URL: https://gateway.echoforteams.app/
Submission: On September 20 via automatic, source certstream-suspicious — Scanned from CH

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 51.107.58.162, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is gateway.echoforteams.app.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 20th 2024. Valid for: 6 months.
This is the only time gateway.echoforteams.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 51.107.58.162 8075 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 2
Apex Domain
Subdomains
Transfer
4 echoforteams.app
gateway.echoforteams.app
250 KB
1 office.net
res.cdn.office.net — Cisco Umbrella Rank: 181
1 KB
5 2
Domain Requested by
4 gateway.echoforteams.app gateway.echoforteams.app
1 res.cdn.office.net gateway.echoforteams.app
5 2

This site contains no links.

Subject Issuer Validity Valid
gateway.echoforteams.app
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-09-20 -
2025-03-20
6 months crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA
2024-02-20 -
2025-02-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://gateway.echoforteams.app/
Frame ID: 4696FA8DA5529107063ABAA76E5DE426
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

echo

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

251 kB
Transfer

758 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gateway.echoforteams.app/
464 B
1 KB
Document
General
Full URL
https://gateway.echoforteams.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bd3d50962fe2c75a16da70800656ca350ea3e7ee00a4e3aa4085cb5df934ea78
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
public, must-revalidate, max-age=30
Content-Encoding
br
Content-Type
text/html
Date
Fri, 20 Sep 2024 08:52:48 GMT
ETag
"52076424"
Last-Modified
Fri, 20 Sep 2024 06:44:40 GMT
Referrer-Policy
same-origin
Request-Context
appId=cid-v1:a285670c-af3c-488f-bcce-7677768f22a5
Server
Kestrel
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-dns-prefetch-control
off
index-CI7Gyz5J.js
gateway.echoforteams.app/assets/
706 KB
235 KB
Script
General
Full URL
https://gateway.echoforteams.app/assets/index-CI7Gyz5J.js
Requested by
Host: gateway.echoforteams.app
URL: https://gateway.echoforteams.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5cff8067aaf3fee4808d834399afb6bf11e48b3a6404586c6fd24d1428afe143
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gateway.echoforteams.app
Referer
https://gateway.echoforteams.app/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Cache-Control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
Content-Encoding
br
ETag
"52076424"
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:a285670c-af3c-488f-bcce-7677768f22a5
Date
Fri, 20 Sep 2024 08:52:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Last-Modified
Fri, 20 Sep 2024 06:44:40 GMT
Server
Kestrel
Vary
Accept-Encoding
index-DHmsL3tB.css
gateway.echoforteams.app/assets/
46 KB
9 KB
Stylesheet
General
Full URL
https://gateway.echoforteams.app/assets/index-DHmsL3tB.css
Requested by
Host: gateway.echoforteams.app
URL: https://gateway.echoforteams.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
141931adff94855275b927b1e35318bc766416e4c97a59b4df9b5a1ee2561ba4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gateway.echoforteams.app
Referer
https://gateway.echoforteams.app/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Cache-Control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
Content-Encoding
br
ETag
"52076424"
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:a285670c-af3c-488f-bcce-7677768f22a5
Date
Fri, 20 Sep 2024 08:52:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Last-Modified
Fri, 20 Sep 2024 06:44:40 GMT
Server
Kestrel
Vary
Accept-Encoding
validDomains.json
res.cdn.office.net/teams-js/validDomains/json/
1 KB
1 KB
Fetch
General
Full URL
https://res.cdn.office.net/teams-js/validDomains/json/validDomains.json
Requested by
Host: gateway.echoforteams.app
URL: https://gateway.echoforteams.app/assets/index-CI7Gyz5J.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:626c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcd8928f583b7b4a824659cb68fe8091048a77950eb0d65ffde8cfac0a14a988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
gzip
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.82632617.1726822369.25dcdd0c&TotalRTCDNTime=28&CompressionType=gzip&FileSize=300"}],"include_subdomains ":true}
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=28, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Fri, 20 Sep 2024 08:52:49 GMT
last-modified
Fri, 23 Aug 2024 21:55:23 GMT
vary
Accept-Encoding
content-type
application/json
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=630720000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=23.38.99.130,b=635231500,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
fad24515-701e-005b-3130-f7c6ac000000
access-control-allow-origin
*
content-length
300
favicon.ico
gateway.echoforteams.app/
4 KB
5 KB
Other
General
Full URL
https://gateway.echoforteams.app/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gateway.echoforteams.app/

Response headers

Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Cache-Control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
ETag
"52076424"
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:a285670c-af3c-488f-bcce-7677768f22a5
Content-Length
4286
Date
Fri, 20 Sep 2024 08:52:48 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/vnd.microsoft.icon
Last-Modified
Fri, 20 Sep 2024 06:44:40 GMT
Server
Kestrel

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| __tsUtils$gblCfg object| __dynProto$Gbl

2 Cookies

Domain/Path Name / Value
.gateway.echoforteams.app/ Name: ARRAffinity
Value: a490e01a206ffde9a44537c66221f726750fbe5ae086c9bec691611a8b6e2d73
.gateway.echoforteams.app/ Name: ARRAffinitySameSite
Value: a490e01a206ffde9a44537c66221f726750fbe5ae086c9bec691611a8b6e2d73

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block