eus-www.sway.com Open in urlscan Pro
52.109.13.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eus-www.sway.com/signin
Effective URL:
https://eus-www.sway.com/signin
Submission: On October 06 via manual (October 6th 2023, 11:27:16 am UTC) from HK — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 52.109.13.39, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is eus-www.sway.com. The Cisco Umbrella rank of the primary domain is 413335.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 06 on September 1st 2023. Valid for: 10 months.

This is the only time eus-www.sway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.109.13.39 52.109.13.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	52.109.88.193 52.109.88.193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2

2 52.109.13.39 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eus-www.sway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.109.88.193 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

odc.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	live.com odc.officeapps.live.com — Cisco Umbrella Rank: 267	95 KB
2	sway.com eus-www.sway.com — Cisco Umbrella Rank: 413335	4 KB
13	2

	Domain	Requested by
11	odc.officeapps.live.com	eus-www.sway.com odc.officeapps.live.com
2	eus-www.sway.com	eus-www.sway.com
13	2

This site contains no links.

Subject Issuer	Validity	Valid
sway.office.com Microsoft Azure TLS Issuing CA 06	`2023-09-01` - `2024-06-27`	10 months	crt.sh
odc.officeapps.live.com Microsoft Azure TLS Issuing CA 02	`2023-08-07` - `2024-06-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://eus-www.sway.com/signin
Frame ID: B983FEAEC8CB48CB99F668AFCACA7B1A
Requests: 2 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
Frame ID: C51C9F19A362C4E5E904E09FC1EC0E74
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

http://eus-www.sway.com/signin HTTP 307
https://eus-www.sway.com/signin Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

100 kB
Transfer

260 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eus-www.sway.com/signin HTTP 307
https://eus-www.sway.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
eus-www.sway.com/
Redirect Chain

http://eus-www.sway.com/signin
https://eus-www.sway.com/signin

7 KB
4 KB

403ms
155ms

Document
text/html

52.109.13.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.13.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

522e3c2cf8714ce991cddfad01e5b9de535046a21b29923a857b5e1cfac20937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

anonuserid: eabca2b8-9f9a-4665-bab8-cd1e40f123cb
cache-control: private
content-encoding: gzip
content-length: 2935
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 11:27:10 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlationid: 26c5c66d-987e-444a-afbc-31650da2e817
x-frame-options: SAMEORIGIN
x-officecluster: eus-002.www.sway.com
x-officefe: SwayFrontEnd_IN_16
x-officeversion: 16.0.16927.40101
x-powered-by: ARR/3.0
x-requestid: 59091c0b-8687-496f-8b14-5f6db43d2fef
x-trackingid: 371290dc-b0d6-4f95-bcfd-f3f854613bcd
x-usersessionid: 26c5c66d-987e-444a-afbc-31650da2e817

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://eus-www.sway.com/signin
Non-Authoritative-Reason: HSTS

GET
H2 200 HRDv2Client.js Show response
eus-www.sway.com/161692740101_Content/ 2 KB
892 B 112ms
111ms Script
application/javascript 52.109.13.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway.com/161692740101_Content/HRDv2Client.js

Requested by

Host: eus-www.sway.com
URL: https://eus-www.sway.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.13.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

feeb7d6e92ff03f3a0461b892084fc7a230abd136b40c9c4c2c8da16dac6b622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eus-www.sway.com/signin
Origin: https://eus-www.sway.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 11:27:10 GMT
last-modified: Wed, 27 Sep 2023 06:33:48 GMT
etag: "06e4492cf1d91:0"
x-powered-by: ARR/3.0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: *
content-length: 778

GET
H2 200 hrd Show response
odc.officeapps.live.com/odc/v2.0/ Frame C51C 8 KB
9 KB 224ms
18ms Document
text/html 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Requested by

Host: eus-www.sway.com
URL: https://eus-www.sway.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

889255183034a0456139481448991ed0c736824573dd30e841a307d4bf0c91b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eus-www.sway.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 8672
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 11:27:10 GMT
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-content-type-options: nosniff
x-correlationid: f6ec7cae-8b1e-4916-9913-d52785f3f0f5
x-officecluster: weu-000.odc.officeapps.live.com
x-officefe: OdcFE_IN_0
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-ua-compatible: IE=11
x-usersessionid: f6ec7cae-8b1e-4916-9913-d52785f3f0f5

GET
H2 200 hrd.css
odc.officeapps.live.com/odc/stat/ Frame C51C 22 KB
5 KB 17ms
17ms Stylesheet
text/css 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/stat/hrd.css?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

