urlscan.io logo urlscan.io
SecurityTrails logo

outlook.office365.com Open in urlscan Pro
2603:1026:c0b:10::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo...
Effective URL: https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Submission: On December 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2603:1026:c0b:10::2, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is outlook.office365.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on August 1st 2018. Valid for: 2 years.
This is the only time outlook.office365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.16.230.163 13335 (CLOUDFLAR...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 1 18.206.32.11 14618 (AMAZON-AES)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2603:1026:c0b... 8075 (MICROSOFT...)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.114.128.9 8075 (MICROSOFT...)
12 6
1    104.16.230.163 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
r.send.agencybloc.com
1    2606:4700:e2::ac40:8110 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sibautomation.com
1    18.206.32.11 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-206-32-11.compute-1.amazonaws.com
app.agencybloc.com
1    2606:4700:10::6814:db2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
1    2603:1026:c0b:10::2 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.office365.com
8    2a02:26f0:6c00:28a::753 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
r4.res.office365.com
1    52.114.128.9 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com
Domain Requested by
8 r4.res.office365.com outlook.office365.com
r4.res.office365.com
1 browser.pipe.aria.microsoft.com r4.res.office365.com
1 outlook.office365.com r.send.agencybloc.com
1 tinyurl.com 1 redirects
1 app.agencybloc.com 1 redirects
1 sibautomation.com r.send.agencybloc.com
1 r.send.agencybloc.com
12 7

This site contains links to these domains. Also see Links.

Domain
www.transitionsrbg.com
go.microsoft.com
Subject Issuer Validity Valid
sni117763.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-13 -
2020-06-20		 6 months crt.sh
outlook.com
DigiCert Cloud Services CA-1		 2018-08-01 -
2020-08-01		 2 years crt.sh
*.res.outlook.com
Microsoft IT TLS CA 2		 2019-10-21 -
2021-10-21		 2 years crt.sh
*.events.data.microsoft.com
Microsoft IT TLS CA 4		 2019-10-10 -
2021-10-10		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Frame ID: 0933CC4C1B1BFB94B101E1BCCE5E1B60
Requests: 12 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=1533137
Frame ID: A3ED1CE384938A1DA1AFC640423D41A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfx... Page URL
  2. https://app.agencybloc.com/e/t2?id=NcDn2FERZXeGHTEjcQ5V1VriCPba6UPNgAVY8h_v2R67WllEV8R8u9Y9r-fnnnyl0 HTTP 302
    https://tinyurl.com/y2uub8e2 HTTP 301
    https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

12
Requests

92 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

294 kB
Transfer

641 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A Page URL
  2. https://app.agencybloc.com/e/t2?id=NcDn2FERZXeGHTEjcQ5V1VriCPba6UPNgAVY8h_v2R67WllEV8R8u9Y9r-fnnnyl0 HTTP 302
    https://tinyurl.com/y2uub8e2 HTTP 301
    https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf...
r.send.agencybloc.com/tr/cl/ 		735 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A
Protocol
HTTP/1.1
Server
104.16.230.163 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d5924cab71d9595e5197d97446ce5a5c8784b829fbff252e9dee39fadf5cc84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
r.send.agencybloc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 00:47:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d56d1d27346ea14bf765710d4ca7820871576370859; expires=Tue, 14-Jan-20 00:47:39 GMT; path=/; domain=.r.send.agencybloc.com; HttpOnly
X-Sib-Server
SENDINBLUE-red1-2
X-Content-Type-Options
nosniff
X-XSS-Protection
1
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5454684f1cbec83b-AMS
Content-Encoding
gzip
cm.html
sibautomation.com/ Frame A3ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=1533137
Requested by
Host: r.send.agencybloc.com
URL: http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.org>
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=1533137
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A

Response headers

status
200
date
Sun, 15 Dec 2019 00:47:39 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d0e14bade6ab5408efafdda35a950a65c1576370859; expires=Tue, 14-Jan-20 00:47:39 GMT; path=/; domain=.sibautomation.com; HttpOnly
x-powered-by
Sails <sailsjs.org>
access-control-allow-origin
*
access-control-allow-credentials
access-control-allow-methods
access-control-allow-headers
access-control-expose-headers
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sib-server
SENDINBLUE-web2-3
x-content-type-options
nosniff
x-xss-protection
1
cache-control
max-age=7200
cf-cache-status
MISS
server
cloudflare
cf-ray
5454684f8d96beab-FRA
content-encoding
br
Primary Request Cookie set /
outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Redirect Chain
  • https://app.agencybloc.com/e/t2?id=NcDn2FERZXeGHTEjcQ5V1VriCPba6UPNgAVY8h_v2R67WllEV8R8u9Y9r-fnnnyl0
  • https://tinyurl.com/y2uub8e2
  • https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
35 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Requested by
Host: r.send.agencybloc.com
URL: http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:c0b:10::2 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
01a68a61540ad43cf9e210fc4c037d5d94af1e068dde3efa18d4d91a9e0af128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Host
outlook.office365.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://r.send.agencybloc.com/tr/cl/MPyf8vZa0ntfQrkcgc4SLSdQC-72FswO30_OtTfU7FK85KVQ_DoXdwyaCDsqIpyCdHhCfxCiSdK7cm8n-lCyE2sMoo09gKIiv2-xf_kiCZ2dBT2r5M_S_V79VfVGlhFXht_2LuwyxATdALFu8J2jyyFVuZduG2VjThSKa5TLCP_wfs4Sghrr0rrDWyri5xL1nxNdf2lLITZTxm6052qF9Alz5xPE5LCfvTEgWzPETzvNmLdKKWWVYEQ6SdnAGqKhwDSYiEu2QdnT7mV65YTvKdiOd0T67j359A

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Length
16055
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
request-id
164a8a4a-160f-45aa-8746-457ad8a4f531
X-CalculatedFETarget
MN2PR04CU001.internal.outlook.com
X-BackEndHttpStatus
200 200
Set-Cookie
ClientId=1784C4140E3044C9994E9F0A4C5B3F73; expires=Tue, 15-Dec-2020 00:47:40 GMT; path=/; secure ClientId=1784C4140E3044C9994E9F0A4C5B3F73; expires=Tue, 15-Dec-2020 00:47:40 GMT; path=/; secure OIDC=1; expires=Mon, 15-Jun-2020 00:47:40 GMT; path=/; secure; HttpOnly OutlookSession=2fcc0f906790404cb3c97960f68b84da; path=/; secure; HttpOnly
X-FEProxyInfo
MN2PR04CA0033.NAMPRD04.PROD.OUTLOOK.COM
X-CalculatedBETarget
BL0PR04MB4833.namprd04.prod.outlook.com
X-RUM-Validated
1
X-MailboxGuid
ee7f78ff-0c35-4d9b-88ee-90c82eb4d8c0
X-Content-Type-Options
nosniff
X-OWA-CorrelationId
88f0000c-3fa7-4a8e-b80d-5604e19364cf
X-DiagInfo
BL0PR04MB4833
X-BEServer
BL0PR04MB4833
X-UA-Compatible
IE=EmulateIE7
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Proxy-RoutingCorrectness
1 1
X-Proxy-BackendServerStatus
200
X-FEServer
MN2PR04CA0033 ZRAP278CA0015
Date
Sun, 15 Dec 2019 00:47:41 GMT

Redirect headers

status
301
date
Sun, 15 Dec 2019 00:47:40 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9169ccd16ecccf872bbed00770b567421576370860; expires=Tue, 14-Jan-20 00:47:40 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=df582b181ae3000000000000; expires=Fri, 13-Dec-2024 00:47:40 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com TCSR-cda1bb13888cdb9675fd58d16dc93815=eyJpdiI6IndCWGpabU1PYUlxdlNLc1Y3Qmp1emc9PSIsInZhbHVlIjoid2FOQW5wZWFhNTVDSkJhZUYzMUNNQT09IiwibWFjIjoiYjhiNGRkYTRkYmE4YzI1ZmVjNjIyYzU2NDU1NDA0NjlkMmVkZjZmZGM1NGMzNDhiMDllZDFjMjQzNDIyYThiYSJ9; expires=Sun, 15-Dec-2019 00:52:40 GMT; Max-Age=300; path=/; domain=.tinyurl.com
x-powered-by
PHP/7.3.11
location
https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
cache-control
max-age=0, no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
cf-ray
54546853dc89cba4-VIE
booking.selfservice.str.localized.min.js
r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/en/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/en/booking.selfservice.str.localized.min.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
3b3b859ba597a319ac9229c19afd693bd8b7a15a14c0a5b1fa561dcd81f42296

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
content-encoding
gzip
last-modified
Sat, 23 Nov 2019 09:31:50 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
5936
globalize.js
r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/globalize.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
70b2d8c11889188ddc3d1aba6dcb92ae6e0023a2abda6fe5e556300051307626

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
content-encoding
gzip
last-modified
Sat, 23 Nov 2019 09:30:05 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
6734
globalize.culture.en-us.js
r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/globalize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/globalize/globalize.culture.en-us.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
ce5838be968d5ba912509f6774292906abd308fdfbeb7dd5b77b28b8606b8c81

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
content-encoding
gzip
last-modified
Sat, 23 Nov 2019 09:31:44 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
854
booking.selfservice.js
r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/ 		399 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/owa/calendar/TransitionsRBG@transitionsrbg.com/bookings/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
054676f0097232332048b0c328e92d055783362bf6dd34b6c3727263a6c5e689

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
content-encoding
gzip
last-modified
Sat, 23 Nov 2019 09:30:03 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
segoeui-semilight.woff
r4.res.office365.com/owa/prem/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/fonts/segoeui-semilight.woff
Requested by
Host: r4.res.office365.com
URL: https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://outlook.office365.com

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
last-modified
Tue, 10 Feb 2015 01:15:15 GMT
server
Apache
access-control-allow-origin
*
content-type
application/font-woff
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
29464
segoeui-light.woff
r4.res.office365.com/owa/prem/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/fonts/segoeui-light.woff
Requested by
Host: r4.res.office365.com
URL: https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://outlook.office365.com

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
last-modified
Fri, 01 May 2015 00:28:07 GMT
server
Apache
access-control-allow-origin
*
content-type
application/font-woff
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
24741
segoeui-semibold.woff
r4.res.office365.com/owa/prem/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/fonts/segoeui-semibold.woff
Requested by
Host: r4.res.office365.com
URL: https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://outlook.office365.com

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
last-modified
Tue, 10 Feb 2015 01:15:15 GMT
server
Apache
access-control-allow-origin
*
content-type
application/font-woff
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
31712
office365icons.woff
r4.res.office365.com/owa/prem/16.3442.0.2716015/resources/styles/fonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3442.0.2716015/resources/styles/fonts/office365icons.woff
Requested by
Host: r4.res.office365.com
URL: https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
d689295b1e30160484089417c94a24292d734ef091942ef091899fafe62b2b6a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://outlook.office365.com

Response headers

date
Sun, 15 Dec 2019 00:47:41 GMT
last-modified
Sat, 23 Nov 2019 09:27:21 GMT
server
Apache
access-control-allow-origin
*
content-type
application/font-woff
status
200
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
77596
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1516d16d5df0c63a929ab4ad679d6a190c7377f867cf8fb6f837ac517f074305

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.0&x-apikey=be1d9a81bac24c64a00c2443b1c02d6e-689a8828-34f3-4990-9529-d8b59ebbf7da-7523
Requested by
Host: r4.res.office365.com
URL: https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.128.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://outlook.office365.com

Response headers

Date
Sun, 15 Dec 2019 00:47:42 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
440
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Type function| Globalize object| PageDataPayload function| _u object| BookingSelfService object| __themeState__ object| culture

3 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: OutlookSession
Value: 2fcc0f906790404cb3c97960f68b84da
outlook.office365.com/ Name: OIDC
Value: 1
outlook.office365.com/ Name: ClientId
Value: 1784C4140E3044C9994E9F0A4C5B3F73

1 Console Messages

Source Level URL
Text
console-api debug URL: https://r4.res.office365.com/owa/prem/16.3442.0.2716015/scripts/booking.selfservice.js(Line 56)
Message:
Download the React DevTools for a better development experience: https://fb.me/react-devtools

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1