urlscan.io logo urlscan.io
SecurityTrails logo

www.secure.office365safeandsecuree.xyz Open in urlscan Pro
198.23.191.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.secure.office365safeandsecuree.xyz/
Effective URL: https://www.secure.office365safeandsecuree.xyz/
Submission: On July 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 198.23.191.61, located in Buffalo, United States and belongs to AS-COLOCROSSING - ColoCrossing, US. The main domain is www.secure.office365safeandsecuree.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 16th 2019. Valid for: 3 months.
This is the only time www.secure.office365safeandsecuree.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 198.23.191.61 36352 (AS-COLOCR...)
3 2a01:4a0:1338... 201011 (NETZBETRI...)
1 2a01:4a0:1338... 201011 (NETZBETRI...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
16 5
Domain Requested by
3 statics-uhf-eus.akamaized.net www.secure.office365safeandsecuree.xyz
2 www.secure.office365safeandsecuree.xyz 1 redirects
1 mem.gfx.ms www.secure.office365safeandsecuree.xyz
1 img-prod-cms-rt-microsoft-com.akamaized.net www.secure.office365safeandsecuree.xyz
0 blob.officehome.msocdn.com Failed www.secure.office365safeandsecuree.xyz
16 5

This site contains no links.

Subject Issuer Validity Valid
login.secure.office365safeandsecuree.xyz
Let's Encrypt Authority X3		 2019-07-16 -
2019-10-14		 3 months crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-10-18 -
2019-10-18		 a year crt.sh
mem.gfx.ms
Microsoft IT TLS CA 2		 2018-02-05 -
2020-02-05		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.secure.office365safeandsecuree.xyz/
Frame ID: E6063BFCB11ADBB85DDAA8EE02FEF807
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.secure.office365safeandsecuree.xyz/ HTTP 302
    https://www.secure.office365safeandsecuree.xyz/ Page URL

Page Statistics

16
Requests

38 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

158 kB
Transfer

403 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.secure.office365safeandsecuree.xyz/ HTTP 302
    https://www.secure.office365safeandsecuree.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.secure.office365safeandsecuree.xyz/
Redirect Chain
  • http://www.secure.office365safeandsecuree.xyz/
  • https://www.secure.office365safeandsecuree.xyz/
88 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.secure.office365safeandsecuree.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.23.191.61 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
198-23-191-61-host.colocrossing.com
Software
/
Resource Hash
cae64da3620c40127cb68a3c3adf9bffbc3170790f879fbce1f95f01550023b1

Request headers

Host
www.secure.office365safeandsecuree.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Jul 2019 21:02:36 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Set-Cookie
OH.DCAffinity=OH-eus; Path=/; HttpOnly OH.SID=978730b2-bf8e-4fa1-a8b1-28c0a687f9f3; Path=/; HttpOnly p.UnAuthUserCookie=3da896dd-7be4-44b6-b258-ae241c9be2df; Path=/; HttpOnly OH.DCAffinity=OH-eus; Path=/; HttpOnly MUID=24D984CA390460561529895138F96150; Path=/; Domain=secure.office365safeandsecuree.xyz
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Msedge-Ref
Ref A: DED84EC365C34534B78FF9C9573F9DB0 Ref B: BLUEDGE1021 Ref C: 2019-07-16T21:02:37Z
X-Ua-Compatible
IE=edge,chrome=1

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://www.secure.office365safeandsecuree.xyz/
Date
Tue, 16 Jul 2019 21:02:36 GMT
Content-Length
70
segoeui_light.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		0
0
segoeui_regular.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		0
0
segoeui_semibold.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		0
0
segoeui_semilight.woff2
blob.officehome.msocdn.com/versionless/webfonts/ 		0
0
unauth-cb054a4daf.css
blob.officehome.msocdn.com/bundles/ 		0
0
sharedfontstyles-30d1fc43fd.css
blob.officehome.msocdn.com/bundles/ 		0
0
51-6d3a1e
statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/ 		160 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Requested by
Host: www.secure.office365safeandsecuree.xyz
URL: https://www.secure.office365safeandsecuree.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff09 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3abc05cf7fcd206115a9f2871547be6a8649c34b2efc0d1f77441147a5a78bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.secure.office365safeandsecuree.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id
9ab51c8d3a0ab04f8e338ba14d93b387
Date
Tue, 16 Jul 2019 21:02:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2019-03-05T19:58:37
P3P
CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id
00000000-cc58-4e20-8ba2-fe35448255a2
Connection
keep-alive
MS-CV
3c8HDud2aUurNXq6.0
Vary
Accept-Encoding
Content-Length
21538
X-XSS-Protection
1
Last-Modified
Tue, 05 Mar 2019 19:58:37 GMT
Server
Microsoft-IIS/10.0
X-Az
{did:-, rid: -, sn: uhf-eus-prod, dt: 2019-03-05T19:08:15.5042997Z, bt: 2019-02-27T00:18:04.0000000Z}
X-S1
2019-03-05T19:58:37
Access-Control-Allow-Methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=20040959
Timing-Allow-Origin
*
X-AppVersion
1.0.6997.542
Expires
Wed, 04 Mar 2020 19:58:37 GMT
override.css
statics-uhf-eus.akamaized.net/statics/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-eus.akamaized.net/statics/override.css?c=7
Requested by
Host: www.secure.office365safeandsecuree.xyz
URL: https://www.secure.office365safeandsecuree.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff09 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

Referer
https://www.secure.office365safeandsecuree.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 16 Jul 2019 21:02:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 19:05:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6A19D82194196
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
ea62f969-a01e-004f-7487-d3fc71000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: www.secure.office365safeandsecuree.xyz
URL: https://www.secure.office365safeandsecuree.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer
https://www.secure.office365safeandsecuree.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cms-cdninvalkey
am:RE1Mu3b
date
Tue, 16 Jul 2019 21:02:38 GMT
x-aspnet-version
4.0.30319
x-source-length
4054
x-powered-by
ASP.NET
status
200
x-activityid
a0ad536b-df36-4bc3-8e49-b394f94b5956
content-location
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
x-deployment
a89a5014e89c41b7b60a64d7ee950637
content-length
4054
last-modified
Sun, 14 Jul 2019 17:23:59 GMT
server
Microsoft-IIS/10.0
x-datacenter
NorthEU
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=246081
x-instance
Resizer.Web_IN_0
timing-allow-origin
*
expires
Fri, 19 Jul 2019 17:23:59 GMT
hero-still-image-desktop-89e7da971f.jpg
blob.officehome.msocdn.com/images/content/images/ 		0
0
unauth-vendor-b5e15713c1.js
blob.officehome.msocdn.com/bundles/ 		0
0
sharedscripts-3b5e8eac10.js
blob.officehome.msocdn.com/bundles/ 		0
0
unauth-49e566bfcb.js
blob.officehome.msocdn.com/bundles/ 		0
0
18-d72213
statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc01... 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc0148/dc-7e9864/78-4c7d22/9f-d154ca/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/32-6dafa3/93-283c2d/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/18-d72213?ver=2.0&iife=1
Requested by
Host: www.secure.office365safeandsecuree.xyz
URL: https://www.secure.office365safeandsecuree.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff09 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.secure.office365safeandsecuree.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id
743514bf79ec144ebf733933c1211ed9
Date
Tue, 16 Jul 2019 21:02:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2019-03-05T19:58:56
P3P
CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id
00000000-847f-4c92-af5e-ec7e62259789
Connection
keep-alive
MS-CV
PYfp7yTCFkGqbXBN.0
Vary
Accept-Encoding
Content-Length
33384
X-XSS-Protection
1
Last-Modified
Tue, 05 Mar 2019 19:58:56 GMT
Server
Microsoft-IIS/10.0
X-Az
{did:-, rid: -, sn: uhf-eus-prod, dt: 2019-03-05T19:51:26.9163129Z, bt: 2019-02-27T00:18:04.0000000Z}
X-S1
2019-03-05T19:58:56
Access-Control-Allow-Methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=20040977
Timing-Allow-Origin
*
X-AppVersion
1.0.6997.542
Expires
Wed, 04 Mar 2020 19:58:55 GMT
meversion
mem.gfx.ms/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=office&market=en-us&uhf=1
Requested by
Host: www.secure.office365safeandsecuree.xyz
URL: https://www.secure.office365safeandsecuree.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
5e8cb9da3700129201b9c94fb0a27e08ceb65c2f832f9b66fd44b960c613d3fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secure.office365safeandsecuree.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 16 Jul 2019 21:02:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Type
application/javascript
Expires
Wed, 17 Jul 2019 06:41:05 GMT
Cache-Control
public, no-transform, max-age=43200
Connection
keep-alive
Content-Length
8899
X-UA-Compatible
IE=edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_light.woff2
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_regular.woff2
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_semibold.woff2
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/versionless/webfonts/segoeui_semilight.woff2
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/bundles/unauth-cb054a4daf.css
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/bundles/sharedfontstyles-30d1fc43fd.css
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/images/content/images/hero-still-image-desktop-89e7da971f.jpg
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/bundles/unauth-vendor-b5e15713c1.js
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/bundles/sharedscripts-3b5e8eac10.js
Domain
blob.officehome.msocdn.com
URL
https://blob.officehome.msocdn.com/bundles/unauth-49e566bfcb.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies