urlscan.io logo urlscan.io
SecurityTrails logo

sway.office.com Open in urlscan Pro
52.109.13.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.sway.ziping.org/
Effective URL: https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
Submission: On July 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 52.109.13.39, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sway.office.com. The Cisco Umbrella rank of the primary domain is 39879.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on May 25th 2022. Valid for: a year.
This is the only time sway.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
1 52.109.13.39 8075 (MICROSOFT...)
1 96.16.140.161 16625 (AKAMAI-AS)
5 20.111.54.6 8075 (MICROSOFT...)
6 104.92.83.244 16625 (AKAMAI-AS)
13 4
1    2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
login.sway.ziping.org
1    52.109.13.39 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sway.office.com
1    96.16.140.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-140-161.deploy.static.akamaitechnologies.com
eus-www.sway-cdn.com
5    20.111.54.6 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
6    104.92.83.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-83-244.deploy.static.akamaitechnologies.com
cdn.odc.officeapps.live.com
Apex Domain
Subdomains		 Transfer
11 live.com
odc.officeapps.live.com — Cisco Umbrella Rank: 180
cdn.odc.officeapps.live.com — Cisco Umbrella Rank: 1460
97 KB
1 sway-cdn.com
eus-www.sway-cdn.com — Cisco Umbrella Rank: 48959
1 KB
1 office.com
sway.office.com — Cisco Umbrella Rank: 39879
4 KB
1 ziping.org
login.sway.ziping.org
160 B
13 4
Domain Requested by
6 cdn.odc.officeapps.live.com odc.officeapps.live.com
5 odc.officeapps.live.com sway.office.com
odc.officeapps.live.com
1 eus-www.sway-cdn.com sway.office.com
1 sway.office.com
1 login.sway.ziping.org 1 redirects
13 5

This site contains no links.

Subject Issuer Validity Valid
sway.office.com
Microsoft RSA TLS CA 02		 2022-05-25 -
2023-05-25		 a year crt.sh
www.sway-cdn.com
Microsoft RSA TLS CA 01		 2021-09-15 -
2022-09-15		 a year crt.sh
odc.officeapps.live.com
Microsoft RSA TLS CA 01		 2021-11-17 -
2022-11-17		 a year crt.sh
cdn.odc.officeapps.live.com
Microsoft RSA TLS CA 01		 2021-12-15 -
2022-12-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
Frame ID: D449172AF92D5B507F059145A262680F
Requests: 2 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Frame ID: CA4E1B40897908202F2DBDEAC45483D7
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://login.sway.ziping.org/ HTTP 301
    https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

102 kB
Transfer

259 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.sway.ziping.org/ HTTP 301
    https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
sway.office.com/
Redirect Chain
  • https://login.sway.ziping.org/
  • https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
328391c176d1c480521a82bbf7e849d2982905f38f62d4de3672ae11b0d70383
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

anonuserid
f0f55ac4-2d3c-4afd-91cc-2d8696823b15
cache-control
private
content-encoding
gzip
content-length
2953
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 21:07:13 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=15724800; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-correlationid
6179bb62-e377-4e06-8cb9-0913bc1434ac
x-frame-options
SAMEORIGIN
x-officecluster
eus-003.www.sway.com
x-officefe
SwayFrontEnd_IN_28
x-officeversion
16.0.15424.40104
x-powered-by
ARR/3.0
x-requestid
138884df-c2bf-4cfc-a704-3cfd0b38bc4e
x-trackingid
3f7ea22d-cb3d-44f1-bfd2-fd0228a47ce0
x-usersessionid
6179bb62-e377-4e06-8cb9-0913bc1434ac

Redirect headers

content-length
263
content-type
text/html; charset=UTF-8
date
Fri, 01 Jul 2022 21:07:13 GMT
location
https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
server
ghs
x-frame-options
SAMEORIGIN
x-xss-protection
0
HRDv2Client.js
eus-www.sway-cdn.com/161542440104_Content/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/161542440104_Content/HRDv2Client.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.140.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-140-161.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
feeb7d6e92ff03f3a0461b892084fc7a230abd136b40c9c4c2c8da16dac6b622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
Origin
https://sway.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
778
ETag
"065f6742288d81:0"
Last-Modified
Fri, 24 Jun 2022 23:30:58 GMT
Date
Fri, 01 Jul 2022 21:07:14 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=25221
Accept-Ranges
bytes
Timing-Allow-Origin
*
hrd
odc.officeapps.live.com/odc/v2.0/ Frame CA4E 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Requested by
Host: sway.office.com
URL: https://sway.office.com/signin?ru=https%3A%2F%2Fsway.office.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.111.54.6 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01fc8eb097ec12a2a4b9464a4df22c8fd4772b7ab6aaf096435d28ec33540d52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
8173
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 21:07:14 GMT
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-correlationid
34c9461f-fad7-4112-bf4f-0958d4dc32fe
x-officecluster
frc-000.odc.officeapps.live.com
x-officefe
OdcFE_IN_12
x-officeversion
16.0.15429.30552
x-powered-by
ASP.NET
x-ua-compatible
IE=11
x-usersessionid
34c9461f-fad7-4112-bf4f-0958d4dc32fe
hrd.css
odc.officeapps.live.com/odc/stat/ Frame CA4E 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.111.54.6 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_12
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
cache-control
private, max-age=2678400
last-modified
Wed, 29 Jun 2022 13:41:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
ee95fae5-199d-4906-87d9-0c48fb4b5578
etag
"0588fe0bd8bd81:0"
vary
Accept-Encoding
content-type
text/css
x-correlationid
ee95fae5-199d-4906-87d9-0c48fb4b5578
accept-ranges
bytes
x-officeversion
16.0.15429.30552
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame CA4E 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
weu-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_31
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
cache-control
private, max-age=2450213
last-modified
Thu, 23 Jun 2022 08:00:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
e1dad2ad-0891-42da-b6d8-f361bd51ec3f
etag
"0a81f46d786d81:0"
vary
Accept-Encoding
content-type
image/svg+xml
x-correlationid
e1dad2ad-0891-42da-b6d8-f361bd51ec3f
accept-ranges
bytes
x-officeversion
16.0.15423.30550
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame CA4E 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
x-content-type-options
nosniff
x-officecluster
weu-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_10
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
cache-control
private, max-age=2450276
last-modified
Thu, 23 Jun 2022 08:00:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
45ce6e8c-5f20-4e02-96f8-af8ba7fdb768
etag
"0a81f46d786d81:0"
content-type
image/svg+xml
x-correlationid
45ce6e8c-5f20-4e02-96f8-af8ba7fdb768
accept-ranges
bytes
x-officeversion
16.0.15423.30550
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame CA4E 		379 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
x-content-type-options
nosniff
x-officecluster
weu-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_80
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
cache-control
private, max-age=2450329
last-modified
Thu, 23 Jun 2022 08:00:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
a2feb9ce-4aaf-4cf3-a607-cd867ccab697
etag
"0a81f46d786d81:0"
content-type
image/svg+xml
x-correlationid
a2feb9ce-4aaf-4cf3-a607-cd867ccab697
accept-ranges
bytes
x-officeversion
16.0.15423.30550
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame CA4E 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_38
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
cache-control
private, max-age=2512788
last-modified
Thu, 23 Jun 2022 08:00:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
956d8ba5-a14d-4930-8ca2-4fb1ce79a137
etag
"0a81f46d786d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
956d8ba5-a14d-4930-8ca2-4fb1ce79a137
accept-ranges
bytes
x-officeversion
16.0.15423.30550
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame CA4E 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
last-modified
Thu, 23 Jun 2022 08:00:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
21803287-be07-4611-9264-07cfa8f41406
etag
"0a81f46d786d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
21803287-be07-4611-9264-07cfa8f41406
accept-ranges
bytes
x-officeversion
16.0.15423.30550
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame CA4E 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
60f37ce966440ca57e233756476cff9ed52a8177bbdf77b5cee321d12a0d6d94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
neu-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_78
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12279
cache-control
private, max-age=2676947
last-modified
Wed, 29 Jun 2022 13:41:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
c9e7dcc3-a462-4568-b977-12fd597a4ba3
etag
"0588fe0bd8bd81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
c9e7dcc3-a462-4568-b977-12fd597a4ba3
accept-ranges
bytes
x-officeversion
16.0.15429.30552
jsonstrings
odc.officeapps.live.com/odc/ Frame CA4E 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1031&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.111.54.6 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
31d12c4351a09218a24f22d7b22e12c1b8e529e229fbef02ceff4167c67a9734
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
x-content-type-options
nosniff
x-correlationid
0ad0f560-e519-437d-85e3-05b54f154fac
x-officecluster
frc-000.odc.officeapps.live.com
x-usersessionid
0ad0f560-e519-437d-85e3-05b54f154fac
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_12
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
server
Microsoft-IIS/10.0
content-type
text/javascript; charset=utf-8
content-length
3549
x-officeversion
16.0.15429.30552
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame CA4E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=15429.30552
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.111.54.6 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_12
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4909
cache-control
private, max-age=2678400
last-modified
Wed, 29 Jun 2022 13:41:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
7282c4b0-b0b5-4c7c-835a-2725dfda22da
etag
"0588fe0bd8bd81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
7282c4b0-b0b5-4c7c-835a-2725dfda22da
accept-ranges
bytes
x-officeversion
16.0.15429.30552
Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame CA4E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=15429.30552
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.111.54.6 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=15429.30552
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:07:14 GMT
x-content-type-options
nosniff
x-officecluster
frc-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_12
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2267
cache-control
private, max-age=2678400
last-modified
Wed, 29 Jun 2022 13:41:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
ece9b4d4-3567-40fe-808a-c7642815ca40
etag
"0588fe0bd8bd81:0"
content-type
image/svg+xml
x-correlationid
ece9b4d4-3567-40fe-808a-c7642815ca40
accept-ranges
bytes
x-officeversion
16.0.15429.30552

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| hrdv2Model object| CommonSettings boolean| pageReady string| pageID function| getCookie function| tryParseInt function| onContentError function| onContentLoad object| errorsDuringLoad object| HRDv2Client

2 Cookies

Domain/Path Name / Value
.sway.office.com/ Name: AuthSess
Value: 432071c3-2132-444f-bdec-f10d0687b289
.office.com/ Name: AADNonce
Value: ec9303dc-4807-49ae-8e63-4aac86e1b1eb.637923064338810540

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN