urlscan.io logo urlscan.io
SecurityTrails logo

outlook.office365.com Open in urlscan Pro
2603:1036:302:415d::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.us.m.mimecastprotect.com/s/HJUOCW6lorH5PQ3qxUKiKHosZ2c?domain=outlook.office365.com
Effective URL: https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave...
Submission: On November 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2603:1036:302:415d::2, located in Washington, United States and belongs to . The main domain is outlook.office365.com. The Cisco Umbrella rank of the primary domain is 39.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on June 27th 2024. Valid for: a year.
This is the only time outlook.office365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 207.211.31.106 14135 (NAVISITE-...)
1 3 2603:1036:302... ()
2 2
Apex Domain
Subdomains		 Transfer
3 office365.com
outlook.office365.com — Cisco Umbrella Rank: 39
27 KB
2 mimecastprotect.com
url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 15023
3 KB
2 2
Domain Requested by
3 outlook.office365.com 1 redirects
2 url.us.m.mimecastprotect.com 2 redirects
2 2

This site contains no links.

Subject Issuer Validity Valid
outlook.com
DigiCert Cloud Services CA-1		 2024-06-27 -
2025-06-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave&GuestId=b5e93e2a-4b09-400a-9421-fdec2915cae0
Frame ID: D737F9E30CBBA78742BA76EDA9765E3A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Leave Group

Page URL History Show full URLs

  1. https://url.us.m.mimecastprotect.com/s/HJUOCW6lorH5PQ3qxUKiKHosZ2c?domain=outlook.office365.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/HPQGfbjQAu6TqoplLkzytBFf6r-qXm5LE8R62IveckCd90CAcG6pLHSNza-4cURj7ugxSoJkCa... HTTP 307
    https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=Escalated... Page URL

Page Statistics

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

27 kB
Transfer

36 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.us.m.mimecastprotect.com/s/HJUOCW6lorH5PQ3qxUKiKHosZ2c?domain=outlook.office365.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/HPQGfbjQAu6TqoplLkzytBFf6r-qXm5LE8R62IveckCd90CAcG6pLHSNza-4cURj7ugxSoJkCaZPlqMebuI19POejm2np5O_hTT6r-8RNZw-Lny3wmBNW1edU6ljY9GYkX-XCWW8_MRBik0tvFpg-AzjT6gNxtJ8WmlUq1LWeFiHoESr87n1sn4EAqFemJM5oe1GQfGs5IdisddYYLMqahJkDl4KvZejr7L9UFyA_87Hlc94nFA6E8Zitlt2NSi1L8lHOa5mEbm9BvjarKVSmy1olQmhZ6CD2-IhdiTezCiN-GhyhDLjemOOjevPQphM1yCbRHt3up4DBnB1aD0tzTZX0rswBmbvyg8Kb7o68E0XVoTzl3HjjWsOEoIOqEuVF4k1WC4c3LjYSTDQbcAbTDBEPnfhhnp9A7finqx0xoyDCzYj0GjdstD9WHPCCdy5KCHhbcklhStnJzdgLl16HQVYdeTOA2qcVThytDc7Jmh6FMQvq851O-LFG93E0nDh5RgWr1GPyB6H_4TKdNF4KrW0xInfr5deACLO3KJ2WCGieTMgOJXTAlzYLkAZnSK2kZqq3RxuDTbHVKGfeW8-so_zUO9jXo0V_3nRVl9wekres7eDqmzYC2FdQidjzezWYe0SV_M1YjZ8AIUISVUB2sVW0DbS1tRv08pBo3VblxDKS1toulUvkUpLCshRA8E9Av8MpNanpyt0HFdRESdyY0ncDkZ_UWW4EZEcqCLMauG5VvfywG9oNeohEnH_q3Nj0eUS5Wtjdl5-EoJqdjGsDOqUUR5giAzN9ogFpb7-Aqyef4-UkW1XQejY0vNEIMs7Ocok6cOQhBy6FxTJn4yyxwQbaF4RAO5Rpwe36Mv9wPeZ08ILbV3S3OilgyL3xLjZgrd31OgRktNpvpllc7XTgjfJepuhfbztWbmhdsotjakQcszy9hOZplID6c-DhaOe1u_16V2v7rLGNIok6HDcdQ88_MFXPtgT0Kups0Lh4ihNXwqJRyA2RgFXJbW88Nm_mBMOxKCYTq-cCMJlsh5_Dp6JL22fgc-duv-7sQ_i8oAEi4uiBKFszN1wiHyajGg5Tb7AKGCNyOl5-i2glOhLdlwajiP8wpGr1aQYwgKWqX7n_bNG83ZZY0g20V45ECTG6jn4T_8NH0dnHu81jVaDp1vZU_oWvjiNI15T6axEVo0GxAgZzU9WbN8oORo48fxhw7bkzsuGbrZeByCWu5-fmjPR7tsLjuupI-fXz_HZQXjrIlXisp8PmuuXHWzmT5nb933YtCzEYgOV5r_JSOXVNZbzXx7zjayJeVB1Sz8diPUMt9isU41NR1yDciYhxIlj3iV2HOPBOogFD_h3uN7xOeBVvSvtK3_SFf4Wq5tbOv96MTR0ftgdwgzlNRyWmdG3Br0ZBmhtJa_WwhEeM8Qef6CYhVzbV1JUEUZpPa5c8sHqgtR3YN9iLIMAc69pDqpDa-K84oeeSaABHFCjJTM9ACweCfWgXwSy4Ze7Teoq6JFDwLizthCL-Jv8-X_xe2RElXv3VJ8N7tv-9KR4F7PqRh8jGa-Id6CnxwJxdVTy0_s4KqUOml1RxCs6T09GRq4GC2cRa0kfI1DeZVr-Zz6Tbfo_k4orsVWcRcVEgUSgEEKhI-OOQcwrknb9w-mEhQy03VoKeMYCOy5OAPnpcwHrApv80KkgYxeAyyFEyKZ3J_BxHNtkg8jL7KWIJqtABA7rteiGOAtekKjfAOzXS-qbl3Q_KMOvQZrPZiEwWx9C0UIyVj-77rI6Z8OMrfuoBZQ0jc1Ni6QLg3XqOUpZggvFVItkhZnEAhP2iAdrvBohDptwiaCLUx2N4z8gLPICmMVMGxmZMbsNf7n4j55UdNFVfXEBPBoQtnz2tV5FO4tNYxFg3l6UIJdRMB3DQI09ZPLLp7Lh-CmZ2gMc0tYwq8fm8oIvzYfOK7BFLDaLPoEV06wmMmXUryL8pdDM1-Y0f7qA-MV2hronPQvWBKiiPffzGGa8n548mMHqbSF-1tLUB_plyZ0UfMWcVotzWYcK6Tnx9F64c3HPTtgvoP4zr6A2KaoyhgZLaWpQExSuFNuJAUxtF8N9nDQctHdqSvDNFSc3MVAh8oAr9_TyvVGEBqSdc2JR6-rR-l_s_yMyDa3VNZfKURn9_EL4szKHF51y5EGvGoVF6NlwOwoy5cF8XwuK2aBRhDkVo1BcfpKcxTE4k0RCCcNARqbdL0fwuzK01j7xUUzl88s4epnud9InaX_TZ5SLdJIHRGg3w29am_zFVZb6QNzFmANC_7rxEezVEhDEVGwkOt-AfaYX7_p_5JL6UATMf0N_8c3AnSfyYcGzTs1xwhnz3pnTW7-zc6gNB10caJ7AoPRUTbhLxAccWXlHjVS3IsILHIQtIhFQ8YVmG8lsOUsQXkzarTAnnFJyfApcBCTdQXp4kGWH__itsL4kSND01sXwvMFxulU-7fVja3U HTTP 307
    https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave&GuestId=b5e93e2a-4b09-400a-9421-fdec2915cae0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://outlook.office365.com/favicon.ico HTTP 302
  • https://outlook.office365.com/owa/favicon.ico

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request groupsubscription.ashx
outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/
Redirect Chain
  • https://url.us.m.mimecastprotect.com/s/HJUOCW6lorH5PQ3qxUKiKHosZ2c?domain=outlook.office365.com
  • https://url.us.m.mimecastprotect.com/r/HPQGfbjQAu6TqoplLkzytBFf6r-qXm5LE8R62IveckCd90CAcG6pLHSNza-4cURj7ugxSoJkCaZPlqMebuI19POejm2np5O_hTT6r-8RNZw-Lny3wmBNW1edU6ljY9GYkX-XCWW8_MRBik0tvFpg-AzjT6gNxt...
  • https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave&GuestId=b5e93e2a-4b09-400a-9421-fdec2915cae0
17 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave&GuestId=b5e93e2a-4b09-400a-9421-fdec2915cae0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:302:415d::2 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4af6556535ec9dcee38e2578e1d52b5427dded7605d0c57ae7f05e25e25b464d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
no-cache, no-store
content-length
17792
content-type
text/html; charset=utf-8
date
Thu, 14 Nov 2024 14:14:04 GMT
expires
-1
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
pragma
no-cache
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ&RemoteIP=2600:803:a88::&Environment=MT"}],"include_subdomains":true}
request-id
e66d8078-7847-2347-e459-e1d6c985d0c7
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-11-14T14:14:05.335
x-backend-end
2024-11-14T14:14:05.382
x-backendhttpstatus
200
x-beserver
MN2PR17MB4093
x-besku
WCS6
x-calculatedbetarget
MN2PR17MB4093.namprd17.prod.outlook.com
x-content-type-options
nosniff
x-diaginfo
MN2PR17MB4093
x-feefzinfo
MNZ
x-feproxyinfo
MN2PR06CA0026.NAMPRD06.PROD.OUTLOOK.COM
x-feserver
MN2PR06CA0026
x-firsthopcafeefz
MNZ
x-frame-options
SAMEORIGIN
x-owa-diagnosticsinfo
152;50;4;
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-responseorigin
OwaAppPool
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7

Redirect headers

Cache-control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Nov 2024 14:14:05 GMT
Location
https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave&GuestId=b5e93e2a-4b09-400a-9421-fdec2915cae0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, nofollow
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d1b3fb4bfb8045fa7bbb8b34b103b51c6335ebb38bc011c7be2a3c8f53b5be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8752b7d399863e9ee0a7b0d4bf598917c74bb932ea9aa3997f033eb29b95d56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
favicon.ico
outlook.office365.com/owa/
Redirect Chain
  • https://outlook.office365.com/favicon.ico
  • https://outlook.office365.com/owa/favicon.ico
8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/favicon.ico
Protocol
H2
Server
2603:1036:302:415d::2 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://outlook.office365.com/owa/IWIRC-Connecticut@gs-lawfirm.com/groupsubscription.ashx?source=EscalatedMessage&action=leave&GuestId=b5e93e2a-4b09-400a-9421-fdec2915cae0

Response headers

x-feserver
DS7P222CA0010, MN2PR06CA0026
etag
"071c470b035db1:0"
x-rum-notupdatequerieddbcopy
1
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ&RemoteIP=2600:803:a88::&Environment=MT"}],"include_subdomains":true}
x-content-type-options
nosniff
request-id
c465906c-907c-1bcd-80d8-3d5d3894a798
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-type
image/x-icon
last-modified
Wed, 13 Nov 2024 09:43:06 GMT
x-proxy-routingcorrectness
1
x-rum-validated
1
x-responseorigin
OwaAppPool
cache-control
public,max-age=2592000
x-feefzinfo
MNZ
x-calculatedfetarget
DS7P222CU001.internal.outlook.com
accept-ranges
bytes
content-length
7886
x-calculatedbetarget
DS7PR06MB6821.namprd06.prod.outlook.com
server
Microsoft-IIS/10.0
x-firsthopcafeefz
MNZ
x-backend-begin
2024-11-14T14:14:05.666
x-diaginfo
DS7PR06MB6821
x-ua-compatible
IE=EmulateIE7
date
Thu, 14 Nov 2024 14:14:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-feproxyinfo
MN2PR06CA0026.NAMPRD06.PROD.OUTLOOK.COM
x-backend-end
2024-11-14T14:14:05.666
x-backendhttpstatus
200, 200
x-rum-notupdatequeriedpath
1
x-proxy-backendserverstatus
200
x-beserver
DS7PR06MB6821

Redirect headers

x-feserver
MN2PR06CA0026
strict-transport-security
max-age=31536000; includeSubDomains; preload
location
/owa/favicon.ico
x-feefzinfo
MNZ
ms-cv
wEgtFCP9qY7E6ycMpHLeBg.0
x-feproxyinfo
MN2PR06CA0026.NAMPRD06.PROD.OUTLOOK.COM
request-id
142d48c0-fd23-8ea9-c4eb-270ca472de06
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
133
date
Thu, 14 Nov 2024 14:14:04 GMT
content-type
text/html; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setCookie

2 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: ClientId
Value: BFEDB9A9D6584D21BD77A323EF73AAFB
outlook.office365.com/ Name: OIDC
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN