killian-outlook-add-in.beneticsapi.com Open in urlscan Pro
18.239.18.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://killian-outlook-add-in.beneticsapi.com/
Submission Tags: @phishunt_io
Submission: On May 21 via api (May 21st 2024, 2:18:07 pm UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 18.239.18.7, located in United States and belongs to AMAZON-02, US. The main domain is killian-outlook-add-in.beneticsapi.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 21st 2024. Valid for: a year.

This is the only time killian-outlook-add-in.beneticsapi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	18.239.18.7 18.239.18.7	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.123.132.61 3.123.132.61	16509 (AMAZON-02) (AMAZON-02)
10	4

5 18.239.18.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-7.ams58.r.cloudfront.net

killian-outlook-add-in.beneticsapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

appsforoffice.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.132.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-132-61.eu-central-1.compute.amazonaws.com

killian-connect.beneticsapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	beneticsapi.com killian-outlook-add-in.beneticsapi.com killian-connect.beneticsapi.com	43 MB
2	microsoft.com appsforoffice.microsoft.com — Cisco Umbrella Rank: 1046	58 KB
0	oaspapps.com Failed telemetryservice.firstpartyapps.oaspapps.com Failed
10	3

	Domain	Requested by
5	killian-outlook-add-in.beneticsapi.com	killian-outlook-add-in.beneticsapi.com
2	killian-connect.beneticsapi.com	killian-outlook-add-in.beneticsapi.com
2	appsforoffice.microsoft.com	killian-outlook-add-in.beneticsapi.com appsforoffice.microsoft.com
0	telemetryservice.firstpartyapps.oaspapps.com Failed	appsforoffice.microsoft.com
10	4

This site contains no links.

Subject Issuer	Validity	Valid
killian-outlook-add-in.beneticsapi.com Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh
appsforoffice.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-04-26` - `2025-04-21`	a year	crt.sh
*.beneticsapi.com Amazon RSA 2048 M03	`2024-03-19` - `2025-04-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://killian-outlook-add-in.beneticsapi.com/
Frame ID: 2633BC37C97CF44B70E8C2BBB58CCE59
Requests: 8 HTTP requests in this frame

Frame: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: 63B0D1281BCEE2A7E6074570B18CEEC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benetics Connect for Outlook

Page Statistics

10
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

44296 kB
Transfer

45403 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
killian-outlook-add-in.beneticsapi.com/ 2 KB
2 KB 385ms
132ms Document
text/html 18.239.18.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://killian-outlook-add-in.beneticsapi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-7.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b7b021b8cdd14a62198fe737d80c86d5224296ccb86029b027629b0ab6c22710

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' .microsoftonline.com .beneticsapi.com .amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' .microsoft.com .azure.com .office.net .aspnetcdn.com; worker-src 'self' .microsoftonline.com .beneticsapi.com .azure.com .office.net blob:; style-src 'self' 'unsafe-inline' .microsoftonline.com .azure.com .office.net; object-src 'none'; connect-src 'self' .microsoft.com .microsoftonline.com .beneticsapi.com .amazonaws.com .azure.com .office.net ws: wss:; media-src *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-security-policy: img-src 'self' *.microsoftonline.com *.beneticsapi.com *.amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' *.microsoft.com *.azure.com *.office.net *.aspnetcdn.com; worker-src 'self' *.microsoftonline.com *.beneticsapi.com *.azure.com *.office.net blob:; style-src 'self' 'unsafe-inline' *.microsoftonline.com *.azure.com *.office.net; object-src 'none'; connect-src 'self' *.microsoft.com *.microsoftonline.com *.beneticsapi.com *.amazonaws.com *.azure.com *.office.net ws: wss:; media-src *
content-type: text/html
date: Tue, 21 May 2024 14:17:59 GMT
etag: W/"a2efa0f71934d6365d9dd5cdd54598ea"
last-modified: Tue, 21 May 2024 12:57:30 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-amz-cf-id: ElrdgyVSAPgDEV75GxZIoxTdGlJTqcJpKAOZ6fEZq28alPebqrIwBg==
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 office.js Show response
appsforoffice.microsoft.com/lib/1.1/hosted/ 63 KB
20 KB 145ms
43ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js

Requested by

Host: killian-outlook-add-in.beneticsapi.com
URL: https://killian-outlook-add-in.beneticsapi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8110027ebdd1483b16656861f7ce8c8867927b56cb1f86e053663bc34819ae01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-cache-status: Hit from child
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 66127294
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc: h3=":443"; ma=93600
content-length: 19671
x-cdn-bucket: 4
last-modified: Thu, 16 May 2024 15:57:00 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=AMSTERDAM&ASN=20940&Country=NL&Region=&RequestIdentifier=0.8d071002.1715893658.4478877f&TotalRTCDNTime=1&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d74b60a5-d01e-000f-08b0-a789fb000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=14400
x-azure-ref: 20240521T141758Z-17c66ffcdbc4n7jncyf009w1ec00000007wg000000008b6z
accept-ranges: bytes
akamai-request-bc: [a=2.16.7.141,b=1148749695,c=g,n=NL__AMSTERDAM,o=20940]
timing-allow-origin: *

GET
H2 200 polyfill.js Show response
killian-outlook-add-in.beneticsapi.com/ 1 MB
161 KB 168ms
167ms Script
text/javascript 18.239.18.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://killian-outlook-add-in.beneticsapi.com/polyfill.js

Requested by

Host: killian-outlook-add-in.beneticsapi.com
URL: https://killian-outlook-add-in.beneticsapi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-7.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1e72dadd2d2a8c737649916b9044b4c201349e78fc1e1c43712fb411ed22e37e

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' .microsoftonline.com .beneticsapi.com .amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' .microsoft.com .azure.com .office.net .aspnetcdn.com; worker-src 'self' .microsoftonline.com .beneticsapi.com .azure.com .office.net blob:; style-src 'self' 'unsafe-inline' .microsoftonline.com .azure.com .office.net; object-src 'none'; connect-src 'self' .microsoft.com .microsoftonline.com .beneticsapi.com .amazonaws.com .azure.com .office.net ws: wss:; media-src *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://killian-outlook-add-in.beneticsapi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:17:59 GMT
content-encoding: br
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
content-security-policy: img-src 'self' *.microsoftonline.com *.beneticsapi.com *.amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' *.microsoft.com *.azure.com *.office.net *.aspnetcdn.com; worker-src 'self' *.microsoftonline.com *.beneticsapi.com *.azure.com *.office.net blob:; style-src 'self' 'unsafe-inline' *.microsoftonline.com *.azure.com *.office.net; object-src 'none'; connect-src 'self' *.microsoft.com *.microsoftonline.com *.beneticsapi.com *.amazonaws.com *.azure.com *.office.net ws: wss:; media-src *
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
referrer-policy: same-origin
last-modified: Tue, 21 May 2024 12:57:30 GMT
server: AmazonS3
etag: W/"c315a76820e86068375163bd51a59b7f"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: mw51fZuLRrlmrb-kN-s3KQEpzdZaYK_AFhlaHTWosm29tJU1djM8fw==

GET
H2 200 vendor.js Show response
killian-outlook-add-in.beneticsapi.com/ 24 MB
24 MB 288ms
287ms Script
text/javascript 18.239.18.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://killian-outlook-add-in.beneticsapi.com/vendor.js

Requested by

Host: killian-outlook-add-in.beneticsapi.com
URL: https://killian-outlook-add-in.beneticsapi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-7.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0201aa86aca27eff921d4bfdf41e1cca068557b81c70794ae7ed4aadd0f6027

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' .microsoftonline.com .beneticsapi.com .amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' .microsoft.com .azure.com .office.net .aspnetcdn.com; worker-src 'self' .microsoftonline.com .beneticsapi.com .azure.com .office.net blob:; style-src 'self' 'unsafe-inline' .microsoftonline.com .azure.com .office.net; object-src 'none'; connect-src 'self' .microsoft.com .microsoftonline.com .beneticsapi.com .amazonaws.com .azure.com .office.net ws: wss:; media-src *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://killian-outlook-add-in.beneticsapi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:18:00 GMT
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: img-src 'self' *.microsoftonline.com *.beneticsapi.com *.amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' *.microsoft.com *.azure.com *.office.net *.aspnetcdn.com; worker-src 'self' *.microsoftonline.com *.beneticsapi.com *.azure.com *.office.net blob:; style-src 'self' 'unsafe-inline' *.microsoftonline.com *.azure.com *.office.net; object-src 'none'; connect-src 'self' *.microsoft.com *.microsoftonline.com *.beneticsapi.com *.amazonaws.com *.azure.com *.office.net ws: wss:; media-src *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 25019711
referrer-policy: same-origin
last-modified: Tue, 21 May 2024 12:57:29 GMT
server: AmazonS3
etag: "51aa9ef130ae9cd9f050cdd7ec4e079d-3"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: Igz9UonQUjoPraK2S31AiqlKGBO4zEydmhMZoKc0xG9I0H66HJB6vw==

