urlscan.io logo urlscan.io
SecurityTrails logo

outlook.office365.com Open in urlscan Pro
2603:1026:c0d:82d::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Foutlook.office365.com%2FEncryption%2Fretrieve.ashx%3Frecipientemai...
Effective URL: https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncrypt...
Submission: On May 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2603:1026:c0d:82d::2, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is outlook.office365.com. The Cisco Umbrella rank of the primary domain is 43.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on January 22nd 2024. Valid for: a year.
This is the only time outlook.office365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.212.65.140 14454 (SILVERSKY...)
2 6 2603:1026:c0d... 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
6 4
Apex Domain
Subdomains		 Transfer
7 office365.com
outlook.office365.com — Cisco Umbrella Rank: 43
r1.res.office365.com — Cisco Umbrella Rank: 37440
22 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2465
33 KB
1 postoffice.net
clicktime.cloud.postoffice.net — Cisco Umbrella Rank: 378122
1 KB
6 3
Domain Requested by
6 outlook.office365.com 2 redirects outlook.office365.com
1 r1.res.office365.com
1 ajax.aspnetcdn.com outlook.office365.com
1 clicktime.cloud.postoffice.net 1 redirects
6 4

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
outlook.com
DigiCert Cloud Services CA-1		 2024-01-22 -
2025-01-21		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Frame ID: EEA5B2A6D207C4655E30F6D0554325E2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authentifizierung von verschlüsselten Nachrichten

Page URL History Show full URLs

  1. https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Foutlook.office365.com%2FEncryption%2Fretrieve.... HTTP 307
    https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=Rachel.daSilva%40jdcu.com&sen... HTTP 302
    https://outlook.office365.com/Encryption/default.aspx?itemID=E4E_M_365744e2-92d2-4500-809d-07c743457f76 HTTP 302
    https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.off... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

