outlookplugin.centerasecurity.com Open in urlscan Pro
2606:4700:3030::ac43:8c37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://outlookplugin.centerasecurity.com/
Submission: On September 11 via automatic, source certstream-suspicious (September 11th 2021, 12:52:17 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3030::ac43:8c37, located in United States and belongs to CLOUDFLARENET, US. The main domain is outlookplugin.centerasecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time outlookplugin.centerasecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3030::ac43:8c37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.4.208.120 23.4.208.120	16625 (AKAMAI-AS) (AKAMAI-AS)
4	95.101.28.34 95.101.28.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.109.76.0 52.109.76.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	4

8 2606:4700:3030::ac43:8c37 (United States)

ASN13335 (CLOUDFLARENET, US)

outlookplugin.centerasecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.4.208.120 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-208-120.deploy.static.akamaitechnologies.com

appsforoffice.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.28.34 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-28-34.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.109.76.0 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

telemetryservice.firstpartyapps.oaspapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	centerasecurity.com outlookplugin.centerasecurity.com	192 KB
4	akamaihd.net spoprod-a.akamaihd.net	247 KB
2	microsoft.com appsforoffice.microsoft.com	54 KB
1	oaspapps.com telemetryservice.firstpartyapps.oaspapps.com	1 KB
15	4

	Domain	Requested by
8	outlookplugin.centerasecurity.com	outlookplugin.centerasecurity.com
4	spoprod-a.akamaihd.net	outlookplugin.centerasecurity.com
2	appsforoffice.microsoft.com	outlookplugin.centerasecurity.com appsforoffice.microsoft.com
1	telemetryservice.firstpartyapps.oaspapps.com	appsforoffice.microsoft.com
15	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
appsforoffice.microsoft.com Microsoft RSA TLS CA 01	`2021-01-28` - `2022-01-28`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
firstpartyapps.oaspapps.com Microsoft RSA TLS CA 01	`2020-10-06` - `2021-10-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://outlookplugin.centerasecurity.com/
Frame ID: 14060033DCF84D9F4003B022E222E931
Requests: 14 HTTP requests in this frame

Frame: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: D88D30DF37E751CDA5581AD788DD17BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Message Reporting

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

494 kB
Transfer

1299 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response outlookplugin.centerasecurity.com/	6 KB 2 KB	5274ms 124ms	Document text/html	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b852d8ce8db981e8d66ff42a69bb09e15a27977208d9c5428a46af42c44df565` Request headers :method GET :authority outlookplugin.centerasecurity.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-type text/html last-modified Mon, 30 Aug 2021 12:09:29 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8D%2F5dbhlqB3Ka%2Bdkdb0wFX0FrHGJyyTpIGPBSzY4AQNup%2B%2BaKQDGSIILIwE12WbO%2B2HvDDYYyn5hXbPeUkLhyuj5B6FmNwnBT%2F4jlxj9WX9J%2BSWvMBQ%2F4Gt2DJ5IiUZpq%2FqXbHh1rzIxCCvFcLRGQs9P%2FRQb10RJ531sanDL0VE%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68d107ec0dc64e9d-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	office.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	57 KB 17 KB	5250ms 66ms	Script application/javascript	23.4.208.120 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.4.208.120 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-4-208-120.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `a3d984942f023197873174978304e5efc99fe61e9e9a63f59da731cd700f1a51` Request headers Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 11 Sep 2021 12:52:07 GMT Content-Encoding gzip Last-Modified Tue, 24 Aug 2021 08:21:58 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0d721bc198d71:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=19019 Connection keep-alive Accept-Ranges bytes Content-Length 16794
GET H2	200	jquery.js Show response outlookplugin.centerasecurity.com/src/taskpane/js/	282 KB 85 KB	235ms 233ms	Script application/javascript	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/src/taskpane/js/jquery.js Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239` Request headers :path /src/taskpane/js/jquery.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-46744" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCOityiiCDD5Qq3DZM8ETV4QZbSnLPtSxn6AFhp87jKVa7qPFtCCx0ALkEuogvY7QpgorllhosIwHiUOhYzpftFum69l%2B448tkZqWC94GwS9gz2JgDdyXjNkjMCIw6FMmzCd8CGlMYlgreqYQkZehoSzFeDxXfuIArhifSby2LU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef6c4e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	easyEws.js Show response outlookplugin.centerasecurity.com/src/taskpane/js/	72 KB 13 KB	190ms 188ms	Script application/javascript	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/src/taskpane/js/easyEws.js Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `22c8ea43ae49f48e31e69b2e27b940ff09c4775272130911e959e67af65d240c` Request headers :path /src/taskpane/js/easyEws.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-12055" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOu44B4Lg2ra1AYWl2uW5AIbiZ6EQGZZJhstg2Vvak%2FzrQQD%2BcskNNmGnPWGJQfCIFZ2PhnxidLoyTSRxBOIIS7Cj%2FSplW7PR7K9fd5%2FEUKETMAW05%2FLkY0Pl1U8v%2Frp1h3aph%2FnFv6tRp1bl%2FR2PaNr7g%2BjFOGBPoRwNvnZdzQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef6e4e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	taskpane.js Show response outlookplugin.centerasecurity.com/	3 KB 2 KB	130ms 129ms	Script application/javascript	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/taskpane.js Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3be877af6aaea6bddc62b7eaed532d1175169902b315ecfe506e0843702739c` Request headers :path /taskpane.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-c1c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDKNDOiEYk6b5dgX%2Bn0a2gXPNS4q3xeV%2Ft42dyApLwGnPDTKN2FkM3u3gNXM1Oc0YF7iUWTOGK1tJMx2aqiIzReNS%2FxSVlr7wnX48NVQmIVyIYHw7pbVYO%2Fhsa0WQUaIyNjOBoly9PUUUpqNsRg%2B0M4RZxz7UilLwTdiTwH68e4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef724e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	fabric.min.css outlookplugin.centerasecurity.com/src/taskpane/css/	139 KB 14 KB	215ms 215ms	Stylesheet text/css	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/src/taskpane/css/fabric.min.css Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4805ddfd2f912218c48d1cd49dcf9d7ba3ab55d942a95c92d56d19d899bb975a` Request headers :path /src/taskpane/css/fabric.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-22a1f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stTBJHJkfnjtYG1jgJEKV5oIO21Xj0T5ThYkMgiviEkFjky6mxsA8zYbiOKg82BaUK2yJw10RaaiL8bbNqLOi2HIoqM1jzwuuLZAsei5DNAzPVuO6wr77jHJgSy4PMdsSXbR9OU%2FDhs1m1%2BjG%2FBpyLr3UhiHEXCqnFcIWbrNoDM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef704e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	fabric.components.css outlookplugin.centerasecurity.com/src/taskpane/css/	124 KB 18 KB	223ms 222ms	Stylesheet text/css	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/src/taskpane/css/fabric.components.css Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b48a6f340f5a6157bd49647c9ef8aae5638133c67dd796840c7954856bb3f864` Request headers :path /src/taskpane/css/fabric.components.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-1f1eb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1z2sVdE9msO8lHCSyhbRdbh33s1UPHo5Vp5aXU84xBBfiRX6%2FMPjCTNMT470D8svho0AZGceveCmNQQMj71Gdbb8CsE2%2BJ5IpRwUrds3vFxA1yLhMxqk7ui0QN9%2FzcMgGhNdw6WCR%2BtrwW66maOxjk25cr4nTrk4lRy21dc%2BNA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef714e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	fabric.min.js Show response outlookplugin.centerasecurity.com/src/taskpane/js/	72 KB 16 KB	206ms 205ms	Script application/javascript	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/src/taskpane/js/fabric.min.js Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b5808778b73fb7934a5513bacbbe5a130e0d99e87b2d8f24aea824979fcc7d17` Request headers :path /src/taskpane/js/fabric.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-12070" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ%2Bt3WZEORjgQ1Nh9swhxauMdstg5FLhHmnIQ60KiCEjJLrnI%2FSLui%2F3tRMLxblfAl%2BBKUYMtooeAyCz5BdQJExYbaREkdjf%2F2v1Kv2QyhLenARmzH91L5CWPvG6zahT1z9z42l8F4KpJIvuHQulfNQQiAMUmPjPZARFCDqgkL8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef744e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	polyfill.js Show response outlookplugin.centerasecurity.com/	132 KB 43 KB	134ms 133ms	Script application/javascript	2606:4700:3030::ac43:8c37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://outlookplugin.centerasecurity.com/polyfill.js Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:8c37 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4bfadfccffd442e218f3972d3ef5e0dc6aab3ca56e7ba62f9b0ab41e54b55154` Request headers :path /polyfill.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority outlookplugin.centerasecurity.com referer https://outlookplugin.centerasecurity.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 12:52:02 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 30 Aug 2021 12:09:29 GMT server cloudflare etag W/"612cca79-20e59" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgNb2PVUp6v9Z6zaA%2BFm3bPlS4t6%2BpWDm9Nht%2Fq78gxm0pEDSCH5bw0M9A2sDxv%2BaOUaNfZmgroQrO50kwLl6iU0Jmqtsesyfna49rfDbuh6NJUauVgNB4TObLO8LaHbPRXDBtg%2FWDJL5gLRQNlZbjlpHTw4wop98o%2FuIbSP6b4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68d107ecef754e9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	o15apptofilemappingtable.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	167 KB 37 KB	199ms 72ms	Script application/javascript	23.4.208.120 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.4.208.120 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-4-208-120.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522` Request headers Referer https://outlookplugin.centerasecurity.com/ Origin https://outlookplugin.centerasecurity.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 11 Sep 2021 12:52:08 GMT Content-Encoding gzip Last-Modified Tue, 24 Aug 2021 08:21:58 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0d721bc198d71:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=82005 Connection keep-alive Accept-Ranges bytes Content-Length 37609
GET H2	200	segoeui-semilight.woff2 spoprod-a.akamaihd.net/files/fabric/assets/fonts/segoeui-westeuropean/	29 KB 30 KB	5241ms 84ms	Font application/font-woff2	95.101.28.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semilight.woff2 Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/src/taskpane/css/fabric.min.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.101.28.34 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-28-34.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `7cb4f43ca0b1ff1b2afc5227f3dd3d9b2f222cc3d33d09fb5c4c42bad406511d` Request headers Referer https://outlookplugin.centerasecurity.com/ Origin https://outlookplugin.centerasecurity.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 11 Sep 2021 12:52:13 GMT content-md5 d6nvvnpPJG5+g8oiSOJqNg== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 29936 x-ms-lease-status unlocked last-modified Fri, 17 Nov 2017 22:36:05 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D52E0B96D36822 content-type application/font-woff2 access-control-allow-origin * x-ms-request-id 98ce4a9f-d01e-00fc-33aa-e3234d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=9814743 x-ms-version 2009-09-19 timing-allow-origin *
GET H2	200	segoeui-regular.woff2 spoprod-a.akamaihd.net/files/fabric/assets/fonts/segoeui-westeuropean/	35 KB 36 KB	5206ms 49ms	Font application/font-woff2	95.101.28.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/src/taskpane/css/fabric.min.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.101.28.34 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-28-34.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49` Request headers Referer https://outlookplugin.centerasecurity.com/ Origin https://outlookplugin.centerasecurity.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 11 Sep 2021 12:52:13 GMT last-modified Thu, 02 Nov 2017 17:22:02 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 hl8dtlRfyUovRETdYOe7xg== etag 0x8D522163B704E10 content-type application/font-woff2 access-control-allow-origin * x-ms-request-id 73bc856c-c01e-0049-3082-ea2eb2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=10567086 x-ms-version 2009-09-19 timing-allow-origin * content-length 36344
GET H2	200	segoeui-semibold.woff2 spoprod-a.akamaihd.net/files/fabric/assets/fonts/segoeui-westeuropean/	31 KB 32 KB	5293ms 137ms	Font application/font-woff2	95.101.28.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2 Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/src/taskpane/css/fabric.min.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.101.28.34 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-28-34.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d` Request headers Referer https://outlookplugin.centerasecurity.com/ Origin https://outlookplugin.centerasecurity.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 11 Sep 2021 12:52:13 GMT last-modified Thu, 26 Oct 2017 19:02:14 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 ZtEeVbekE932qE6Fhpfntg== etag 0x8D51CA4122953A7 content-type application/font-woff2 access-control-allow-origin * x-ms-request-id a359ab0d-f01e-00c2-6289-25956c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=17057172 x-ms-version 2009-09-19 timing-allow-origin * content-length 31824
GET H2	200	fabricmdl2icons.woff spoprod-a.akamaihd.net/files/fabric/assets/icons/	148 KB 149 KB	5269ms 155ms	Font font/woff	95.101.28.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabricmdl2icons.woff Requested by Host: outlookplugin.centerasecurity.com URL: https://outlookplugin.centerasecurity.com/src/taskpane/css/fabric.min.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.101.28.34 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-28-34.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `05828d625dcb5781d0a3cc67a2429ced535fdf848b8b8075d49751eb5b30c7af` Request headers Referer https://outlookplugin.centerasecurity.com/ Origin https://outlookplugin.centerasecurity.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 11 Sep 2021 12:52:13 GMT last-modified Fri, 11 May 2018 22:37:14 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 6A/3LgPngAVs/b2FxjQEzg== etag 0x8D5B78FBE15F296 content-type font/woff access-control-allow-origin * x-ms-request-id 7d7e6b04-801e-00a0-37b7-78d2b4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=26222940 x-ms-version 2009-09-19 timing-allow-origin * content-length 151924
GET H2	404	telemetryproxy.html Show response telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame D88D	1 KB 1 KB	5306ms 45ms	Document text/html	52.109.76.0 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.76.0 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f` Request headers :method GET :authority telemetryservice.firstpartyapps.oaspapps.com :scheme https :path /telemetryservice/telemetryproxy.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://outlookplugin.centerasecurity.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://outlookplugin.centerasecurity.com/ Response headers content-type text/html server Microsoft-IIS/10.0 x-powered-by ASP.NET date Sat, 11 Sep 2021 12:52:15 GMT content-length 1245