GET
H2 200 taskpane.js Show response
killian-outlook-add-in.beneticsapi.com/ 19 MB
19 MB 202ms
201ms Script
text/javascript 18.239.18.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://killian-outlook-add-in.beneticsapi.com/taskpane.js

Requested by

Host: killian-outlook-add-in.beneticsapi.com
URL: https://killian-outlook-add-in.beneticsapi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-7.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3c95cdd75ca8b489b1c4ddb2001e8784c8b766f0efe4386512d9347f892ddc2

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' .microsoftonline.com .beneticsapi.com .amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' .microsoft.com .azure.com .office.net .aspnetcdn.com; worker-src 'self' .microsoftonline.com .beneticsapi.com .azure.com .office.net blob:; style-src 'self' 'unsafe-inline' .microsoftonline.com .azure.com .office.net; object-src 'none'; connect-src 'self' .microsoft.com .microsoftonline.com .beneticsapi.com .amazonaws.com .azure.com .office.net ws: wss:; media-src *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://killian-outlook-add-in.beneticsapi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:18:00 GMT
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: img-src 'self' *.microsoftonline.com *.beneticsapi.com *.amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' *.microsoft.com *.azure.com *.office.net *.aspnetcdn.com; worker-src 'self' *.microsoftonline.com *.beneticsapi.com *.azure.com *.office.net blob:; style-src 'self' 'unsafe-inline' *.microsoftonline.com *.azure.com *.office.net; object-src 'none'; connect-src 'self' *.microsoft.com *.microsoftonline.com *.beneticsapi.com *.amazonaws.com *.azure.com *.office.net ws: wss:; media-src *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 20059338
referrer-policy: same-origin
last-modified: Tue, 21 May 2024 12:57:29 GMT
server: AmazonS3
etag: "c368d071057b03fd0a886df3c835336a-3"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 2yyvzya2__4ZQFzSI4Y_eYBXOjWyav84yUxlDD7qnksEtsnTTh_tsQ==

GET
H2 200 o15apptofilemappingtable.js Show response
appsforoffice.microsoft.com/lib/1.1/hosted/ 167 KB
38 KB 97ms
39ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js

Requested by

Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://killian-outlook-add-in.beneticsapi.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-cache-status: Hit from child
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 66127294
server-timing: clientrtt; dur=13, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc: h3=":443"; ma=93600
content-length: 37710
x-cdn-bucket: 4
last-modified: Thu, 16 May 2024 15:56:55 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.642b2817.1716101085.2083bb8&TotalRTCDNTime=13&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b9bade51-301e-0007-2daa-a793f4000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=14400
x-azure-ref: 20240521T141759Z-164d49668c6x7ldkc87atvw7mw00000004gg00000001aqz2
accept-ranges: bytes
akamai-request-bc: [a=23.40.43.100,b=34094008,c=g,n=GB_EN_LONDON,o=20940]
timing-allow-origin: *

GET
H2 401 project Show response
killian-connect.beneticsapi.com/v1/microsoft_outlook/ 25 B
189 B 52ms
51ms XHR
application/json 3.123.132.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://killian-connect.beneticsapi.com/v1/microsoft_outlook/project
Requested by: Host: killian-outlook-add-in.beneticsapi.com
URL: https://killian-outlook-add-in.beneticsapi.com/taskpane.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.132.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-132-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8f399debe52f271e56918a3ef03cd90d60776f7c972e6807b1ef2a7437c1040c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 21 May 2024 14:18:06 GMT
x-correlation-id: b741bcb5-4dac-4ff3-8a17-83143761626e
content-length: 25
apigw-requestid: YH_80jlBFiAEKeg=
content-type: application/json