53 kB
Transfer

124 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Foutlook.office365.com%2FEncryption%2Fretrieve.ashx%3Frecipientemailaddress%3DRachel.daSilva%2540jdcu.com%26senderemailaddress%3DNicolas.Koehn%2540meridianlink.com%26senderorganization%3DAwGGAAAAAoIAAAADAQAAAI5dmjbZxypHlXjNtv%252fRq5NPVT1NZXJpZGlhbmxpbmszNjUub25taWNyb3NvZnQuY29tLE9VPU1pY3Jvc29mdCBFeGNoYW5nZSBIb3N0ZWQgT3JnYW5pemF0aW9ucyxEQz1OQU1QUjE0QTAwOCxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NpBXJRcUSaES6TYXcicnE8UNOPUNvbmZpZ3VyYXRpb24sQ049TWVyaWRpYW5saW5rMzY1Lm9ubWljcm9zb2Z0LmNvbSxDTj1Db25maWd1cmF0aW9uVW5pdHMsREM9TkFNUFIxNEEwMDgsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTQE%253d%26messageid%3D%253cDM6PR14MB4218D6B59942BF8FC490315798F42%2540DM6PR14MB4218.namprd14.prod.outlook.com%253e%26cfmRecipient%3DSystemMailbox%257bD0E409A0-AF9B-4720-92FE-AAC869B0D201%257d%2540Meridianlink365.onmicrosoft.com%26consumerEncryption%3Dfalse%26senderorgid%3D5f3bf9ea-8893-44b4-92c5-436f984ff597%26urldecoded%3D1%26e4e_sdata%3DrWUjLOgCdFnDewvCIhBrxSf3vDENIvfp3oJU14lp7cmwkT%252foTk0lj9ub2q%252fY2ofvvSH9aEmbJzkDDZUpIRbedO%252fzJHlY0byd5TFosMeGHY9Q2aZytDiecTBTt8qtJVIF95%252blO58C9B8Hn62dIxM6v9x0BUQC7%252bCrUYctmXxjY%252bxNEmG1vqk2NEYGDJxcg91PKx5xUpaCHRfr%252fjQWCGyObf16%252fShddQtgfIIQPdNyl%252bqctdysg80%252bY0tAlC7e4mf1hJ67AIJvFbibV8Fw7SBePFyMDk3KpLserBTkFOfQbYgvfPDPh8mJjX%252bNQ0ktqjdv8DahgCOwvYxI8ubDKgZxJw%253d%253d&E=rachel.dasilva%40jdcu.com&X=XID930CewqGs1488Xd1&T=JDCU&HV=U,E,X,T&H=703874c8f1c2680db54929f0959254374eb5de99 HTTP 307
    https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=Rachel.daSilva%40jdcu.com&senderemailaddress=Nicolas.Koehn%40meridianlink.com&senderorganization=AwGGAAAAAoIAAAADAQAAAI5dmjbZxypHlXjNtv%2fRq5NPVT1NZXJpZGlhbmxpbmszNjUub25taWNyb3NvZnQuY29tLE9VPU1pY3Jvc29mdCBFeGNoYW5nZSBIb3N0ZWQgT3JnYW5pemF0aW9ucyxEQz1OQU1QUjE0QTAwOCxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NpBXJRcUSaES6TYXcicnE8UNOPUNvbmZpZ3VyYXRpb24sQ049TWVyaWRpYW5saW5rMzY1Lm9ubWljcm9zb2Z0LmNvbSxDTj1Db25maWd1cmF0aW9uVW5pdHMsREM9TkFNUFIxNEEwMDgsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTQE%3d&messageid=%3cDM6PR14MB4218D6B59942BF8FC490315798F42%40DM6PR14MB4218.namprd14.prod.outlook.com%3e&cfmRecipient=SystemMailbox%7bD0E409A0-AF9B-4720-92FE-AAC869B0D201%7d%40Meridianlink365.onmicrosoft.com&consumerEncryption=false&senderorgid=5f3bf9ea-8893-44b4-92c5-436f984ff597&urldecoded=1&e4e_sdata=rWUjLOgCdFnDewvCIhBrxSf3vDENIvfp3oJU14lp7cmwkT%2foTk0lj9ub2q%2fY2ofvvSH9aEmbJzkDDZUpIRbedO%2fzJHlY0byd5TFosMeGHY9Q2aZytDiecTBTt8qtJVIF95%2blO58C9B8Hn62dIxM6v9x0BUQC7%2bCrUYctmXxjY%2bxNEmG1vqk2NEYGDJxcg91PKx5xUpaCHRfr%2fjQWCGyObf16%2fShddQtgfIIQPdNyl%2bqctdysg80%2bY0tAlC7e4mf1hJ67AIJvFbibV8Fw7SBePFyMDk3KpLserBTkFOfQbYgvfPDPh8mJjX%2bNQ0ktqjdv8DahgCOwvYxI8ubDKgZxJw%3d%3d HTTP 302
    https://outlook.office365.com/Encryption/default.aspx?itemID=E4E_M_365744e2-92d2-4500-809d-07c743457f76 HTTP 302
    https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authenticationpage.aspx
outlook.office365.com/Encryption/
Redirect Chain
  • https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Foutlook.office365.com%2FEncryption%2Fretrieve.ashx%3Frecipientemailaddress%3DRachel.daSilva%2540jdcu.com%26senderemailaddress%3D...
  • https://outlook.office365.com/Encryption/retrieve.ashx?recipientemailaddress=Rachel.daSilva%40jdcu.com&senderemailaddress=Nicolas.Koehn%40meridianlink.com&senderorganization=AwGGAAAAAoIAAAADAQAAAI5...
  • https://outlook.office365.com/Encryption/default.aspx?itemID=E4E_M_365744e2-92d2-4500-809d-07c743457f76
  • https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f7...
13 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:c0d:82d::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
029076ac3b2fff37e6eb3617e5caa51b1b90dee9e7dec7a0a75c918ab26a082c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
8166
content-type
text/html; charset=utf-8
date
Thu, 23 May 2024 16:55:57 GMT
expires
-1
pragma
no-cache
request-id
db079b30-c582-3334-02e0-548b27e08e20
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-backendhttpstatus
200
x-beserver
BYAPR14MB2854
x-calculatedbetarget
BYAPR14MB2854.namprd14.PROD.OUTLOOK.COM
x-diaginfo
BYAPR14MB2854
x-feefzinfo
HHN
x-feproxyinfo
FR3P281CA0120.DEUP281.PROD.OUTLOOK.COM
x-feserver
FR3P281CA0120
x-firsthopcafeefz
HHN
x-powered-by
ASP.NET
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1

Redirect headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
681
content-type
text/html; charset=utf-8
date
Thu, 23 May 2024 16:55:46 GMT
location
/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
request-id
0035a0df-ff83-82dd-e746-7280224cd88b
server
Microsoft-IIS/10.0
x-backendhttpstatus
302
x-beserver
BYAPR14MB2854
x-calculatedbetarget
BYAPR14MB2854.namprd14.PROD.OUTLOOK.COM
x-diaginfo
BYAPR14MB2854
x-feefzinfo
HHN
x-feproxyinfo
FR3P281CA0120.DEUP281.PROD.OUTLOOK.COM
x-feserver
FR3P281CA0120
x-firsthopcafeefz
HHN
x-powered-by
ASP.NET
x-proxy-backendserverstatus
302
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
jquery-1.12.4.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDF) /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://outlook.office365.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 16:55:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5145009
x-cache
HIT
content-length
33835
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:52 GMT
server
ECAcc (frc/4CDF)
etag
"0e6586cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
authentication.css
outlook.office365.com/Encryption/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://outlook.office365.com/Encryption/authentication.css
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:c0d:82d::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
08a857eeec64d9c6b3ece76762eed837929e0e6f8a29d1315a04d38c3053b4b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-beserver
BYAPR14MB2854
date
Thu, 23 May 2024 16:55:57 GMT
content-encoding
gzip
x-backendhttpstatus
200
x-proxy-backendserverstatus
200
x-rum-notupdatequerieddbcopy
1
x-powered-by
ASP.NET
x-feserver
FR3P281CA0120
x-feproxyinfo
FR3P281CA0120.DEUP281.PROD.OUTLOOK.COM
x-rum-validated
1
request-id
fd2fed16-95e6-8cd3-ea42-d3766a1073bd
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
1265
last-modified
Tue, 21 May 2024 17:50:00 GMT
server
Microsoft-IIS/10.0
x-calculatedbetarget
BYAPR14MB2854.namprd14.PROD.OUTLOOK.COM
etag
"014f74ca7abda1:0"
vary
Accept-Encoding
x-rum-notupdatequeriedpath
1
content-type
text/css
cache-control
public,max-age=2592000
x-firsthopcafeefz
HHN
x-diaginfo
BYAPR14MB2854
x-proxy-routingcorrectness
1
accept-ranges
bytes
x-feefzinfo
HHN
lock.png
outlook.office365.com/Encryption/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://outlook.office365.com/Encryption/lock.png
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:c0d:82d::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55400220f8792e5146328487b0dbbb259a3f558e8fd51f2b445a5ddb6bc1608e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-beserver
BYAPR14MB2854
date
Thu, 23 May 2024 16:55:57 GMT
x-backendhttpstatus
200
x-proxy-backendserverstatus
200
x-rum-notupdatequerieddbcopy
1
x-powered-by
ASP.NET
x-feserver
FR3P281CA0120
x-feproxyinfo
FR3P281CA0120.DEUP281.PROD.OUTLOOK.COM
x-rum-validated
1
request-id
b2b10c8e-2e63-a6b0-28e5-871dec1e7409
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
1100
last-modified
Tue, 21 May 2024 17:50:00 GMT
server
Microsoft-IIS/10.0
x-calculatedbetarget
BYAPR14MB2854.namprd14.PROD.OUTLOOK.COM
etag
"014f74ca7abda1:0"
x-rum-notupdatequeriedpath
1
content-type
image/png
cache-control
public,max-age=2592000
x-firsthopcafeefz
HHN
x-diaginfo
BYAPR14MB2854
x-proxy-routingcorrectness
1
accept-ranges
bytes
x-feefzinfo
HHN
liveid.png
outlook.office365.com/Encryption/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://outlook.office365.com/Encryption/liveid.png
Requested by
Host: outlook.office365.com
URL: https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:c0d:82d::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da7b1e7c0e95a9caba46be191f562268cee236556f67e4b10f2b3a05785b9cad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://outlook.office365.com/Encryption/authenticationpage.aspx?st=Microsoft&ru=https%3a%2f%2foutlook.office365.com%2fEncryption%2fdefault.aspx%3fitemID%3dE4E_M_365744e2-92d2-4500-809d-07c743457f76&e4e_sdata=OVl241KfhuaeCv0%2fHZYQ90x9IYeZc%2fteM%2fx5FExZ4QhiNXn%2bXc2uE9mbyQOlrMySMAwAQKMXCpFlh7R3IQHwyVLIFnxx1j4avWX7DZyAw6yqhC4TlxfzDZ6m60kEHlnYWGGChPiLqgQoQOMemD5%2b2l%2fYyJOmUbZ6KnLILIzXieQ0Ij%2frqXQfT550CqUNg3jV5zp4SdisIGWqprZHm5czewzKPJDGZBf8j4YsXdRtZ18MWVe8cuZs0Cp4KaeGRsmyoBQbwMY4XUBAtxKhX9eSofOShrLYMSrkGOUoaj8AOY1%2fx%2fw%2b%2f7e1uNj59Auxh%2fv8UnGEHXH3DfoVwqGR%2fo%2fTqQ%3d%3d
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-beserver
BYAPR14MB2854
date
Thu, 23 May 2024 16:55:57 GMT
x-backendhttpstatus
200
x-proxy-backendserverstatus
200
x-rum-notupdatequerieddbcopy
1
x-powered-by
ASP.NET
x-feserver
FR3P281CA0120
x-feproxyinfo
FR3P281CA0120.DEUP281.PROD.OUTLOOK.COM
x-rum-validated
1
request-id
a713d3b2-ed40-b1e1-d35e-6ae577f464b6
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
2955
last-modified
Tue, 21 May 2024 17:50:00 GMT
server
Microsoft-IIS/10.0
x-calculatedbetarget
BYAPR14MB2854.namprd14.PROD.OUTLOOK.COM
etag
"014f74ca7abda1:0"
x-rum-notupdatequeriedpath
1
content-type
image/png
cache-control
public,max-age=2592000
x-firsthopcafeefz
HHN
x-diaginfo
BYAPR14MB2854
x-proxy-routingcorrectness
1
accept-ranges
bytes
x-feefzinfo
HHN
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3a2bdf6d169c7d35d4c153bc702cbb8120d7b9b65c215776dc2459863d583a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
r1.res.office365.com/owa/prem/15.20.7611.22/resources/images/0/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/owa/prem/15.20.7611.22/resources/images/0/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:241b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dec51a1a5c6f5daddebe7c7d1048319969446f03de89a953c3c3514f8db08e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://outlook.office365.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 16:55:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 22 May 2024 02:02:07 GMT
Server
AkamaiNetStorage
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
5430

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| timerInterval function| OtpClicked function| LogOAuthSignIn function| gup function| timedText

15 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: X-E4E-CorrelationId
Value: 22f50d2f-8b40-48bc-a5c2-26c3471b4d4f
outlook.office365.com/ Name: X-OmeVersion
Value: V2
outlook.office365.com/ Name: X-ConsumerEncryption
Value: false
outlook.office365.com/ Name: X-CfmRecipientAddress
Value: SystemMailbox%7bD0E409A0-AF9B-4720-92FE-AAC869B0D201%7d%40Meridianlink365.onmicrosoft.com
outlook.office365.com/ Name: E4EAnchorMailbox
Value: SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201}@Meridianlink365.onmicrosoft.com
outlook.office365.com/ Name: X-RecipientEmailAddress
Value: Rachel.daSilva@jdcu.com|bSQL1iWuguGZWHkJungmciOT%2foLdRUJI%2b2qrtLVWy%2fl9333Bb%2bboeXOV03rLQpH8i0%2fMrEKsQhRIH5PKbtsOhoW8n2Gs04NSj9aptjplWMl4Kelp1WM2n0yfBNtPDu5HZJEHUPau%2bjfkWDD2CgYI%2fdqTIzn24JmoxjMExUN%2fzxOcr1n70qh3SxHIxzj3Y5nUn0h0QMPTQEwTtCJGLuZu5QsPKh8AMc6OsDiC2EmybsrNLPdiUjM%2fWuSr%2fb0MO8pgJ5HfvSwYQngINyXPjbGiUqhkMp04eJmreROL0Prc1%2b4P%2bXNxS9CzQeVv2trldv%2fXY3d2O1w8ZZKl3tVTxJxLYA%3d%3d
outlook.office365.com/ Name: X-SenderEmailAddress
Value: Nicolas.Koehn@meridianlink.com
outlook.office365.com/ Name: X-SenderOrganization
Value: AwGGAAAAAoIAAAADAQAAAI5dmjbZxypHlXjNtv/Rq5NPVT1NZXJpZGlhbmxpbmszNjUub25taWNyb3NvZnQuY29tLE9VPU1pY3Jvc29mdCBFeGNoYW5nZSBIb3N0ZWQgT3JnYW5pemF0aW9ucyxEQz1OQU1QUjE0QTAwOCxEQz1QUk9ELERDPU9VVExPT0ssREM9Q09NpBXJRcUSaES6TYXcicnE8UNOPUNvbmZpZ3VyYXRpb24sQ049TWVyaWRpYW5saW5rMzY1Lm9ubWljcm9zb2Z0LmNvbSxDTj1Db25maWd1cmF0aW9uVW5pdHMsREM9TkFNUFIxNEEwMDgsREM9UFJPRCxEQz1PVVRMT09LLERDPUNPTQE=
outlook.office365.com/ Name: X-MessageId
Value: %3cDM6PR14MB4218D6B59942BF8FC490315798F42%40DM6PR14MB4218.namprd14.prod.outlook.com%3e
outlook.office365.com/ Name: X-StoreObjectId
Value:
outlook.office365.com/ Name: X-RecipientPrimarySmtp
Value:
outlook.office365.com/ Name: E4E_M_365744e2-92d2-4500-809d-07c743457f76
Value: BYAPR14MB2854
outlook.office365.com/ Name: X-OTPItemId
Value: E4E_M_365744e2-92d2-4500-809d-07c743457f76
outlook.office365.com/ Name: X-SenderExternalOrganizationId
Value: 5f3bf9ea-8893-44b4-92c5-436f984ff597
outlook.office365.com/ Name: X-AnonResource
Value: true