killian-outlook-add-in.beneticsapi.com
Open in
urlscan Pro
18.239.18.7
Public Scan
Submission Tags: @phishunt_io
Submission: On May 21 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on May 21st 2024. Valid for: a year.
This is the only time killian-outlook-add-in.beneticsapi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 18.239.18.7 18.239.18.7 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 3.123.132.61 3.123.132.61 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-7.ams58.r.cloudfront.net
killian-outlook-add-in.beneticsapi.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
appsforoffice.microsoft.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-132-61.eu-central-1.compute.amazonaws.com
killian-connect.beneticsapi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
beneticsapi.com
killian-outlook-add-in.beneticsapi.com killian-connect.beneticsapi.com |
43 MB |
2 |
microsoft.com
appsforoffice.microsoft.com — Cisco Umbrella Rank: 1046 |
58 KB |
0 |
oaspapps.com
Failed
telemetryservice.firstpartyapps.oaspapps.com Failed |
|
10 | 3 |
Domain | Requested by | |
---|---|---|
5 | killian-outlook-add-in.beneticsapi.com |
killian-outlook-add-in.beneticsapi.com
|
2 | killian-connect.beneticsapi.com |
killian-outlook-add-in.beneticsapi.com
|
2 | appsforoffice.microsoft.com |
killian-outlook-add-in.beneticsapi.com
appsforoffice.microsoft.com |
0 | telemetryservice.firstpartyapps.oaspapps.com Failed |
appsforoffice.microsoft.com
|
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
killian-outlook-add-in.beneticsapi.com Amazon RSA 2048 M02 |
2024-05-21 - 2025-06-19 |
a year | crt.sh |
appsforoffice.microsoft.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-04-26 - 2025-04-21 |
a year | crt.sh |
*.beneticsapi.com Amazon RSA 2048 M03 |
2024-03-19 - 2025-04-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://killian-outlook-add-in.beneticsapi.com/
Frame ID: 2633BC37C97CF44B70E8C2BBB58CCE59
Requests: 8 HTTP requests in this frame
Frame:
https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: 63B0D1281BCEE2A7E6074570B18CEEC8
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
killian-outlook-add-in.beneticsapi.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
office.js
appsforoffice.microsoft.com/lib/1.1/hosted/ |
63 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.js
killian-outlook-add-in.beneticsapi.com/ |
1 MB 161 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
killian-outlook-add-in.beneticsapi.com/ |
24 MB 24 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
taskpane.js
killian-outlook-add-in.beneticsapi.com/ |
19 MB 19 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o15apptofilemappingtable.js
appsforoffice.microsoft.com/lib/1.1/hosted/ |
167 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
project
killian-connect.beneticsapi.com/v1/microsoft_outlook/ |
25 B 189 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
killian-outlook-add-in.beneticsapi.com/ |
2 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
project
killian-connect.beneticsapi.com/v1/microsoft_outlook/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telemetryproxy.html
telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame 63B0 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- telemetryservice.firstpartyapps.oaspapps.com
- URL
- https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Verdicts & Comments Add Verdict or Comment
29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| OSFPerformance object| OSF object| ScriptLoading object| OfficeExt object| Office object| SDX object| OTel object| CustomFunctionMappings object| CustomFunctions object| OSFTrustedTypes boolean| g_isExpEnabled boolean| g_isOfflineLibrary object| oteljs object| Microsoft undefined| tridentMessage undefined| normalContainer function| clearImmediate function| setImmediate object| regeneratorRuntime function| __extends object| OsfMsAjaxFactory object| OSFLog object| Logger object| OSFAppTelemetry function| Type object| Sys object| AriaLogger object| webpackChunkbenetics_connect_outlook_add_in0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | img-src 'self' *.microsoftonline.com *.beneticsapi.com *.amazonaws.com blob: data:; script-src 'self' 'unsafe-inline' *.microsoft.com *.azure.com *.office.net *.aspnetcdn.com; worker-src 'self' *.microsoftonline.com *.beneticsapi.com *.azure.com *.office.net blob:; style-src 'self' 'unsafe-inline' *.microsoftonline.com *.azure.com *.office.net; object-src 'none'; connect-src 'self' *.microsoft.com *.microsoftonline.com *.beneticsapi.com *.amazonaws.com *.azure.com *.office.net ws: wss:; media-src * |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appsforoffice.microsoft.com
killian-connect.beneticsapi.com
killian-outlook-add-in.beneticsapi.com
telemetryservice.firstpartyapps.oaspapps.com
telemetryservice.firstpartyapps.oaspapps.com
18.239.18.7
2620:1ec:bdf::45
3.123.132.61
1e72dadd2d2a8c737649916b9044b4c201349e78fc1e1c43712fb411ed22e37e
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
8110027ebdd1483b16656861f7ce8c8867927b56cb1f86e053663bc34819ae01
8f399debe52f271e56918a3ef03cd90d60776f7c972e6807b1ef2a7437c1040c
b0201aa86aca27eff921d4bfdf41e1cca068557b81c70794ae7ed4aadd0f6027
b7b021b8cdd14a62198fe737d80c86d5224296ccb86029b027629b0ab6c22710
f3c95cdd75ca8b489b1c4ddb2001e8784c8b766f0efe4386512d9347f892ddc2