GET
H2 200 favicon.ico
killian-outlook-add-in.beneticsapi.com/ 2 KB
2 KB 209ms
208ms Other
text/html 18.239.18.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://killian-outlook-add-in.beneticsapi.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-7.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b7b021b8cdd14a62198fe737d80c86d5224296ccb86029b027629b0ab6c22710

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' .microsoftonline.com .beneticsapi.com .amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' .microsoft.com .azure.com .office.net .aspnetcdn.com; worker-src 'self' .microsoftonline.com .beneticsapi.com .azure.com .office.net blob:; style-src 'self' 'unsafe-inline' .microsoftonline.com .azure.com .office.net; object-src 'none'; connect-src 'self' .microsoft.com .microsoftonline.com .beneticsapi.com .amazonaws.com .azure.com .office.net ws: wss:; media-src *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://killian-outlook-add-in.beneticsapi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:18:02 GMT
content-encoding: br
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
content-security-policy: img-src 'self' *.microsoftonline.com *.beneticsapi.com *.amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' *.microsoft.com *.azure.com *.office.net *.aspnetcdn.com; worker-src 'self' *.microsoftonline.com *.beneticsapi.com *.azure.com *.office.net blob:; style-src 'self' 'unsafe-inline' *.microsoftonline.com *.azure.com *.office.net; object-src 'none'; connect-src 'self' *.microsoft.com *.microsoftonline.com *.beneticsapi.com *.amazonaws.com *.azure.com *.office.net ws: wss:; media-src *
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
referrer-policy: same-origin
last-modified: Tue, 21 May 2024 12:57:30 GMT
server: AmazonS3
etag: W/"a2efa0f71934d6365d9dd5cdd54598ea"
vary: Accept-Encoding
content-type: text/html
x-amz-cf-id: rc9sad86kNP9-x32iqOubwbReMBPl1LDXtAapJxLqQOTW_0zQGdy5Q==

OPTIONS
H2 200 project
killian-connect.beneticsapi.com/v1/microsoft_outlook/ Frame 0
0 4713ms
4312ms Preflight
text/plain 3.123.132.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://killian-connect.beneticsapi.com/v1/microsoft_outlook/project
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.132.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-132-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://killian-outlook-add-in.beneticsapi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 600
apigw-requestid: YH_8JjdnliAEJZg=
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 21 May 2024 14:18:06 GMT
x-correlation-id: 81d6cf99-61b1-4e3d-8b4b-dfba209ad6ec

GET telemetryproxy.html
telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame 63B0 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telemetryservice.firstpartyapps.oaspapps.com
URL: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://killian-connect.beneticsapi.com/v1/microsoft_outlook/project Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src 'self' .microsoftonline.com .beneticsapi.com .amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' .microsoft.com .azure.com .office.net .aspnetcdn.com; worker-src 'self' .microsoftonline.com .beneticsapi.com .azure.com .office.net blob:; style-src 'self' 'unsafe-inline' .microsoftonline.com .azure.com .office.net; object-src 'none'; connect-src 'self' .microsoft.com .microsoftonline.com .beneticsapi.com .amazonaws.com .azure.com .office.net ws: wss:; media-src *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appsforoffice.microsoft.com
killian-connect.beneticsapi.com
killian-outlook-add-in.beneticsapi.com
telemetryservice.firstpartyapps.oaspapps.com
telemetryservice.firstpartyapps.oaspapps.com
18.239.18.7
2620:1ec:bdf::45
3.123.132.61
1e72dadd2d2a8c737649916b9044b4c201349e78fc1e1c43712fb411ed22e37e
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
8110027ebdd1483b16656861f7ce8c8867927b56cb1f86e053663bc34819ae01
8f399debe52f271e56918a3ef03cd90d60776f7c972e6807b1ef2a7437c1040c
b0201aa86aca27eff921d4bfdf41e1cca068557b81c70794ae7ed4aadd0f6027
b7b021b8cdd14a62198fe737d80c86d5224296ccb86029b027629b0ab6c22710
f3c95cdd75ca8b489b1c4ddb2001e8784c8b766f0efe4386512d9347f892ddc2

killian-outlook-add-in.beneticsapi.com Open in urlscan Pro 18.239.18.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

90 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

44296 kBTransfer

45403 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

killian-outlook-add-in.beneticsapi.com Open in urlscan Pro
18.239.18.7 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

44296 kB
Transfer

45403 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions