office365.admin-alerts.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 1 HTTP transactions. The main IP is 18.214.172.207, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is office365.admin-alerts.com.

This is the only time office365.admin-alerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID - SendGrid)
1 2	18.214.172.207 18.214.172.207	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2

1 167.89.118.52 (United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789118x52.outbound-mail.sendgrid.net

emaillink.helpdesk-notification.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.172.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-172-207.compute-1.amazonaws.com

office365.admin-alerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	admin-alerts.com 1 redirects office365.admin-alerts.com	78 KB
1	helpdesk-notification.com 1 redirects emaillink.helpdesk-notification.com	353 B
1	2

	Domain	Requested by
2	office365.admin-alerts.com	1 redirects
1	emaillink.helpdesk-notification.com	1 redirects
1	2

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://office365.admin-alerts.com/404/refused
Frame ID: 21582D3CC4355169CC0496923E3292E2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://emaillink.helpdesk-notification.com/wf/click?upn=0yElIf-2B8hbjJiKQsGEg7LkObk7PdustH2f5TQKXYaxOmD6V7K6LmrxEc6F8n6... HTTP 302
http://office365.admin-alerts.com/public/afterLogin/?campaignId=5d00186af4a5d20010aecff2&marid=1104067620&targ... HTTP 302
http://office365.admin-alerts.com/404/refused Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

78 kB
Transfer

255 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/search?q=https://office365.admin-alerts.com/refused
Title: https://office365.admin-alerts.com/refused

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emaillink.helpdesk-notification.com/wf/click?upn=0yElIf-2B8hbjJiKQsGEg7LkObk7PdustH2f5TQKXYaxOmD6V7K6LmrxEc6F8n6Jrwwwa5N85ShC4FL2QUp9sy8gbSAfw0huiOo8u0LUHSrLA05MtySyLNe85AIZu6AMDP7gdh8GLPCJBchl8Dx3E3sVEeF1VwJRlb0QNSCVn7hRS6TKr6AVFG3ErNScuAF5gi4QduRsPvaxx336jzy2i8fA-3D-3D_N0xfFUnL-2FmhhiUqpjB5FAo2V2znxxyPbb48p1iGU1bt4USWrvp2y5oj3aerLRBHhSzRfvosmPFdFHZZMXa6pyole45SYbygYxDBJvbe-2BD1P6W0oJMBJ9vBxsJSC6aANE5Pp24cU-2B8OpYo-2BgMUFw1No20Y1zWBJPQ02GuPEI-2BfNVBAUhVFI95dbAr3RYIAFD8Z3e2Nb7t-2B58CVAamptjKbwgvkmOpisaXMSaZFqSRyBEjbSatsJu2qYG6IP2R2kOL7ZrDVgXYytQgN2P-2BCRPOmQ3-2FyRqJX-2Fh6h4o7XD7dZrSj-2B8o1OGa-2FNNQrH76x9H9C HTTP 302
http://office365.admin-alerts.com/public/afterLogin/?campaignId=5d00186af4a5d20010aecff2&marid=1104067620&target=bsmith%40confluencewealth.com HTTP 302
http://office365.admin-alerts.com/404/refused Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request refused Show response office365.admin-alerts.com/404/ Redirect Chain http://emaillink.helpdesk-notification.com/wf/click?upn=0yElIf-2B8hbjJiKQsGEg7LkObk7PdustH2f5TQKXYaxOmD6V7K6LmrxEc6F8n6Jrwwwa5N85ShC4FL2QUp9sy8gbSAfw0huiOo8u0LUHSrLA05MtySyLNe85AIZu6AMDP7gdh8GLPCJB... http://office365.admin-alerts.com/public/afterLogin/?campaignId=5d00186af4a5d20010aecff2&marid=1104067620&target=bsmith%40confluencewealth.com http://office365.admin-alerts.com/404/refused	249 KB 78 KB	106ms 105ms	Document text/html	18.214.172.207 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://office365.admin-alerts.com/404/refused Protocol HTTP/1.1 Server 18.214.172.207 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-18-214-172-207.compute-1.amazonaws.com Software / Resource Hash `4db89d9b4aed32beefe38b2ddd0a3d1fed70ee922967be710fedba78d20e0d99` Request headers Host office365.admin-alerts.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 18 Jun 2019 15:30:46 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive server vary origin,accept-encoding cache-control no-cache content-encoding gzip Redirect headers Date Tue, 18 Jun 2019 15:30:46 GMT Content-Length 0 Connection keep-alive location /404/refused vary origin,accept-encoding cache-control no-cache
GET DATA	200 OK	truncated /	155 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521` Request headers Referer http://office365.admin-alerts.com/404/refused User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f` Request headers Referer http://office365.admin-alerts.com/404/refused User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879` Request headers Referer http://office365.admin-alerts.com/404/refused User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

emaillink.helpdesk-notification.com
office365.admin-alerts.com
167.89.118.52
18.214.172.207
4db89d9b4aed32beefe38b2ddd0a3d1fed70ee922967be710fedba78d20e0d99
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f

office365.admin-alerts.com Open in urlscan Pro 18.214.172.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

78 kBTransfer

255 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

0 Cookies

Indicators

office365.admin-alerts.com Open in urlscan Pro
18.214.172.207 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

78 kB
Transfer

255 kB
Size

0
Cookies

1 HTTP transactions
3 data transactions