outlook-app.thrive-sandbox.com Open in urlscan Pro
52.85.65.97  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response outlook-app.thrive-sandbox.com/	525 B 912 B	554ms 444ms	Document text/html	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 6303f1165f726b92354e7de8e7c65f0aa4441a947000122c4714d82dd02df6c3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 525 content-type text/html date Mon, 12 Aug 2024 21:01:36 GMT etag "a810c4047175079b58b55d24ca8a9e5a" last-modified Wed, 07 Aug 2024 09:32:11 GMT server AmazonS3 via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) x-amz-cf-id Lo9x-2_o9vPvV1hX9PEAvrt9qUtQ1dZ4Zg3FLskY20FfgNzHPYKqDQ== x-amz-cf-pop MUC50-P6 x-amz-server-side-encryption AES256 x-amz-version-id QBtuJAOdAJ3hvyn.ldOkMoDYS0kIz_46 x-cache Miss from cloudfront
GET H2	200	Loader.css outlook-app.thrive-sandbox.com/	625 B 1010 B	506ms 506ms	Stylesheet text/css	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/Loader.css Requested by Host: outlook-app.thrive-sandbox.com URL: https://outlook-app.thrive-sandbox.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 426760a557328570fabd289aa5d9d3d30fab46727157811a48d58514e86a0fc4 Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:37 GMT x-amz-version-id EoCI3ZEy14UUCzlCx2Ij.KJegeQIPE7_ via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) last-modified Wed, 07 Aug 2024 09:32:10 GMT server AmazonS3 x-amz-cf-pop MUC50-P6 etag "582ff2eedb41507b135c2068c4b37e3c" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 625 x-amz-cf-id EVxxSuUvSmybey1A3x6eSigraz_frRcIuFDYQbm2ZpjHLpnIn8yk1Q==
GET H2	200	office.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	64 KB 20 KB	213ms 70ms	Script application/javascript	2620:1ec:bdf::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Requested by Host: outlook-app.thrive-sandbox.com URL: https://outlook-app.thrive-sandbox.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b3db37a53e806ff0411d9b836e3771437a3ecd4964d5a8c38c18fb39612bdbbb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:35 GMT content-encoding gzip x-content-type-options nosniff akamai-cache-status Hit from child nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} strict-transport-security max-age=31536000; includeSubDomains x-cache TCP_HIT x-fd-int-roxy-purgeid 66127294 server-timing clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0 alt-svc h3=":443"; ma=93600 content-length 19774 x-cdn-bucket 3 last-modified Thu, 08 Aug 2024 20:07:45 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=AMSTERDAM&ASN=20940&Country=NL&Region=&RequestIdentifier=0.1719dd58.1723187506.8153b5f&TotalRTCDNTime=0&CompressionType=gzip&FileSize="}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id a00df4a9-101e-005d-51ef-e9f513000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=14400 x-azure-ref 20240812T210135Z-167f4bf999897s2871krpuryk800000005gg000000006bcd accept-ranges bytes akamai-request-bc [a=88.221.25.23,b=135609183,c=g,n=NL__AMSTERDAM,o=20940] timing-allow-origin *
GET H2	200	main-0221bbaf671da8f6ac89.js Show response outlook-app.thrive-sandbox.com/	427 KB 131 KB	530ms 530ms	Script text/javascript	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/main-0221bbaf671da8f6ac89.js Requested by Host: outlook-app.thrive-sandbox.com URL: https://outlook-app.thrive-sandbox.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash a8ff1d39c0aebd514c42f414ffc1ae0189e197f8d8c9e3804dbebe1230f7f325 Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:37 GMT x-amz-version-id 6Q6_c_u9wQkCvkuPzem5ZpEMwIuNW_JA content-encoding gzip last-modified Wed, 07 Aug 2024 09:32:11 GMT server AmazonS3 via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"c7ada2aea3a4c4579ad121be1a3fb356" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id M5zk4JcRL6Uohw4HtUZdq1WiizeZHrg8D2rcsmPJBsA4JnRf3rWDOg==
GET H2	200	o15apptofilemappingtable.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	167 KB 38 KB	425ms 73ms	Script application/javascript	2620:1ec:bdf::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://outlook-app.thrive-sandbox.com/ Origin https://outlook-app.thrive-sandbox.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:36 GMT content-encoding gzip x-content-type-options nosniff akamai-cache-status Hit from child nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} strict-transport-security max-age=31536000; includeSubDomains x-cache TCP_HIT x-fd-int-roxy-purgeid 66127294 server-timing clientrtt; dur=9, clienttt; dur=, origin; dur=0 , cdntime; dur=0 alt-svc h3=":443"; ma=93600 content-length 37710 x-cdn-bucket 3 last-modified Thu, 08 Aug 2024 20:07:54 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=AMSTERDAM&ASN=20940&Country=NL&Region=&RequestIdentifier=0.1719dd58.1723178157.7f184a3&TotalRTCDNTime=9&CompressionType=gzip&FileSize="}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id 21749c69-401e-0050-3aef-e93dc7000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=14400 x-azure-ref 20240812T210136Z-179d6ccbd55ltcnzad5ene46f800000009ng00000000daye accept-ranges bytes akamai-request-bc [a=88.221.25.23,b=133268643,c=g,n=NL__AMSTERDAM,o=20940] timing-allow-origin *
GET H2	200	558-28ac865b666cda86b46b.js Show response outlook-app.thrive-sandbox.com/	42 KB 15 KB	477ms 474ms	Script text/javascript	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/558-28ac865b666cda86b46b.js Requested by Host: outlook-app.thrive-sandbox.com URL: https://outlook-app.thrive-sandbox.com/main-0221bbaf671da8f6ac89.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash c30d276a5d6b5308a03a16ce6b1dcc8cce12f336fd8ddb9f82e047f5688b252a Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:38 GMT x-amz-version-id xXk_7jGoITiuc4XUASF1X9DjgHo6Z1bS content-encoding gzip last-modified Wed, 07 Aug 2024 09:32:11 GMT server AmazonS3 via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"75e459f95a3cae61447d9c802ecf0645" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id 7qMmQoiMz5V4QaVsmX-AG0lA_jD__tf6-yJDDEVJYLmtzBQ6dPzMkQ==
GET H2	200	885-3bdfff50803f75fb977c.js Show response outlook-app.thrive-sandbox.com/	27 KB 6 KB	504ms 502ms	Script text/javascript	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/885-3bdfff50803f75fb977c.js Requested by Host: outlook-app.thrive-sandbox.com URL: https://outlook-app.thrive-sandbox.com/main-0221bbaf671da8f6ac89.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash b807538f2f83848daeb9307b6f6305795b9570e2ce76ab1214535c98d420101d Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:38 GMT x-amz-version-id Mxvp6xLyMNohpUEqkzZItZra40Ln955A content-encoding gzip last-modified Wed, 07 Aug 2024 09:32:10 GMT server AmazonS3 via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"48be211683b4c0d46e4478490d36adb9" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id DjIt_fFdrHjFTt4Iusd88n5CtgH6Wyw-jufDnoKLFMiyMezzgQohiQ==
GET H2	200	703-ecdca61ddf31d2376c0e.js Show response outlook-app.thrive-sandbox.com/	8 KB 3 KB	494ms 492ms	Script text/javascript	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/703-ecdca61ddf31d2376c0e.js Requested by Host: outlook-app.thrive-sandbox.com URL: https://outlook-app.thrive-sandbox.com/main-0221bbaf671da8f6ac89.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 8b18aae40ab9645689727644c7d5241e84b7becf412389f13cfde2b59d2c9fdc Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:38 GMT x-amz-version-id K_8qFkRnVPn7x3dkEawNPdhbDuEYPA6S content-encoding gzip last-modified Wed, 07 Aug 2024 09:32:10 GMT server AmazonS3 via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"8e5dc628f7628bd112639de4bd9ad1bf" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id jCzC5S9qexdk1zQ4yXO5ol5iMefQr-F-BY1sSihbpTeg3JDcu0_PwA==
GET H2	403	favicon.ico outlook-app.thrive-sandbox.com/	243 B 483 B	451ms 451ms	Other application/xml	52.85.65.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://outlook-app.thrive-sandbox.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.65.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-97.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash d53576da59c57fac811e960ef5103314f3dc5ff891e26b03487f6e8a6c3fe133 Request headers Referer https://outlook-app.thrive-sandbox.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 21:01:36 GMT via 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop MUC50-P6 x-amz-cf-id 90ngjvpPDfIs45has2fKfekThVD3ckPdlE1ZY9Rv6bSukLvJrGbCkg== x-cache Error from cloudfront content-type application/xml
GET		telemetryproxy.html telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame 0AA9	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

telemetryservice.firstpartyapps.oaspapps.com

URL

https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| OSFPerformance object| OSF object| ScriptLoading object| OfficeExt object| Office object| SDX object| OTel object| CustomFunctionMappings object| CustomFunctions object| OSFTrustedTypes object| oteljs object| Microsoft function| __extends object| OsfMsAjaxFactory object| OSFLog object| Logger object| OSFAppTelemetry function| Type object| Sys object| AriaLogger object| webpackChunkoutlook_addin function| clearImmediate function| setImmediate object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://outlook-app.thrive-sandbox.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appsforoffice.microsoft.com
outlook-app.thrive-sandbox.com
telemetryservice.firstpartyapps.oaspapps.com
telemetryservice.firstpartyapps.oaspapps.com
2620:1ec:bdf::60
52.85.65.97
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
426760a557328570fabd289aa5d9d3d30fab46727157811a48d58514e86a0fc4
6303f1165f726b92354e7de8e7c65f0aa4441a947000122c4714d82dd02df6c3
8b18aae40ab9645689727644c7d5241e84b7becf412389f13cfde2b59d2c9fdc
a8ff1d39c0aebd514c42f414ffc1ae0189e197f8d8c9e3804dbebe1230f7f325
b3db37a53e806ff0411d9b836e3771437a3ecd4964d5a8c38c18fb39612bdbbb
b807538f2f83848daeb9307b6f6305795b9570e2ce76ab1214535c98d420101d
c30d276a5d6b5308a03a16ce6b1dcc8cce12f336fd8ddb9f82e047f5688b252a
d53576da59c57fac811e960ef5103314f3dc5ff891e26b03487f6e8a6c3fe133