urlscan.io logo urlscan.io
SecurityTrails logo

to-do.microsoft.com Open in urlscan Pro
52.233.164.195  Public Scan

Go To Rescan Add Verdict Report
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Submission: On June 15 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 52.233.164.195, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is to-do.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 5 on February 12th 2018. Valid for: 2 years.
This is the only time to-do.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.233.164.195 8075 (MICROSOFT...)
3 184.25.216.61 20940 (AKAMAI-ASN1)
4 152.199.19.160 15133 (EDGECAST)
2 152.199.19.161 15133 (EDGECAST)
2 111.221.29.254 8075 (MICROSOFT...)
1 52.114.32.5 8075 (MICROSOFT...)
13 6
1    52.233.164.195 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
to-do.microsoft.com
3    184.25.216.61 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-25-216-61.deploy.static.akamaitechnologies.com
uhf.microsoft.com
4    152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
todo-web-endpoint.azureedge.net
az725175.vo.msecnd.net
2    152.199.19.161 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
norbert-staging.azureedge.net
2    111.221.29.254 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com
1    52.114.32.5 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com
Domain Requested by
3 todo-web-endpoint.azureedge.net to-do.microsoft.com
3 uhf.microsoft.com to-do.microsoft.com
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
2 norbert-staging.azureedge.net to-do.microsoft.com
1 browser.pipe.aria.microsoft.com todo-web-endpoint.azureedge.net
1 az725175.vo.msecnd.net to-do.microsoft.com
1 to-do.microsoft.com
13 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
*.to-do.microsoft.com
Microsoft IT TLS CA 5		 2018-02-12 -
2020-02-12		 2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5		 2018-01-25 -
2020-01-25		 2 years crt.sh
*.vortex.data.microsoft.com
Microsoft IT TLS CA 5		 2018-01-30 -
2020-01-30		 2 years crt.sh
*.pipe.aria.microsoft.com
Microsoft IT TLS CA 1		 2017-09-06 -
2019-09-06		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Frame ID: 1EC80DEC84CD9BC3D6752CF7314764AE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

13
Requests

54 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

6
IPs

3
Countries

264 kB
Transfer

536 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sharing
to-do.microsoft.com/ 		31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1ab4a664f65d53b29486cacf29fb92badc48e642170bad4130cd06497eebaeb7
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com norbert-staging.azureedge.net todo-web-endpoint.azureedge.net 'sha256-XVDlD2htjFgdS2/6wNpu/tKiPJnzsvWlRxqbWSVTovM='; img-src 'self' data: blob: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com mem.gfx.ms assets.onestore.ms c.s-microsoft.com img-prod-cms-rt-microsoft-com.akamaized.net az725175.vo.msecnd.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; font-src 'self' data: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com mem.gfx.ms assets.onestore.ms c.s-microsoft.com img-prod-cms-rt-microsoft-com.akamaized.net az725175.vo.msecnd.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; style-src 'self' 'unsafe-inline' data: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com statics-uhf-eus.akamaized.net statics-uhf-wus.akamaized.net statics-uhf-neu.akamaized.net statics-uhf-eas.akamaized.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; worker-src 'self' blob: *.office.com *.office.net *.office365.com static2.sharepointonline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com statics-uhf-eus.akamaized.net statics-uhf-wus.akamaized.net statics-uhf-neu.akamaized.net statics-uhf-eas.akamaized.net mem.gfx.ms ajax.aspnetcdn.com norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; frame-src 'self' *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com *.microsoftonline.com *.microsoft.io *.windows.net *.office.com:1443 microsoft-my.sharepoint.com microsoft.sharepoint.com; report-uri /report-collector
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; report=/report-collector

Request headers

Host
to-do.microsoft.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
1EC80DEC84CD9BC3D6752CF7314764AE

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-XSS-Protection
1; report=/report-collector
Referrer-Policy
no-referrer
Expect-CT
max-age=0; report-uri=/report-collector
Content-Security-Policy
default-src 'self' blob: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com norbert-staging.azureedge.net todo-web-endpoint.azureedge.net 'sha256-XVDlD2htjFgdS2/6wNpu/tKiPJnzsvWlRxqbWSVTovM='; img-src 'self' data: blob: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com mem.gfx.ms assets.onestore.ms c.s-microsoft.com img-prod-cms-rt-microsoft-com.akamaized.net az725175.vo.msecnd.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; font-src 'self' data: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com mem.gfx.ms assets.onestore.ms c.s-microsoft.com img-prod-cms-rt-microsoft-com.akamaized.net az725175.vo.msecnd.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; style-src 'self' 'unsafe-inline' data: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com statics-uhf-eus.akamaized.net statics-uhf-wus.akamaized.net statics-uhf-neu.akamaized.net statics-uhf-eas.akamaized.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; worker-src 'self' blob: *.office.com *.office.net *.office365.com static2.sharepointonline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com statics-uhf-eus.akamaized.net statics-uhf-wus.akamaized.net statics-uhf-neu.akamaized.net statics-uhf-eas.akamaized.net mem.gfx.ms ajax.aspnetcdn.com norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; frame-src 'self' *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com *.microsoftonline.com *.microsoft.io *.windows.net *.office.com:1443 microsoft-my.sharepoint.com microsoft.sharepoint.com; report-uri /report-collector
X-Powered-By
ASP.NET
Set-Cookie
ARRAffinity=c9670bdcb08c49bc5e31693af629cef7582925b43003f4d9275dec009d249e50;Path=/;HttpOnly;Domain=to-do.microsoft.com
Date
Fri, 15 Jun 2018 14:37:41 GMT
mscc-0.4.0.min.css
uhf.microsoft.com/mscc/statics/ 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.0.min.css
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.216.61 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-25-216-61.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
00b52467aae2193efa641e788a4f9a31f95ed2138deedaba02f07c43f9351539

Request headers

:path
/mscc/statics/mscc-0.4.0.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
uhf.microsoft.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:41 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2018 00:50:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
bxIh0x3u5IreAsNzQj/uyQ==
status
200
etag
0x8D5638DB336969E
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a3f1119f-001e-0045-1192-95ce09000000
x-ms-version
2009-09-19
content-length
585
polyfills.js
todo-web-endpoint.azureedge.net/webapp/dc738aa1530df3a9fcfaca306bdb8458a59400ff30becb5c5fdecef85085b43b/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todo-web-endpoint.azureedge.net/webapp/dc738aa1530df3a9fcfaca306bdb8458a59400ff30becb5c5fdecef85085b43b/polyfills.js
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
SPDY
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F2E) /
Resource Hash
dc738aa1530df3a9fcfaca306bdb8458a59400ff30becb5c5fdecef85085b43b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:41 GMT
content-encoding
gzip
content-md5
dShcKE3idjBrm+3QoeqaQg==
x-cache
HIT
status
200
content-length
26083
x-ms-lease-status
unlocked
last-modified
Fri, 25 May 2018 17:47:21 GMT
server
ECAcc (frc/8F2E)
etag
0x8D5C267916666A1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d05abf22-701e-0054-3459-f44ba7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
telemetry.js
todo-web-endpoint.azureedge.net/webapp/8ca1fa982ba0a6f4f8007cbd995474f3905deb74300d49ed96019a4ef93d047b/ 		205 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todo-web-endpoint.azureedge.net/webapp/8ca1fa982ba0a6f4f8007cbd995474f3905deb74300d49ed96019a4ef93d047b/telemetry.js
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
SPDY
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FD2) /
Resource Hash
8ca1fa982ba0a6f4f8007cbd995474f3905deb74300d49ed96019a4ef93d047b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:41 GMT
content-encoding
gzip
content-md5
pnatmrsXr29gIL/PJvz6MA==
x-cache
HIT
status
200
content-length
39830
x-ms-lease-status
unlocked
last-modified
Fri, 25 May 2018 17:47:07 GMT
server
ECAcc (frc/8FD2)
etag
0x8D5C26788E9D31F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dbf2b75d-601e-0004-0e59-f454af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
appredirect.js
todo-web-endpoint.azureedge.net/webapp/2f5ee19283ee167e3e5304b6d88a705d60d9989f566a691fa3d7b320e3f8f1ee/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todo-web-endpoint.azureedge.net/webapp/2f5ee19283ee167e3e5304b6d88a705d60d9989f566a691fa3d7b320e3f8f1ee/appredirect.js
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
SPDY
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8EA6) /
Resource Hash
2f5ee19283ee167e3e5304b6d88a705d60d9989f566a691fa3d7b320e3f8f1ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:41 GMT
content-encoding
gzip
content-md5
Mjp9cH99And3yUJrN0L2pg==
x-cache
HIT
status
200
content-length
2187
x-ms-lease-status
unlocked
last-modified
Thu, 31 May 2018 16:50:55 GMT
server
ECAcc (frc/8EA6)
etag
0x8D5C716AD9E17F9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d6f670a-b01e-00c1-432c-f92a94000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
SPDY
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F78) /
Resource Hash
d0378cae08b13606e0398c8875b1d778b748bdf279e8f8bfba0ef58acb0d8475

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:41 GMT
content-encoding
gzip
content-md5
R79x+5TI5AcZ7bvrUlWAvA==
x-cache
HIT
status
200
content-length
17645
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2018 19:12:22 GMT
server
ECAcc (frc/8F78)
etag
0x8D57E1607A22014
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
63bc456a-001e-0048-1bb3-04fdb6000000
cache-control
public, max-age=1800
x-ms-version
2009-09-19
mscc-0.4.0.min.js
uhf.microsoft.com/mscc/statics/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.0.min.js
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.216.61 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-25-216-61.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
662aa553a97adc55c999df1d21afcc6799f1f316baf979b352ae48cc10c5375d

