mail.telesom.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 197.157.246.67, located in Baidoa, Somalia and belongs to TELESOM, SO. The main domain is mail.telesom.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 19th 2022. Valid for: a year.

This is the only time mail.telesom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4 10	197.157.246.67 197.157.246.67		37473 (TELESOM) (TELESOM)
6	1

10 197.157.246.67 (Baidoa, Somalia) 4 redirects

ASN37473 (TELESOM, SO)
PTR: mail.telesom.com

mail.telesom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	telesom.com 4 redirects mail.telesom.com	45 KB
6	1

	Domain	Requested by
10	mail.telesom.com	4 redirects mail.telesom.com
6	1

This site contains no links.

Subject Issuer	Validity	Valid
*.telesom.com Go Daddy Secure Certificate Authority - G2	`2022-06-19` - `2023-07-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
Frame ID: B547DC03EB39901F0BF92A8013269D4D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Outlook Web App

Page URL History Show full URLs

http://mail.telesom.com/ HTTP 302
https://mail.telesom.com/ HTTP 302
https://mail.telesom.com/owa/ HTTP 302
https://mail.telesom.com/owa/auth/logon.aspx?url=https%3a%2f%2fmail.telesom.com%2fowa%2f&reason=0 HTTP 302
https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

43 kB
Transfer

41 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.telesom.com/ HTTP 302
https://mail.telesom.com/ HTTP 302
https://mail.telesom.com/owa/ HTTP 302
https://mail.telesom.com/owa/auth/logon.aspx?url=https%3a%2f%2fmail.telesom.com%2fowa%2f&reason=0 HTTP 302
https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login2fa Show response
mail.telesom.com/fortinet/
Redirect Chain

http://mail.telesom.com/
https://mail.telesom.com/
https://mail.telesom.com/owa/
https://mail.telesom.com/owa/auth/logon.aspx?url=https%3a%2f%2fmail.telesom.com%2fowa%2f&reason=0
https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

3 KB
4 KB

159ms
158ms

Document
text/html

197.157.246.67
TELESOM

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.157.246.67 Baidoa, Somalia, ASN37473 (TELESOM, SO),

Reverse DNS

mail.telesom.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f0bf4769e3117c817de204247d7c3c11f91b4602ffd98aff0c90e8ae76cb0c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 3494
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 18:54:37 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

Redirect headers

Content-Length: 216
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 18:54:37 GMT
Location: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
Server: Microsoft-IIS/10.0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-OWA-Version: 15.1.2375.34
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
request-id: a61b5abd-6a5c-4f7e-91fe-59b5d1267dd1

GET
H/1.1 200
OK LoginForm.css
mail.telesom.com/fortinet/theme/v1.0/ 4 KB
5 KB 156ms
155ms Stylesheet
text/css 197.157.246.67
TELESOM

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.telesom.com/fortinet/theme/v1.0/LoginForm.css

Requested by

Host: mail.telesom.com
URL: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.157.246.67 Baidoa, Somalia, ASN37473 (TELESOM, SO),

Reverse DNS

mail.telesom.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0847fde14973af2fdd1e358c01c8236ec1526b18b3ab3002fa5a6d10526c616e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 18:54:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Feb 2020 04:07:45 GMT
Server: Microsoft-IIS/10.0
ETag: "4eeba6fca2dcd51:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4283
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK LoginForm.js Show response
mail.telesom.com/fortinet/theme/v1.0/ 1 KB
2 KB 311ms
154ms Script
application/javascript 197.157.246.67
TELESOM

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.telesom.com/fortinet/theme/v1.0/LoginForm.js

Requested by

Host: mail.telesom.com
URL: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.157.246.67 Baidoa, Somalia, ASN37473 (TELESOM, SO),

Reverse DNS

mail.telesom.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2ed8eeda990ec072e0c221e58ac8e7669c1a3e0a1bb9c4e35f8c806a72120d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 18:54:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jan 2018 07:32:18 GMT
Server: Microsoft-IIS/10.0
ETag: "06d63d19b83d31:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1368
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK olk_logo_white.png
mail.telesom.com/fortinet/theme/v1.0/ 2 KB
3 KB 317ms
166ms Image
image/png 197.157.246.67
TELESOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.telesom.com/fortinet/theme/v1.0/olk_logo_white.png

Requested by

Host: mail.telesom.com
URL: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.157.246.67 Baidoa, Somalia, ASN37473 (TELESOM, SO),

Reverse DNS

mail.telesom.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 18:54:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jan 2018 07:32:18 GMT
Server: Microsoft-IIS/10.0
ETag: "06d63d19b83d31:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2503
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owa_text_blue.png
mail.telesom.com/fortinet/theme/v1.0/ 28 KB
29 KB 155ms
155ms Image
image/png 197.157.246.67
TELESOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.telesom.com/fortinet/theme/v1.0/owa_text_blue.png

Requested by

Host: mail.telesom.com
URL: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.157.246.67 Baidoa, Somalia, ASN37473 (TELESOM, SO),

Reverse DNS

mail.telesom.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3759a68cb81c82a8c13d6b486bd183bf21ecb7de2ac0312d6c3c1a4e5a86eb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 18:54:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 27 Jan 2020 16:08:41 GMT
Server: Microsoft-IIS/10.0
ETag: "2a19e1a2cd5d51:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29037
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Sign_in_arrow.png
mail.telesom.com/fortinet/theme/v1.0/ 1 KB
2 KB 292ms
157ms Image
image/png 197.157.246.67
TELESOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.telesom.com/fortinet/theme/v1.0/Sign_in_arrow.png

Requested by

Host: mail.telesom.com
URL: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.157.246.67 Baidoa, Somalia, ASN37473 (TELESOM, SO),

Reverse DNS

mail.telesom.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.telesom.com/fortinet/login2fa?reason=0&url=https%3a%2f%2fmail.telesom.com%2fowa%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 18:54:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Jan 2018 07:32:18 GMT
Server: Microsoft-IIS/10.0
ETag: "06d63d19b83d31:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1441
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| gbid function| checkSubmit function| clkLgn

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mail.telesom.com/	1970-01-20 18:12:39	Name: cookiesession1 Value: 678B287956789890234ABCDEFGHIACDE
			mail.telesom.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: loh1jc1eky5i23atwl35llhz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mail.telesom.com
197.157.246.67
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
0847fde14973af2fdd1e358c01c8236ec1526b18b3ab3002fa5a6d10526c616e
2ed8eeda990ec072e0c221e58ac8e7669c1a3e0a1bb9c4e35f8c806a72120d45
3759a68cb81c82a8c13d6b486bd183bf21ecb7de2ac0312d6c3c1a4e5a86eb45
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
f0bf4769e3117c817de204247d7c3c11f91b4602ffd98aff0c90e8ae76cb0c27

mail.telesom.com Open in urlscan Pro 197.157.246.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

43 kBTransfer

41 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

mail.telesom.com Open in urlscan Pro
197.157.246.67 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

43 kB
Transfer

41 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions