52.109.32.22 Open in urlscan Pro
52.109.32.22  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request hrd Show response 52.109.32.22/odc/v2.1/	10 KB 10 KB	67ms 53ms	Document text/html	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 281eb94da8666415294901a41640c1ea5cfa95b14d232d17f06ac789f9e134c1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Host 52.109.32.22 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control public, max-age=1200 Content-Type text/html; charset=utf-8 Expires Tue, 16 Jun 2020 03:30:57 GMT Last-Modified Tue, 16 Jun 2020 03:10:57 GMT Vary * Server Microsoft-IIS/10.0 X-CorrelationId a5551236-9e28-4bff-be7b-762f4cd17632 X-UserSessionId a5551236-9e28-4bff-be7b-762f4cd17632 X-OfficeFE OdcFrontEnd_IN_143 X-OfficeVersion 16.0.13008.30550 X-OfficeCluster ukw-odc.officeapps.live.com P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" X-AspNetMvc-Version 5.2 X-AspNet-Version 4.0.30319 X-UA-Compatible IE=10 X-Powered-By ASP.NET X-Content-Type-Options nosniff Date Tue, 16 Jun 2020 03:10:57 GMT Content-Length 9868
GET H/1.1	200 OK	hrd.css 52.109.32.22/odc/stat/	21 KB 6 KB	36ms 33ms	Stylesheet text/css	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://52.109.32.22/odc/stat/hrd.css?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 0d91c5189563c3004f404e4778a1f1476cf6e189b6ae0d080dc7ae8f4fa931bf Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 16 Jun 2020 03:10:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-OfficeCluster ukw-odc.officeapps.live.com X-Powered-By ASP.NET X-OfficeFE OdcFrontEnd_IN_143 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Content-Length 4949 Cache-Control private, max-age=2592000 Last-Modified Mon, 08 Jun 2020 08:30:38 GMT Server Microsoft-IIS/10.0 X-UserSessionId 183d3ab5-ba83-4edf-a115-d694217d3eea ETag "0b5f166f3dd61:0" Vary Accept-Encoding Content-Type text/css X-CorrelationId 183d3ab5-ba83-4edf-a115-d694217d3eea Accept-Ranges bytes X-OfficeVersion 16.0.13008.30550
GET H2	200	microsoft_logo.svg odc.officeapps.live.com/odc/stat/images/hrd/	4 KB 2 KB	140ms 50ms	Image image/svg+xml	52.109.88.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Jun 2020 03:10:57 GMT content-encoding gzip x-content-type-options nosniff x-officecluster weu-odc.officeapps.live.com x-powered-by ASP.NET x-officefe OdcFrontEnd_IN_220 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" status 200 content-length 1464 cache-control private, max-age=2592000 last-modified Mon, 08 Jun 2020 08:30:38 GMT server Microsoft-IIS/10.0 x-usersessionid 0244af49-b731-49f4-8c21-cfd30e41b94d etag "0b5f166f3dd61:0" vary Accept-Encoding content-type image/svg+xml x-correlationid 0244af49-b731-49f4-8c21-cfd30e41b94d accept-ranges bytes x-officeversion 16.0.13008.30550
GET H2	200	picker-account-aad.svg odc.officeapps.live.com/odc/stat/images/hrd/	756 B 862 B	139ms 51ms	Image image/svg+xml	52.109.88.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Jun 2020 03:10:57 GMT x-content-type-options nosniff x-officecluster weu-odc.officeapps.live.com x-powered-by ASP.NET x-officefe OdcFrontEnd_IN_220 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" status 200 content-length 756 cache-control private, max-age=2592000 last-modified Mon, 08 Jun 2020 08:30:38 GMT server Microsoft-IIS/10.0 x-usersessionid 7db8ae41-73b6-41d8-96b7-7bb47405ca97 etag "0b5f166f3dd61:0" content-type image/svg+xml x-correlationid 7db8ae41-73b6-41d8-96b7-7bb47405ca97 accept-ranges bytes x-officeversion 16.0.13008.30550
GET H2	200	picker-account-msa.svg odc.officeapps.live.com/odc/stat/images/hrd/	379 B 483 B	139ms 51ms	Image image/svg+xml	52.109.88.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Jun 2020 03:10:57 GMT x-content-type-options nosniff x-officecluster weu-odc.officeapps.live.com x-powered-by ASP.NET x-officefe OdcFrontEnd_IN_220 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" status 200 content-length 379 cache-control private, max-age=2592000 last-modified Mon, 08 Jun 2020 08:30:38 GMT server Microsoft-IIS/10.0 x-usersessionid a6907d5f-c27b-44a6-8331-cd6c8ecfb21b etag "0b5f166f3dd61:0" content-type image/svg+xml x-correlationid a6907d5f-c27b-44a6-8331-cd6c8ecfb21b accept-ranges bytes x-officeversion 16.0.13008.30550
GET H2	200	jquery-1.12.4.1.min.js Show response odc.officeapps.live.com/odc/stat/	95 KB 34 KB	115ms 26ms	Script application/javascript	52.109.88.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f41e0e65ad668f9a9b08f3ed67dc2637b0f81128c1314cca25256949eecf2a00 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Jun 2020 03:10:57 GMT content-encoding gzip x-content-type-options nosniff x-officecluster weu-odc.officeapps.live.com x-powered-by ASP.NET x-officefe OdcFrontEnd_IN_220 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" status 200 content-length 33836 cache-control private, max-age=2592000 last-modified Mon, 08 Jun 2020 08:30:38 GMT server Microsoft-IIS/10.0 x-usersessionid 60cccd2a-8cda-4bd3-abfe-378c5f049e89 etag "0b5f166f3dd61:0" vary Accept-Encoding content-type application/javascript x-correlationid 60cccd2a-8cda-4bd3-abfe-378c5f049e89 accept-ranges bytes x-officeversion 16.0.13008.30550
GET H2	200	knockout-3.4.2.js Show response odc.officeapps.live.com/odc/stat/	59 KB 22 KB	138ms 49ms	Script application/javascript	52.109.88.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Jun 2020 03:10:57 GMT content-encoding gzip x-content-type-options nosniff x-officecluster weu-odc.officeapps.live.com x-powered-by ASP.NET x-officefe OdcFrontEnd_IN_220 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" status 200 content-length 22381 cache-control private, max-age=2592000 last-modified Mon, 08 Jun 2020 08:30:38 GMT server Microsoft-IIS/10.0 x-usersessionid 38a23d7a-b30a-4437-b415-e2869a807190 etag "0b5f166f3dd61:0" vary Accept-Encoding content-type application/javascript x-correlationid 38a23d7a-b30a-4437-b415-e2869a807190 accept-ranges bytes x-officeversion 16.0.13008.30550
GET H2	200	CommonDiagnostics.js Show response odc.officeapps.live.com/odc/stat/	30 KB 9 KB	132ms 43ms	Script application/javascript	52.109.88.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b933bcafec247dc96e6ff28010022c2884e90e9e411ec469f8b59e4ad53ab693 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Jun 2020 03:10:57 GMT content-encoding gzip x-content-type-options nosniff x-officecluster weu-odc.officeapps.live.com x-powered-by ASP.NET x-officefe OdcFrontEnd_IN_220 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" status 200 content-length 9505 cache-control private, max-age=2592000 last-modified Mon, 08 Jun 2020 08:30:38 GMT server Microsoft-IIS/10.0 x-usersessionid 04196f8e-7572-4b92-bdfd-adbfb3e5be87 etag "0b5f166f3dd61:0" vary Accept-Encoding content-type application/javascript x-correlationid 04196f8e-7572-4b92-bdfd-adbfb3e5be87 accept-ranges bytes x-officeversion 16.0.13008.30550
GET H/1.1	200 OK	jsonstrings Show response 52.109.32.22/odc/	3 KB 4 KB	80ms 65ms	Script text/javascript	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://52.109.32.22/odc/jsonstrings?g=EmailHrdv2&mkt=1043&hm=7 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2c351e19f72d135bfb1dc1002e053be6ef5402b28fbd5dc35cea135fc92659c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 16 Jun 2020 03:10:57 GMT X-Content-Type-Options nosniff X-CorrelationId f8812dcd-2ee4-4e49-a21f-63d73aed5935 X-OfficeCluster ukw-odc.officeapps.live.com X-UserSessionId f8812dcd-2ee4-4e49-a21f-63d73aed5935 X-Powered-By ASP.NET X-OfficeFE OdcFrontEnd_IN_163 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cache-Control public, max-age=3600 Server Microsoft-IIS/10.0 Content-Type text/javascript; charset=utf-8 Content-Length 3087 X-OfficeVersion 16.0.13008.30550
GET H/1.1	200 OK	hrd.min.js Show response 52.109.32.22/odc/stat/	15 KB 5 KB	73ms 58ms	Script application/javascript	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://52.109.32.22/odc/stat/hrd.min.js?b=13008.30550 Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 37aecf734d9be57dd7087b368c1dd15eaebfb074c8780da7b0c1d83099424028 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 16 Jun 2020 03:10:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-OfficeCluster ukw-odc.officeapps.live.com X-Powered-By ASP.NET X-OfficeFE OdcFrontEnd_IN_9 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Content-Length 4645 Cache-Control private, max-age=2592000 Last-Modified Mon, 08 Jun 2020 08:30:38 GMT Server Microsoft-IIS/10.0 X-UserSessionId 587527a9-8e37-4c86-979e-7635ccec0992 ETag "0b5f166f3dd61:0" Vary Accept-Encoding Content-Type application/javascript X-CorrelationId 587527a9-8e37-4c86-979e-7635ccec0992 Accept-Ranges bytes X-OfficeVersion 16.0.13008.30550
GET H/1.1	200 OK	Background-blurryGradient.svg 52.109.32.22/odc/stat/images/hrd/	2 KB 3 KB	35ms 34ms	Image image/svg+xml	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://52.109.32.22/odc/stat/images/hrd/Background-blurryGradient.svg Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/stat/hrd.css?b=13008.30550 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 16 Jun 2020 03:10:57 GMT X-Content-Type-Options nosniff X-OfficeCluster ukw-odc.officeapps.live.com X-Powered-By ASP.NET X-OfficeFE OdcFrontEnd_IN_143 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Content-Length 2267 Cache-Control private, max-age=2592000 Last-Modified Mon, 08 Jun 2020 08:30:38 GMT Server Microsoft-IIS/10.0 X-UserSessionId 56035e0a-3490-45d3-9a5f-a89b0fa88101 ETag "0b5f166f3dd61:0" Content-Type image/svg+xml X-CorrelationId 56035e0a-3490-45d3-9a5f-a89b0fa88101 Accept-Ranges bytes X-OfficeVersion 16.0.13008.30550
GET H/1.1	200 OK	Background-BlurryGradient_50-small.jpg 52.109.32.22/odc/stat/images/hrd/	756 B 1 KB	69ms 55ms	Image image/jpeg	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://52.109.32.22/odc/stat/images/hrd/Background-BlurryGradient_50-small.jpg Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 48ac28a35d4d6c7e9912fdce44f56176ee47ac38d6eb5829502f7c0f734c728f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/stat/hrd.css?b=13008.30550 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 16 Jun 2020 03:10:57 GMT X-Content-Type-Options nosniff X-OfficeCluster ukw-odc.officeapps.live.com X-Powered-By ASP.NET X-OfficeFE OdcFrontEnd_IN_176 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Content-Length 756 Cache-Control private, max-age=2592000 Last-Modified Mon, 08 Jun 2020 08:30:38 GMT Server Microsoft-IIS/10.0 X-UserSessionId ba8e3713-d2ef-4a74-894d-84f006381ec2 ETag "0b5f166f3dd61:0" Content-Type image/jpeg X-CorrelationId ba8e3713-d2ef-4a74-894d-84f006381ec2 Accept-Ranges bytes X-OfficeVersion 16.0.13008.30550
GET H/1.1	200 OK	Background-BlurryGradient_50.jpg 52.109.32.22/odc/stat/images/hrd/	17 KB 18 KB	68ms 54ms	Image image/jpeg	52.109.32.22 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://52.109.32.22/odc/stat/images/hrd/Background-BlurryGradient_50.jpg Requested by Host: 52.109.32.22 URL: http://52.109.32.22/odc/v2.1/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=1&ver=16&build=16.0.11929&p=0&a=1&hm=7&sp=0&fpenabled=1 Protocol HTTP/1.1 Server 52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://52.109.32.22/odc/stat/hrd.css?b=13008.30550 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 16 Jun 2020 03:10:56 GMT X-Content-Type-Options nosniff X-OfficeCluster ukw-odc.officeapps.live.com X-Powered-By ASP.NET X-OfficeFE OdcFrontEnd_IN_161 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Content-Length 17453 Cache-Control private, max-age=2592000 Last-Modified Mon, 08 Jun 2020 08:30:38 GMT Server Microsoft-IIS/10.0 X-UserSessionId 130c76fd-8240-4bed-addb-af3f62f5939e ETag "0b5f166f3dd61:0" Content-Type image/jpeg X-CorrelationId 130c76fd-8240-4bed-addb-af3f62f5939e Accept-Ranges bytes X-OfficeVersion 16.0.13008.30550

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ko function| Type function| $6 object| Sys object| Diag object| OOUI_EmailHrdv2 object| OOUI function| __extends object| HostInterface object| HrdMode function| HrdUlsHost function| Hrd object| EmailHrdPage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

odc.officeapps.live.com
52.109.32.22
52.109.88.5
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0d91c5189563c3004f404e4778a1f1476cf6e189b6ae0d080dc7ae8f4fa931bf
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
281eb94da8666415294901a41640c1ea5cfa95b14d232d17f06ac789f9e134c1
2c351e19f72d135bfb1dc1002e053be6ef5402b28fbd5dc35cea135fc92659c2
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
37aecf734d9be57dd7087b368c1dd15eaebfb074c8780da7b0c1d83099424028
48ac28a35d4d6c7e9912fdce44f56176ee47ac38d6eb5829502f7c0f734c728f
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
b933bcafec247dc96e6ff28010022c2884e90e9e411ec469f8b59e4ad53ab693
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
f41e0e65ad668f9a9b08f3ed67dc2637b0f81128c1314cca25256949eecf2a00