Request headers

:path
/mscc/statics/mscc-0.4.0.min.js
pragma
no-cache
origin
https://to-do.microsoft.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
uhf.microsoft.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:41 GMT
last-modified
Thu, 25 Jan 2018 00:50:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Klfdg+d23gHY/xWQYEuHLw==
etag
0x8D5638DABAAABF6
status
200
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
83c4e015-201e-00cd-0d92-9576d0000000
x-ms-version
2009-09-19
content-length
3487
segoe-semi-bold.woff
norbert-staging.azureedge.net/static-assets/b510212c9e68bb1095c0769b233c8de9c692ec1f/fonts/ 		86 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://norbert-staging.azureedge.net/static-assets/b510212c9e68bb1095c0769b233c8de9c692ec1f/fonts/segoe-semi-bold.woff
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
SPDY
Server
152.199.19.161 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8E8C) /
Resource Hash
0cd271e25ee4fbfd154687c6813f4e9e76866f9a55f0381745d433be4f4fbe4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:42 GMT
content-encoding
gzip
content-md5
+r7X6tsDyWRo3JNxet5d8Q==
x-cache
HIT
status
200
content-length
86957
x-ms-lease-status
unlocked
last-modified
Tue, 18 Jul 2017 13:27:16 GMT
server
ECAcc (frc/8E8C)
etag
0x8D4CDE0B54A06EE
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
88d838cc-801e-00ff-4471-021be7000000
x-ms-version
2009-09-19
accept-ranges
bytes
segoe-regular.woff
norbert-staging.azureedge.net/static-assets/71013b5809c88efde15f7f7c02e5d45ec5c78818/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://norbert-staging.azureedge.net/static-assets/71013b5809c88efde15f7f7c02e5d45ec5c78818/fonts/segoe-regular.woff
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
SPDY
Server
152.199.19.161 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F0B) /
Resource Hash
f125bede9adba98877d5898242fbf16eec919446b6f566b9cddd9cfdd0c96c5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Jun 2018 14:37:42 GMT
content-encoding
gzip
content-md5
YNR1995B7IoCuzu+NZOY9g==
x-cache
HIT
status
200
content-length
76007
x-ms-lease-status
unlocked
last-modified
Tue, 18 Jul 2017 13:27:16 GMT
server
ECAcc (frc/8F0B)
etag
0x8D4CDE0B54B66D1
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
911e388a-d01e-00a8-2876-02f26a000000
x-ms-version
2009-09-19
accept-ranges
bytes
Cookie set t.js
web.vortex.data.microsoft.com/collect/v1/ 		260 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272018-06-15T14%3A37%3A41.996Z%27&os=%27Unix%27&appId=%27JS%3AMSToDo%27&-ver=%271.0%27&-impressionGuid=%27b2d3ed56-ea65-4192-a290-1ef797d0d88d%27&-pageName=%27Home%27&-uri=%27https%3A%2F%2Fto-do.microsoft.com%2Fsharing%3FInvitationToken%3D1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Welcome%20to%20Microsoft%20To-Do%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.6%27&ext-javascript-domain=%27to-do.microsoft.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.221.29.254 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
c02c172be6f71f0d0f1047d199e5cae78750e303f7d9158d1ca588e5c0d4c8d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
web.vortex.data.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jun 2018 14:37:42 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
Set-Cookie
MC1=GUID=b5167e9f7528415a8a9a5caa857bce3e&HASH=b516&LV=201806&V=4&LU=1529073462751; Domain=.microsoft.com; Expires=Sat, 15 Jun 2019 14:37:42 GMT; Path=/ MS0=ea8d264aa23c4266a88d4431e1af3430; Domain=.microsoft.com; Expires=Fri, 15 Jun 2018 15:07:42 GMT; Path=/
MS-CV
/ZadqGdBykew+gcNrZ8pFQ.0
Content-Type
application/javascript
Content-Length
260
Expires
0
_log
uhf.microsoft.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhf.microsoft.com/_log?o=mscc&s=uhf-unknown&m=show&nv=aspnet-2.0.7&sv=0.1.2
Requested by
Host: to-do.microsoft.com
URL: https://to-do.microsoft.com/sharing?InvitationToken=1JMZNzZn9rUBtHrYlXWqfwW7lm-wF0t17N0oPUaAwlvu_Z_NyO0hh8VCXby0XD3mY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.216.61 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-25-216-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/_log?o=mscc&s=uhf-unknown&m=show&nv=aspnet-2.0.7&sv=0.1.2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
uhf.microsoft.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jun 2018 14:37:42 GMT
status
204
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Fri, 15 Jun 2018 14:37:42 GMT
v1
web.vortex.data.microsoft.com/collect/ 		57 B
666 B 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Db5167e9f7528415a8a9a5caa857bce3e%26HASH%3Db516%26LV%3D201806%26V%3D4%26LU%3D1529073462751%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.221.29.254 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
8d316e9191d40a4b9cc775c0adce0a999873c1935781d1312a5b12ee717c53d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Origin
https://to-do.microsoft.com
Accept-Encoding
gzip, deflate
Host
web.vortex.data.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
max-age=0
Cookie
MC1=GUID=b5167e9f7528415a8a9a5caa857bce3e&HASH=b516&LV=201806&V=4&LU=1529073462751; MS0=ea8d264aa23c4266a88d4431e1af3430
Connection
keep-alive
Content-Length
1620
Cache-Control
max-age=0
Origin
https://to-do.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 15 Jun 2018 14:37:42 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://to-do.microsoft.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
MS-CV
AsrtDsqeMUqH2KsadnIocQ.0
Content-Type
application/json
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Content-Length
57
Expires
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.5.0&x-apikey=54f951f237d74888af490174a7b46a0b-5917ecd9-3136-476d-87d2-6322e56f152e-6947&client-time-epoch-millis=1529073463973&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: todo-web-endpoint.azureedge.net
URL: https://todo-web-endpoint.azureedge.net/webapp/8ca1fa982ba0a6f4f8007cbd995474f3905deb74300d49ed96019a4ef93d047b/telemetry.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.32.5 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://to-do.microsoft.com
Accept-Encoding
gzip, deflate
Host
browser.pipe.aria.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
2810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://to-do.microsoft.com

Response headers

Date
Fri, 15 Jun 2018 14:37:44 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
886
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __initialState object| core object| __core-js_shared__ object| todoTelemetry object| awa string| behaviorKey object| config object| mscc

4 Cookies

Domain/Path Name / Value
to-do.microsoft.com/ Name: MSFPC
Value: GUID=b5167e9f7528415a8a9a5caa857bce3e&HASH=b516&LV=201806&V=4&LU=1529073462751
.microsoft.com/ Name: MS0
Value: ea8d264aa23c4266a88d4431e1af3430
.microsoft.com/ Name: MC1
Value: GUID=b5167e9f7528415a8a9a5caa857bce3e&HASH=b516&LV=201806&V=4&LU=1529073462751
.to-do.microsoft.com/ Name: ARRAffinity
Value: c9670bdcb08c49bc5e31693af629cef7582925b43003f4d9275dec009d249e50

2 Console Messages

Source Level URL
Text
console-api log URL: https://todo-web-endpoint.azureedge.net/webapp/2f5ee19283ee167e3e5304b6d88a705d60d9989f566a691fa3d7b320e3f8f1ee/appredirect.js(Line 5)
Message:
AuthState is not available in Storage 'todo-auth-context'
console-api log URL: https://todo-web-endpoint.azureedge.net/webapp/8ca1fa982ba0a6f4f8007cbd995474f3905deb74300d49ed96019a4ef93d047b/telemetry.js(Line 2998)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com norbert-staging.azureedge.net todo-web-endpoint.azureedge.net 'sha256-XVDlD2htjFgdS2/6wNpu/tKiPJnzsvWlRxqbWSVTovM='; img-src 'self' data: blob: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com mem.gfx.ms assets.onestore.ms c.s-microsoft.com img-prod-cms-rt-microsoft-com.akamaized.net az725175.vo.msecnd.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; font-src 'self' data: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com mem.gfx.ms assets.onestore.ms c.s-microsoft.com img-prod-cms-rt-microsoft-com.akamaized.net az725175.vo.msecnd.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; style-src 'self' 'unsafe-inline' data: *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com statics-uhf-eus.akamaized.net statics-uhf-wus.akamaized.net statics-uhf-neu.akamaized.net statics-uhf-eas.akamaized.net norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; worker-src 'self' blob: *.office.com *.office.net *.office365.com static2.sharepointonline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com statics-uhf-eus.akamaized.net statics-uhf-wus.akamaized.net statics-uhf-neu.akamaized.net statics-uhf-eas.akamaized.net mem.gfx.ms ajax.aspnetcdn.com norbert-staging.azureedge.net todo-web-endpoint.azureedge.net; frame-src 'self' *.microsoft.com *.msecnd.net *.msedge.net *.live.com graph.windows.net *.office.com *.office.net *.office365.com static2.sharepointonline.com *.microsoftonline.com *.microsoft.io *.windows.net *.office.com:1443 microsoft-my.sharepoint.com microsoft.sharepoint.com; report-uri /report-collector
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; report=/report-collector