URL: https://outlook-addin.dev.vms.legogroup.io/
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 13.224.189.7, located in United States and belongs to AMAZON-02, US. The main domain is outlook-addin.dev.vms.legogroup.io.
TLS certificate: Issued by Amazon on August 18th 2022. Valid for: a year.
This is the only time outlook-addin.dev.vms.legogroup.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.224.189.7 16509 (AMAZON-02)
2 104.96.95.223 16625 (AKAMAI-AS)
6 3
Apex Domain
Subdomains
Transfer
3 legogroup.io
outlook-addin.dev.vms.legogroup.io
1 MB
2 microsoft.com
appsforoffice.microsoft.com — Cisco Umbrella Rank: 754
54 KB
0 oaspapps.com Failed
telemetryservice.firstpartyapps.oaspapps.com Failed
6 3
Domain Requested by
3 outlook-addin.dev.vms.legogroup.io outlook-addin.dev.vms.legogroup.io
2 appsforoffice.microsoft.com outlook-addin.dev.vms.legogroup.io
appsforoffice.microsoft.com
0 telemetryservice.firstpartyapps.oaspapps.com Failed appsforoffice.microsoft.com
6 3

This site contains no links.

Subject Issuer Validity Valid
outlook-addin.dev.vms.legogroup.io
Amazon
2022-08-18 -
2023-09-16
a year crt.sh
appsforoffice.microsoft.com
Microsoft Azure TLS Issuing CA 01
2023-01-04 -
2023-12-30
a year crt.sh

This page contains 2 frames:

Primary Page: https://outlook-addin.dev.vms.legogroup.io/
Frame ID: 5EE391192171F4D62F353D5B929652F0
Requests: 5 HTTP requests in this frame

Frame: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: 3D6359CD2889F24E3F70B43B3A6365B6
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

External Visitors

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1293 kB
Transfer

1461 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
outlook-addin.dev.vms.legogroup.io/
3 KB
4 KB
Document
General
Full URL
https://outlook-addin.dev.vms.legogroup.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a640e228a0360236cfb00232e5ff96972a4e8b3df2583ecad0f6c9d2fed89222

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store
content-length
3384
content-type
text/html
date
Wed, 01 Mar 2023 08:58:34 GMT
etag
"c000284a9dc7f034fd18dd371f47d53e"
last-modified
Wed, 01 Mar 2023 03:17:03 GMT
server
AmazonS3
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-id
KnewmsGbc6pjBHdHLU5jN2_zIWXCRxv0kJXgUcj-SAUtKv_oQIMAog==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
index.f8986c36.js
outlook-addin.dev.vms.legogroup.io/assets/
1 MB
1 MB
Script
General
Full URL
https://outlook-addin.dev.vms.legogroup.io/assets/index.f8986c36.js
Requested by
Host: outlook-addin.dev.vms.legogroup.io
URL: https://outlook-addin.dev.vms.legogroup.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4ee03f56085a38a76bce974d4fb99bf36959dcd199dfacf62ebf019eaa4bb17

Request headers

Referer
https://outlook-addin.dev.vms.legogroup.io/
Origin
https://outlook-addin.dev.vms.legogroup.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 08:58:34 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
last-modified
Wed, 01 Mar 2023 03:17:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"a645f0ca0099d78f55a469bdf6e0b25b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
1240839
x-amz-cf-id
mL8DXZHhEkfXPscQMSWvKo9EB2aKE4io0loOo_TZy1Qesz8Kp8XG6Q==
index.64ff1643.css
outlook-addin.dev.vms.legogroup.io/assets/
21 KB
21 KB
Stylesheet
General
Full URL
https://outlook-addin.dev.vms.legogroup.io/assets/index.64ff1643.css
Requested by
Host: outlook-addin.dev.vms.legogroup.io
URL: https://outlook-addin.dev.vms.legogroup.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64ff1643e96578eff74d2e369d41aa62d6a6a29987b2211d2eda07ccc7f8af68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook-addin.dev.vms.legogroup.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 08:58:34 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
last-modified
Wed, 01 Mar 2023 03:17:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"c8e798accfb5ea4f0f7d26ce084c4e13"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
21476
x-amz-cf-id
sC1o5KNnsCvLjeqXu0COtyFSZHXA-qBwyQP3f51cG04PuFSX-WMj1Q==
Office.js
appsforoffice.microsoft.com/lib/1/hosted/
59 KB
17 KB
Script
General
Full URL
https://appsforoffice.microsoft.com/lib/1/hosted/Office.js
Requested by
Host: outlook-addin.dev.vms.legogroup.io
URL: https://outlook-addin.dev.vms.legogroup.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.95.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-95-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f33f9b04d7e4e55bf95803bab4b7fac080f046b16d5a277abbeb0d25467f644

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlook-addin.dev.vms.legogroup.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 08:58:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2023 18:40:44 GMT
Server
Microsoft-IIS/10.0
ETag
"0de97af233bd91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=10514
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17110
o15apptofilemappingtable.js
appsforoffice.microsoft.com/lib/1/hosted/
167 KB
37 KB
Script
General
Full URL
https://appsforoffice.microsoft.com/lib/1/hosted/o15apptofilemappingtable.js
Requested by
Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1/hosted/Office.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.95.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-95-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522

Request headers

Referer
https://outlook-addin.dev.vms.legogroup.io/
Origin
https://outlook-addin.dev.vms.legogroup.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 08:58:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2023 18:40:44 GMT
Server
Microsoft-IIS/10.0
ETag
"0de97af233bd91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=10185
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37609
telemetryproxy.html
telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame 3D63
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
telemetryservice.firstpartyapps.oaspapps.com
URL
https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| OSFPerformance object| OSF object| ScriptLoading object| OfficeExt object| Office object| OTel object| CustomFunctionMappings object| CustomFunctions boolean| g_isExpEnabled boolean| g_isOfflineLibrary object| oteljs object| Microsoft function| __extends object| OsfMsAjaxFactory object| OSFLog object| Logger object| OSFAppTelemetry function| Type object| Sys object| AriaLogger object| __SENTRY__

0 Cookies