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appsforoffice.microsoft.com
outlookplugin.centerasecurity.com
spoprod-a.akamaihd.net
telemetryservice.firstpartyapps.oaspapps.com
23.4.208.120
2606:4700:3030::ac43:8c37
52.109.76.0
95.101.28.34
05828d625dcb5781d0a3cc67a2429ced535fdf848b8b8075d49751eb5b30c7af
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
22c8ea43ae49f48e31e69b2e27b940ff09c4775272130911e959e67af65d240c
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
4805ddfd2f912218c48d1cd49dcf9d7ba3ab55d942a95c92d56d19d899bb975a
4bfadfccffd442e218f3972d3ef5e0dc6aab3ca56e7ba62f9b0ab41e54b55154
7cb4f43ca0b1ff1b2afc5227f3dd3d9b2f222cc3d33d09fb5c4c42bad406511d
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a3d984942f023197873174978304e5efc99fe61e9e9a63f59da731cd700f1a51
b48a6f340f5a6157bd49647c9ef8aae5638133c67dd796840c7954856bb3f864
b5808778b73fb7934a5513bacbbe5a130e0d99e87b2d8f24aea824979fcc7d17
b852d8ce8db981e8d66ff42a69bb09e15a27977208d9c5428a46af42c44df565
c3be877af6aaea6bddc62b7eaed532d1175169902b315ecfe506e0843702739c
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

outlookplugin.centerasecurity.com Open in urlscan Pro 2606:4700:3030::ac43:8c37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

494 kBTransfer

1299 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

outlookplugin.centerasecurity.com Open in urlscan Pro
2606:4700:3030::ac43:8c37 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

494 kB
Transfer

1299 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions