthopcafeefz
HHN
x-powered-by
ASP.NET
x-preferredroutingkeydiagnostics
1
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-rum-validated
1
x-web-server-version
22.9.26.3

Redirect headers

content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 12:22:12 GMT
location
https://outlook.office.com/mail/
server
nginx/1.21.6
OutlookWeb-Mail-PROD
csp.microsoft.com/report/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.microsoft.com
URL
https://csp.microsoft.com/report/OutlookWeb-Mail-PROD

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
.nutrastores.cl/ Name: 0OlgAL
Value: "Y2FjZjk3NWItYjdhYS00ZjliLWEzNDctODRkNWMyMTIwZjE1OjQ4OTk5MDY1LTJiMDctNGUzNi1iNjIzLWUyOTBkMzY2NDQ0NQ=="
.ucapitale.net/ Name: DPdWcO
Value: "ZDgyMWEwM2QtMjRlYy00MjVkLThhNmUtZTQzMWQzNGEzNWZjOjdiNDIyZmYzLTMzY2QtNGExZS04NWVhLTNiNjU3NGNiNDViMA=="