351b0f5a8e9b2218b9e4630971f2933e6b4445c60e50b6e778767b6bd7f4617c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 5021
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: 0d013eac-532b-42ea-9fef-a9924eb709cb
x-correlationid: 0d013eac-532b-42ea-9fef-a9924eb709cb
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 microsoft_logo.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame C51C 4 KB
2 KB 18ms
17ms Image
image/svg+xml 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 1464
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: b72207c7-f286-483e-9b5c-bb93d03701b2
x-correlationid: b72207c7-f286-483e-9b5c-bb93d03701b2
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 picker-account-aad.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame C51C 756 B
860 B 47ms
45ms Image
image/svg+xml 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 756
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: 0d50133e-a056-451b-92d5-bb737e6fb288
x-correlationid: 0d50133e-a056-451b-92d5-bb737e6fb288
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
content-type: image/svg+xml
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 picker-account-msa.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame C51C 379 B
485 B 47ms
45ms Image
image/svg+xml 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 379
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: 44c0b7de-3faf-43d6-9d05-d87b62471d9d
x-correlationid: 44c0b7de-3faf-43d6-9d05-d87b62471d9d
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
content-type: image/svg+xml
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 jquery-1.12.4.1.min.js Show response
odc.officeapps.live.com/odc/stat/ Frame C51C 95 KB
33 KB 18ms
16ms Script
application/javascript 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 33842
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: c6b66d0c-0eab-4cca-a008-9966a169b002
x-correlationid: c6b66d0c-0eab-4cca-a008-9966a169b002
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 knockout-3.4.2.js Show response
odc.officeapps.live.com/odc/stat/ Frame C51C 59 KB
22 KB 35ms
32ms Script
application/javascript 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 22381
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: 315d45c7-8531-490f-b6d5-66daf2421ccd
x-correlationid: 315d45c7-8531-490f-b6d5-66daf2421ccd
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 CommonDiagnostics.js Show response
odc.officeapps.live.com/odc/stat/ Frame C51C 40 KB
12 KB 33ms
31ms Script
application/javascript 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 12330
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: a65f2b01-b5b7-499c-8930-6b9f03152da8
x-correlationid: a65f2b01-b5b7-499c-8930-6b9f03152da8
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 jsonstrings Show response
odc.officeapps.live.com/odc/ Frame C51C 4 KB
4 KB 48ms
46ms Script
text/javascript 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1031&hm=0

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4b2db10188656083e6c6863dbc60f5a1691c62fca6e02eff629b91b54bc8d795

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
x-content-type-options: nosniff
x-correlationid: 03983b99-5943-4d99-a79a-82b84b5a7474
server: Microsoft-IIS/10.0
x-usersessionid: 03983b99-5943-4d99-a79a-82b84b5a7474
x-officecluster: weu-000.odc.officeapps.live.com
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
content-type: text/javascript; charset=utf-8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control: public, max-age=3600
content-length: 3625

GET
H2 200 hrd.min.js Show response
odc.officeapps.live.com/odc/stat/ Frame C51C 15 KB
5 KB 46ms
44ms Script
application/javascript 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=16919.30551

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/v2.0/hrd?rs=de-DE&Ver=16&app=23&a=0&p=6&hm=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 4909
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: 2cdd1d30-d769-47a5-b3c6-158941224a7e
x-correlationid: 2cdd1d30-d769-47a5-b3c6-158941224a7e
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=2678400
accept-ranges: bytes

GET
H2 200 Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame C51C 2 KB
2 KB 28ms
26ms Image
image/svg+xml 52.109.88.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg

Requested by

Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=16919.30551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://odc.officeapps.live.com/odc/stat/hrd.css?b=16919.30551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:27:10 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16919.30551
x-powered-by: ASP.NET
x-officefe: OdcFE_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 2267
last-modified: Tue, 19 Sep 2023 12:26:46 GMT
server: Microsoft-IIS/10.0
x-usersessionid: f0847272-3b4c-41ed-a791-6079a9b28f07
x-correlationid: f0847272-3b4c-41ed-a791-6079a9b28f07
x-officecluster: weu-000.odc.officeapps.live.com
etag: "0c788ef4ead91:0"
content-type: image/svg+xml
cache-control: private, max-age=2678400
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.eus-www.sway.com/	1969-12-31 23:59:59	Name: AuthSess Value: 609b878b-a7a2-400a-a9e4-f6a2429d3ccf
			.sway.com/	1969-12-31 23:59:59	Name: AADNonce Value: efb0b54c-1302-48d8-8666-eb08108d60d4.638321884307122214

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eus-www.sway.com
odc.officeapps.live.com
52.109.13.39
52.109.88.193
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
351b0f5a8e9b2218b9e4630971f2933e6b4445c60e50b6e778767b6bd7f4617c
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
4b2db10188656083e6c6863dbc60f5a1691c62fca6e02eff629b91b54bc8d795
522e3c2cf8714ce991cddfad01e5b9de535046a21b29923a857b5e1cfac20937
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
889255183034a0456139481448991ed0c736824573dd30e841a307d4bf0c91b5
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
feeb7d6e92ff03f3a0461b892084fc7a230abd136b40c9c4c2c8da16dac6b622

eus-www.sway.com Open in urlscan Pro 52.109.13.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

100 kBTransfer

260 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

eus-www.sway.com Open in urlscan Pro
52.109.13.39 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

100 kB
Transfer

260 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions