Hello everyone, I hope you're all doing well! I'm reaching out to the community because we've encountered some weird behavior from a source connected to Microsoft, and despite our attempts, haven't yet received an explanation from their end. I'm curious if anyone here, perhaps from Microsoft or those with similar experiences, might shed some light on this matter.
To give you a bit of context, we operate as an ESP, facilitating our customers in sending out newsletters. Each email includes tracking URLs with unique hashes for analytics. For instance, a typical URL hash on our end appears as follows: https://sub.customerdomain.tld/info/29vcszz10k40z1y0c2yzzzzqz3. We've identified an IP address, notably tied to Microsoft (20.203.218.75), executing thousands of hits on our URLs almost immediately after dispatching a newsletter. However, the peculiar part is the variation in the hash segments they're accessing. The URL queries we've seen look something like https://sub.customerdomain.tld/info/Mjl2Y3N6ej, which, upon decoding, starts off with a familiar segment 29vcsz% but diverges significantly right after. This pattern strikes us as odd and raises questions regarding the nature of these requests. Has anyone observed similar traffic patterns, or can anyone from Microsoft provide some clarity on these unusually patterned requests? Thanks a lot for your time! Best, Vitali _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
