Submitted URL: http://52.109.13.38/
Effective URL: https://52.109.13.38/
Submission Tags: tweet @atomspam #phishing #microsoft #infosec #cybersecurity #atomspam Search All
Submission: On February 28 via api from FI — Scanned from FI

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 61 HTTP transactions. The main IP is 52.109.13.38, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 52.109.13.38.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 06 on February 2nd 2023. Valid for: a year.
This is the only time 52.109.13.38 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 44 52.109.13.38 8075 (MICROSOFT...)
3 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2.18.79.144 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
2 104.43.200.36 8075 (MICROSOFT...)
3 20.190.159.74 8075 (MICROSOFT...)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
2 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
3 2620:1ec:4a::27 8075 (MICROSOFT...)
61 12
Apex Domain
Subdomains
Transfer
5 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 225
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 8639
86 KB
3 msftauth.net
amcdn.msftauth.net — Cisco Umbrella Rank: 814
50 KB
3 akamaized.net
statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 12197
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1256
10 KB
2 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 5535
62 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 78
6 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1567
34 KB
1 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 1950
10 KB
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
2 KB
1 msecnd.net
az725175.vo.msecnd.net — Cisco Umbrella Rank: 9065
18 KB
61 9
Domain Requested by
3 amcdn.msftauth.net mem.gfx.ms
amcdn.msftauth.net
3 www.microsoft.com 52.109.13.38
www.microsoft.com
2 img-prod-cms-rt-microsoft-com.akamaized.net 52.109.13.38
2 c.s-microsoft.com www.microsoft.com
2 login.live.com 52.109.13.38
login.live.com
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
1 js.monitor.azure.com mem.gfx.ms
1 mem.gfx.ms 52.109.13.38
1 login.microsoftonline.com 52.109.13.38
1 az725175.vo.msecnd.net 52.109.13.38
1 statics-marketingsites-eus-ms-com.akamaized.net 52.109.13.38
61 11
Subject Issuer Validity Valid
sway.office.com
Microsoft Azure TLS Issuing CA 06
2023-02-02 -
2024-01-28
a year crt.sh
www.microsoft.com
Microsoft Azure TLS Issuing CA 06
2022-10-04 -
2023-09-29
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2022-07-11 -
2023-07-11
a year crt.sh
*.vortex.data.microsoft.com
Microsoft Azure TLS Issuing CA 05
2023-02-19 -
2024-02-14
a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2022-12-01 -
2023-12-01
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2022-12-30 -
2023-12-30
a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 05
2023-01-04 -
2023-12-30
a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 05
2022-12-23 -
2023-12-18
a year crt.sh

This page contains 4 frames:

Primary Page: https://52.109.13.38/
Frame ID: DB6D992EEAC3D99857A06E9C6184CE3A
Requests: 60 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?wreply=https://52.109.13.38/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true
Frame ID: 2E9FD60D4DA44B7456BB13C41F2C5180
Requests: 1 HTTP requests in this frame

Frame: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhome%252fsso%26hurl%3DuIs4Dqum7h9qCXHozAIuvY5TasVy32Bwmbv9pizyRgQ%253d.xohCCTw12QYyzu%252b6HIWrLSfx6gOdAFOGcFqvhpzfX28%253d%26ipt%3D0%26si%3D1%26wctx%3Daf9db32b-d5d8-4a06-b1ec-22d3495cd30e&lc=1035&id=292491&lw=1&fl=easi2&aadredir=1
Frame ID: 2A91902EF09899F9FFAD106E7FB412F9
Requests: 2 HTTP requests in this frame

Frame: https://amcdn.msftauth.net/me/mecache?partner=sway&wreply=https%3A%2F%2F52.109.13.38
Frame ID: A8549AEB226B28B01512F6A1E814AF93
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Microsoft Sway | Luo visuaalisesti vaikuttavia uutiskirjeitä, esityksiä ja asiakirjoja hetkessäKalifornian kuluttajien tietosuojalain (CCPA) kieltäytymiskuvake

Page URL History Show full URLs

  1. http://52.109.13.38/ HTTP 301
    https://52.109.13.38/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

61
Requests

31 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

3212 kB
Transfer

7004 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://52.109.13.38/ HTTP 301
    https://52.109.13.38/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://52.109.13.38/home/sso HTTP 302
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhome%252fsso%26hurl%3DuIs4Dqum7h9qCXHozAIuvY5TasVy32Bwmbv9pizyRgQ%253d.xohCCTw12QYyzu%252b6HIWrLSfx6gOdAFOGcFqvhpzfX28%253d%26ipt%3D0%26si%3D1%26wctx%3Daf9db32b-d5d8-4a06-b1ec-22d3495cd30e&lc=1035&id=292491&lw=1&fl=easi2&aadredir=1

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
52.109.13.38/
Redirect Chain
  • http://52.109.13.38/
  • https://52.109.13.38/
91 KB
93 KB
Document
General
Full URL
https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
ca062f9efdd4b0c0be820fa871bb7445a69022cbd8ed61e8a272efa51c8cabdc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
private
Content-Length
93688
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Feb 2023 08:21:17 GMT
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/3.0
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4
strict-transport-security
max-age=15724800; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-correlationid
c1f8c482-173f-41a6-ad3e-4b0885dd9062
x-frame-options
SAMEORIGIN
x-html-minification-powered-by
WebMarkupMin
x-key
apVChaoguqnBC0Ynv1X3mAUjqRlfRL+EvMAKrH08PxU=,638131692757977930
x-officecluster
eus-000.www.sway.com
x-officefe
SwayFrontEnd_IN_15
x-officeversion
16.0.16206.40101
x-requestid
4122e97e-a15a-4edc-a5bb-70551a05534e
x-trackingid
2d02aaa6-21a0-4998-8288-73be74696006
x-ua-compatible
IE=edge
x-usersessionid
c1f8c482-173f-41a6-ad3e-4b0885dd9062

Redirect headers

Content-Length
144
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 08:21:14 GMT
Location
https://52.109.13.38/
Server
Microsoft-IIS/10.0
Preload.css
52.109.13.38/161620640101_Content/
84 KB
12 KB
Stylesheet
General
Full URL
https://52.109.13.38/161620640101_Content/Preload.css
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
text/css
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
11735
jquery-2.2.4-custom-1.js
52.109.13.38/Content/
83 KB
30 KB
Script
General
Full URL
https://52.109.13.38/Content/jquery-2.2.4-custom-1.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
29703
jquery-ui-1.11.4-custom.js
52.109.13.38/Content/
64 KB
18 KB
Script
General
Full URL
https://52.109.13.38/Content/jquery-ui-1.11.4-custom.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
17891
modernizr-3.3.1-custom.js
52.109.13.38/Content/
8 KB
4 KB
Script
General
Full URL
https://52.109.13.38/Content/modernizr-3.3.1-custom.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
3210
Preload.js
52.109.13.38/161620640101_Content/
18 KB
5 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/Preload.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
4168
tdb.js
52.109.13.38/161620640101_Content/
141 KB
32 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/tdb.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
32326
CommonDiagnostics-Sway-1.0.0.js
52.109.13.38/Content/
59 KB
14 KB
Script
General
Full URL
https://52.109.13.38/Content/CommonDiagnostics-Sway-1.0.0.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
13381
Common.js
52.109.13.38/161620640101_Content/
1 MB
198 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/Common.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
8fac2245102dbf687b11b64139f6e06bd9d0947b4a28fde1e7ae59f85583b3a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:19 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
202572
Resources.js
52.109.13.38/161620640101_Content/fi/
129 KB
41 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/fi/Resources.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
82693a6fdcf691d4e751d571bbd0a12bb5895733d76c52d4c8a2bff69b8bea3d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:19 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
41547
Home.js
52.109.13.38/161620640101_Content/
574 KB
79 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/Home.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f8c597e80855853ce2c8328a751c6c580751ba77e33326b5b5e2f1a67ae64e73
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:19 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
80006
DefaultSignIn-1.3.1387.1646.js
52.109.13.38/Content/
20 KB
5 KB
Script
General
Full URL
https://52.109.13.38/Content/DefaultSignIn-1.3.1387.1646.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
eddc6731714c47cb0d0669c32fec49cb9826a3140f578ec7cb825c48b04b6f11
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:18 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
4257
74-888e54
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/
167 KB
23 KB
Stylesheet
General
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id
06ed124f47ca6c4ab07afa4fa02a89cd
date
Tue, 28 Feb 2023 08:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-12-13T20:44:15
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
6b15061f-0f26-4de6-8754-b30f69157321
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV1af3b2e4.0
ms-cv
CASMicrosoftCV1af3b2e4.0
content-length
22729
x-xss-protection
1; mode=block
last-modified
Tue, 13 Dec 2022 20:44:15 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-s1
2022-12-13T20:44:15
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=24927824
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8349.33967
expires
Wed, 13 Dec 2023 20:45:03 GMT
override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/
1 KB
907 B
Stylesheet
General
Full URL
https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 28 Feb 2023 08:21:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
290398cb-f01e-005a-1239-420c8b000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
jsll-4.js
az725175.vo.msecnd.net/scripts/
55 KB
18 KB
Script
General
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7AD) /
Resource Hash
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Feb 2023 08:21:19 GMT
content-encoding
gzip
content-md5
yvXHFTB8uAvUsw4tqOlcNw==
age
1324
x-cache
HIT
content-length
18421
x-ms-lease-status
unlocked
last-modified
Mon, 22 Feb 2021 22:33:25 GMT
server
ECAcc (ska/F7AD)
etag
0x8D8D781DE4DEC32
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
x-ms-request-id
4d141058-501e-003d-434a-4b7a0d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
Common.css
52.109.13.38/161620640101_Content/
247 KB
28 KB
Stylesheet
General
Full URL
https://52.109.13.38/161620640101_Content/Common.css
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:20 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
text/css
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
27698
Home.css
52.109.13.38/161620640101_Content/
365 KB
32 KB
Stylesheet
General
Full URL
https://52.109.13.38/161620640101_Content/Home.css
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:19 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
text/css
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
31952
StoryPage.css
52.109.13.38/161620640101_Content/
826 KB
78 KB
Stylesheet
General
Full URL
https://52.109.13.38/161620640101_Content/StoryPage.css
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e724c84db2673674e9b9b57e0e30339c2878b641bf88fcc33915707b68e5d0c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:20 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
text/css
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
79108
story_cluster.css
52.109.13.38/161620640101_Content/
3 KB
1 KB
Stylesheet
General
Full URL
https://52.109.13.38/161620640101_Content/story_cluster.css
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:20 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
text/css
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
930
t.js
web.vortex.data.microsoft.com/collect/v1/
281 B
966 B
Script
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272023-02-28T08%3A21%3A20.253Z%27&os=%27Windows%27&appId=%27JS%3Asway.com%27&-ver=%271.0%27&-impressionGuid=%279860b86f-46e7-4cfc-8b36-02345afcf0b4%27&-pageName=%27Undefined%27&-uri=%27https%3A%2F%2F52.109.13.38%2F%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Microsoft%20Sway%20%7C%20Luo%20visuaalisesti%20vaikuttavia%20uutiskirjeit%C3%A4%2C%20esityksi%C3%A4%20ja%20asiakirjoja%20hetkess%C3%A4%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.5%27&ext-javascript-domain=%2752.109.13.38%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b39abf5f37aded2277b95b30c5303730eba83cbd11524b7ba497be86abce746c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:21:19 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/javascript
Cache-Control
no-cache, no-store
MS-CV
r9SrdhjQK0Sfd+Ai+5HEAA.0
Content-Length
281
Expires
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
segoeui.woff
52.109.13.38/Content/
74 KB
74 KB
Font
General
Full URL
https://52.109.13.38/Content/segoeui.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:19 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
75464
common_raw.js
52.109.13.38/161620640101_Content/
23 KB
7 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/common_raw.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:20 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
6432
Hammer-2.0.4.js
52.109.13.38/Content/
18 KB
7 KB
Script
General
Full URL
https://52.109.13.38/Content/Hammer-2.0.4.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:21 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
6449
savedusers
login.microsoftonline.com/ Frame 2E9F
3 KB
2 KB
Document
General
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://52.109.13.38/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/Content/DefaultSignIn-1.3.1387.1646.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.74 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1bf9b11b8c2fad0f9d91e55cc74774a0bd25dac8fcf9b79ed88712d48f88510f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52.109.13.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
900
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Feb 2023 08:21:20 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-ests-server
2.1.14711.6 - WEULR1 ProdSlices
x-ms-request-id
848d499c-b364-4032-9748-a5cc00ca0600
login.srf
login.live.com/ Frame 2A91
Redirect Chain
  • https://52.109.13.38/home/sso
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhom...
4 KB
3 KB
Document
General
Full URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhome%252fsso%26hurl%3DuIs4Dqum7h9qCXHozAIuvY5TasVy32Bwmbv9pizyRgQ%253d.xohCCTw12QYyzu%252b6HIWrLSfx6gOdAFOGcFqvhpzfX28%253d%26ipt%3D0%26si%3D1%26wctx%3Daf9db32b-d5d8-4a06-b1ec-22d3495cd30e&lc=1035&id=292491&lw=1&fl=easi2&aadredir=1
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/Content/jquery-2.2.4-custom-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.74 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36c98d4ecbf49f31420f37dc5d0759899b75a805996d4c80e5d4cb11ee3d16b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://52.109.13.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
2135
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Feb 2023 08:21:22 GMT
PPServer
PPV: 30 H: BL02PFFAC1A6305 V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
1aa503e5-1450-4d94-b26b-10d4ac15611e
x-ms-route-info
R3_BL2

Redirect headers

Cache-Control
private
Content-Length
582
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Feb 2023 08:21:20 GMT
Location
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhome%252fsso%26hurl%3DuIs4Dqum7h9qCXHozAIuvY5TasVy32Bwmbv9pizyRgQ%253d.xohCCTw12QYyzu%252b6HIWrLSfx6gOdAFOGcFqvhpzfX28%253d%26ipt%3D0%26si%3D1%26wctx%3Daf9db32b-d5d8-4a06-b1ec-22d3495cd30e&lc=1035&id=292491&lw=1&fl=easi2&aadredir=1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/3.0
anonuserid
32d3c366-7c02-4881-adcd-455caa88b4df
strict-transport-security
max-age=15724800; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-correlationid
b27f7d07-1070-4374-9650-014b67ab260c
x-frame-options
SAMEORIGIN
x-officecluster
eus-002.www.sway.com
x-officefe
SwayFrontEnd_IN_10
x-officeversion
16.0.16206.40101
x-requestid
32819351-ae2f-41d9-852b-72604ffa730f
x-trackingid
89ea2056-82b3-40ff-8a96-44846c91fdfa
x-usersessionid
b27f7d07-1070-4374-9650-014b67ab260c
swayicon.woff
52.109.13.38/161620640101_Content/
22 KB
22 KB
Font
General
Full URL
https://52.109.13.38/161620640101_Content/swayicon.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
22140
getstories
52.109.13.38/my/
1 KB
2 KB
XHR
General
Full URL
https://52.109.13.38/my/getstories
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/Content/jquery-2.2.4-custom-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5bf77c7dc1f1dc8bc0741311721f503c431b2f7d12e6f2229be5140f5cb25b00
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-UserSessionId
c1f8c482-173f-41a6-ad3e-4b0885dd9062
accept-language
fi-FI,fi;q=0.9
X-Key
apVChaoguqnBC0Ynv1X3mAUjqRlfRL+EvMAKrH08PxU=,638131692757977930
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://52.109.13.38/
X-Requested-With
XMLHttpRequest
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
x-requestid
72fdb2f7-47f2-4a39-8c4b-15e746f96d55
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_20
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
1535
x-trackingid
0eb84982-add2-4b6d-b12f-0dab661e0e46
x-correlationid
516429e2-5c8f-4cf1-b671-92ff863811be
x-officecluster
eus-003.www.sway.com
x-usersessionid
c1f8c482-173f-41a6-ad3e-4b0885dd9062
x-frame-options
SAMEORIGIN
Content-Type
application/json
Cache-Control
private
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4
timing-allow-origin
*
a2-598841
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23...
134 KB
36 KB
Script
General
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id
7228857332353f429312d50191e727e8
date
Tue, 28 Feb 2023 08:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2023-01-24T17:58:53
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
46f32dcc-9c96-4f06-9ba0-f49c2fdf5d96
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV1af3cdc6.0
ms-cv
CASMicrosoftCV1af3cdc6.0
content-length
35900
x-xss-protection
1; mode=block
last-modified
Tue, 24 Jan 2023 17:58:52 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-01-06T05:19:12.0000000Z}
x-s1
2023-01-24T17:58:52
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=28546641
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8405.38376
expires
Wed, 24 Jan 2024 17:58:42 GMT
meversion
mem.gfx.ms/
29 KB
10 KB
Script
General
Full URL
https://mem.gfx.ms/meversion?partner=Sway&market=fi-fi&uhf=1
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68c156340833a6f3820dd22dcba8719eafbb2c09b43b97a97c9716629310d744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible
IE=edge
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 08:21:21 GMT
x-azure-ref-originshield
0oiL9YwAAAAD+r/o33MPvSoS+9wPtemNoQU1TMDRFREdFMTgxOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref
0gbn9YwAAAACUGj2hfwoXQaRX8NNTp4kKU1RPRURHRTE4MTkAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
expires
Tue, 28 Feb 2023 09:16:30 GMT
newhomepagebackground_1920.jpg
52.109.13.38/161620640101_Content/
363 KB
364 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/newhomepagebackground_1920.jpg
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
0c5adadbdd947199bd68146720f44584c7fbc7dfb4db9e3c2023574db0d8518b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
x-requestid
11d8b5fc-ac19-41a4-9502-3f90f7d0229e
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_29
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
371843
x-trackingid
d1e96bef-01ba-4c02-980a-bbc6b4415b30
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
9f8ad57d-91b9-4de6-a759-d66c00431c71
x-usersessionid
9f8ad57d-91b9-4de6-a759-d66c00431c71
x-officecluster
eus-003.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
anonuserid
74907008-fc76-4cd4-ba92-9d035b66352b
timing-allow-origin
*
icons_1_newsletter.png
52.109.13.38/161620640101_Content/
607 B
1 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/icons_1_newsletter.png
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3018522b0ad4f89ffc7a8e01d1f370e87b99663489c5d74bde1b9b5eaa200ee4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
x-requestid
c22e416d-d047-449f-b8b9-623aa947694e
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_14
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
607
x-trackingid
7e7a26c8-c5da-4f06-bc8f-e7c230c5a417
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
baada640-e840-47bc-8536-02fe597dbaf9
x-usersessionid
baada640-e840-47bc-8536-02fe597dbaf9
x-officecluster
eus-000.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
9325c5f2-7b03-4d57-82fb-e77a855ff049
timing-allow-origin
*
icons_1_presentation.png
52.109.13.38/161620640101_Content/
397 B
1 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/icons_1_presentation.png
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
9f94843778b32fc32be3739a81185d3cfac9c0748dfa936f3d6d6108c583dd1c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
x-requestid
d93257cf-e211-4854-83cf-c24db2a0fda2
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_24
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
397
x-trackingid
ce5e50e8-4690-4e29-a835-cbb4c2b14bc1
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
58be0126-8d6e-4ddc-bbfa-5857c7b57415
x-usersessionid
58be0126-8d6e-4ddc-bbfa-5857c7b57415
x-officecluster
eus-000.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
3ef6c61e-e747-4d6d-95cc-23410e87a7f1
timing-allow-origin
*
icons_1_communication.png
52.109.13.38/161620640101_Content/
697 B
1 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/icons_1_communication.png
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
67a2d862f78db9f7566a2acd37e949aec271ce9d0a1acd30dbb975312d04f577
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
x-requestid
5bf7ba9e-f5c4-4521-b750-fc1db02ced91
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
697
x-trackingid
aaf59ca6-2ba5-42d7-a38e-fdf3a3c30a82
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
d64535e5-929e-420f-b1df-e5ac1a544480
x-usersessionid
d64535e5-929e-420f-b1df-e5ac1a544480
x-officecluster
eus-003.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
8547d319-d027-49f4-88f5-83e1ee468216
timing-allow-origin
*
HomepageUpsell_1920.jpg
52.109.13.38/161620640101_Content/
273 KB
274 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/HomepageUpsell_1920.jpg
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
0da231bed8c88daf26dcbaa2a8f65799713acd1a9d24732ff1c780496f62799d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
x-requestid
a0389bc0-a68b-42f7-b1b5-2b84d9463382
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_24
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
279610
x-trackingid
71dd5357-fec3-4d78-b97d-73479dfd6153
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
d80ab9d9-febd-4499-9fa9-a4defa7adbf9
x-usersessionid
d80ab9d9-febd-4499-9fa9-a4defa7adbf9
x-officecluster
eus-000.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
anonuserid
a74e796a-06bc-4608-b486-567f83d9173a
timing-allow-origin
*
HomepageTestimonialLogoMS.png
52.109.13.38/161620640101_Content/
14 KB
14 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/HomepageTestimonialLogoMS.png
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
7c1a831a2cc0922a98ec02f4efa3020c510d62855ab965cff0b1b11105511292
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
x-requestid
e0521aac-ad07-4d80-b1e5-8ccafea084ba
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
13837
x-trackingid
ecbe5cd6-6d7a-4a53-b12c-9662f0d360d2
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
8d1f84b4-e387-4414-84c3-ce69549c4747
x-usersessionid
8d1f84b4-e387-4414-84c3-ce69549c4747
x-officecluster
eus-003.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
f3eaa6b9-b617-42bb-b49d-137c1ca36f11
timing-allow-origin
*
truncated
/
193 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119542aa37774e9ba255c6875823688234e692ccdeb496e5426308d884e6ffbb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/
26 KB
26 KB
Font
General
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id
c8eea73e736cb1439143decad8832bf6
date
Tue, 28 Feb 2023 08:21:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
260054d8-9443-4b04-b2dd-082dec25ace4
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV1af3d067.0
ms-cv
CASMicrosoftCV1af3d067.0
content-length
26288
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 19:08:30 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-07-22T05:16:44.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=21896435
x-appversion
1.0.8237.38302
expires
Wed, 08 Nov 2023 18:41:56 GMT
segoeuilight.woff
52.109.13.38/Content/
27 KB
27 KB
Font
General
Full URL
https://52.109.13.38/Content/segoeuilight.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
6103756591a0902515ab10671ed7dcab4100573121ec704e75433abb453f5cb9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:22 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
27544
swayiconsl.woff
52.109.13.38/161620640101_Content/
18 KB
18 KB
Font
General
Full URL
https://52.109.13.38/161620640101_Content/swayiconsl.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3ba8db3c78db3dc15cb4a8c2523b5fbe189cf4ba8a24b07a810616ef4946b279
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
17928
segoeuisb.woff
52.109.13.38/Content/
31 KB
31 KB
Font
General
Full URL
https://52.109.13.38/Content/segoeuisb.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
31712
swayiconsb.woff
52.109.13.38/161620640101_Content/
23 KB
24 KB
Font
General
Full URL
https://52.109.13.38/161620640101_Content/swayiconsb.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:20 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
23704
segoeuisl.woff
52.109.13.38/Content/
29 KB
29 KB
Font
General
Full URL
https://52.109.13.38/Content/segoeuisl.woff
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
29464
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/
33 KB
34 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4b8::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://www.microsoft.com/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:21:21 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=173803
accept-ranges
bytes
content-length
34052
expires
Thu, 02 Mar 2023 08:38:04 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/
29 KB
29 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4b8::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer
https://www.microsoft.com/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:21:21 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"5b68d583e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=174098
accept-ranges
bytes
content-length
29388
expires
Thu, 02 Mar 2023 08:42:59 GMT
WebBadgeIcon.png
52.109.13.38/161620640101_Content/
563 B
1 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/WebBadgeIcon.png
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
2903ba56f2302f5bd9721761e1421c69fa82fef7ea7589e182cf805acf55b26c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:22 GMT
x-content-type-options
nosniff
x-requestid
0011d99c-ca39-45e4-88ba-d99e99d00123
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_20
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
563
x-trackingid
df7698eb-e034-4a7d-80b3-26cc8638b278
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
75d085b3-b60f-4917-80d6-9fba82d59cd8
x-usersessionid
75d085b3-b60f-4917-80d6-9fba82d59cd8
x-officecluster
eus-003.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
eb0b8746-9f90-4130-8b2d-132cedbb03cf
timing-allow-origin
*
WindowsStoreBadge_fi-fi.png
52.109.13.38/161620640101_Content/
19 KB
20 KB
Image
General
Full URL
https://52.109.13.38/161620640101_Content/WindowsStoreBadge_fi-fi.png
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
624f05fb542998ef5b9c57aa9da919e77be96e2464662c235af01444c17613db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
x-requestid
f7ca3be3-3c81-4130-a5c9-224cc7c7f3cc
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_24
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
19631
x-trackingid
b7ef934d-35c2-445d-8b7d-974a591d12e5
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
x-correlationid
3cf62b52-677d-479e-8a78-b618dafe9209
x-usersessionid
3cf62b52-677d-479e-8a78-b618dafe9209
x-officecluster
eus-002.www.sway.com
ETag
"0955687e639d91:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
7e09de7e-86cc-4f9e-814f-4c87b90e9187
timing-allow-origin
*
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/
4 KB
4 KB
Image
General
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::217:9a3b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:21:21 GMT
last-modified
Wed, 25 Jan 2023 14:03:09 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
4054
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=240345
x-activityid
e9417fc8-23af-4c17-b605-4c4b4d1c1005
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
timing-allow-origin
*
content-length
4054
expires
Fri, 03 Mar 2023 03:07:06 GMT
Add_Contents_Tall_600.mp4
52.109.13.38/161620640101_Content/HomepageVideos/
305 KB
306 KB
Media
General
Full URL
https://52.109.13.38/161620640101_Content/HomepageVideos/Add_Contents_Tall_600.mp4
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
a839e03fee5b924963b15d79afe925b0d035ff7629b7820135620116c42a4a9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
video/mp4
access-control-allow-origin
*
Cache-Control
public
Content-Range
bytes 0-312729/312730
Accept-Ranges
bytes
anonuserid
0a765787-637f-4af1-9ca8-a3a2f5759d0c
timing-allow-origin
*
Content-Length
312730
Remix_v10_Tall_600.mp4
52.109.13.38/161620640101_Content/HomepageVideos/
128 KB
128 KB
Media
General
Full URL
https://52.109.13.38/161620640101_Content/HomepageVideos/Remix_v10_Tall_600.mp4
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
82935f0914e3d5d6ffeadcfa90297cea58a2663d2897620f6e5e8bbfab983fb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
video/mp4
access-control-allow-origin
*
Cache-Control
public
Content-Range
bytes 0-130776/130777
Accept-Ranges
bytes
anonuserid
01b93fb7-c2a9-49e2-b154-9d9525438735
timing-allow-origin
*
Content-Length
130777
simultaneousScrolling_Tall_600.mp4
52.109.13.38/161620640101_Content/HomepageVideos/
806 KB
807 KB
Media
General
Full URL
https://52.109.13.38/161620640101_Content/HomepageVideos/simultaneousScrolling_Tall_600.mp4
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
ada6cca337c7f7e23dd9eb0037e51ac7c873f1b03fd7ec391f6702ed881088d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
video/mp4
access-control-allow-origin
*
Cache-Control
public
Content-Range
bytes 0-825332/825333
Accept-Ranges
bytes
anonuserid
ac528fd7-f123-472d-978b-e5ff7f3b45c1
timing-allow-origin
*
Content-Length
825333
RemoteUls.ashx
52.109.13.38/
0
911 B
XHR
General
Full URL
https://52.109.13.38/RemoteUls.ashx
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/Content/CommonDiagnostics-Sway-1.0.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://52.109.13.38/
X-UserSessionId
c1f8c482-173f-41a6-ad3e-4b0885dd9062
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff, nosniff
x-requestid
83a94ab5-af41-4d50-849c-6c60b28ef6cb
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_10
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
Content-Length
0
x-trackingid
d9dea9be-8181-472f-b941-8e923fb39c44
x-correlationid
75e85403-a145-4740-b534-9c2a093aaba1
x-officecluster
eus-001.www.sway.com
x-usersessionid
c1f8c482-173f-41a6-ad3e-4b0885dd9062
x-download-options
noopen
Content-Type
text/plain
Cache-Control
private
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4
timing-allow-origin
*
ms.shared.analytics.mectrl-3.2.6.gbl.min.js
js.monitor.azure.com/scripts/c/
88 KB
34 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=Sway&market=fi-fi&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:21:20 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Thu, 18 Aug 2022 21:40:45 GMT
x-azure-ref-originshield
0WqT8YwAAAABNw/YqjIG0T7CM/gP1QcGNQU1TMDRFREdFMTkyMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
RlzwH95FOkmm6gksZWAC+w==
etag
0x8DA81624EF9033C
x-azure-ref
0gbn9YwAAAAC8i6YACb62QYZiDcbkecFbU1RPRURHRTE4MjAAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
163ad9df-901e-0067-22af-460ba7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19
meBoot.min.js
amcdn.msftauth.net/scripts/me/MeControl/10.23038.5/fi-FI/
177 KB
33 KB
Script
General
Full URL
https://amcdn.msftauth.net/scripts/me/MeControl/10.23038.5/fi-FI/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=Sway&market=fi-fi&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ffccc58b747d4fef935e9c5c83f32775ae39fb8a7708320cda1bfbd277e6f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 08:21:21 GMT
last-modified
Thu, 16 Feb 2023 20:57:42 GMT
x-azure-ref-originshield
0HE77YwAAAABsGssr6wS4S4XWV3hkqX3jQU1TMDRFREdFMTkwOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d9428c5dc0e5d5"
x-azure-ref
0gbn9YwAAAADXC6FVKIIOQLmvrFIJ6/k6U1RPRURHRTEzMTIAOWZlNmMzZjEtMTcxOC00YTkzLTkyNTUtNjNjZDNmOGNhNWFi
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
Y0tKWoHur3mFKW
52.109.13.38/s/howtosway_fi-FI/images/
26 KB
27 KB
Image
General
Full URL
https://52.109.13.38/s/howtosway_fi-FI/images/Y0tKWoHur3mFKW?quality=480&isThumbnail=True
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f09edb2afbef30a26a801b03c6d7952993d167cdac5fe8f6a1ee375e8c5817bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:21 GMT
x-content-type-options
nosniff
x-requestid
8a4cae4d-37f8-4d88-936a-9046ec5de27a
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_24
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
26468
x-trackingid
28717a9e-5940-4c31-be1d-64acfeb82272
x-correlationid
49703664-bd2c-4fd2-8b37-dd3c4790b5b5
x-officecluster
eus-000.www.sway.com
x-usersessionid
49703664-bd2c-4fd2-8b37-dd3c4790b5b5
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=86400
anonuserid
2d476e36-81df-438d-bd43-b5a50411e8ce
timing-allow-origin
*
M30HePJAAJ4dlI
52.109.13.38/s/universe_cheatsheet_fi-FI/images/
30 KB
31 KB
Image
General
Full URL
https://52.109.13.38/s/universe_cheatsheet_fi-FI/images/M30HePJAAJ4dlI?quality=480&isThumbnail=True
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
b488c3ab4e658a6842fe8193186a614367dd7f3721ec77c7fc0aca1a20632b76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:22 GMT
x-content-type-options
nosniff
x-requestid
ab47417e-9f77-4a9d-b3e6-505349cc19d7
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_20
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
30342
x-trackingid
5b7d71d2-e198-4b34-84c1-981a55d27e1a
x-correlationid
048d8125-576d-4b29-b157-b24273c9bbce
x-officecluster
eus-003.www.sway.com
x-usersessionid
048d8125-576d-4b29-b157-b24273c9bbce
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=86400
anonuserid
afac9408-a17c-4926-8b23-1ff96e68c9af
timing-allow-origin
*
truncated
/
358 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ms-logo-v2.jpg
login.live.com/images/ Frame 2A91
3 KB
3 KB
Image
General
Full URL
https://login.live.com/images/ms-logo-v2.jpg
Requested by
Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhome%252fsso%26hurl%3DuIs4Dqum7h9qCXHozAIuvY5TasVy32Bwmbv9pizyRgQ%253d.xohCCTw12QYyzu%252b6HIWrLSfx6gOdAFOGcFqvhpzfX28%253d%26ipt%3D0%26si%3D1%26wctx%3Daf9db32b-d5d8-4a06-b1ec-22d3495cd30e&lc=1035&id=292491&lw=1&fl=easi2&aadredir=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.74 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc2b16b51738b77d94ed7591ad1033fa804297ca9faaa35222aa65773f749164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1677572481&rver=7.3.6963.0&wp=MBI_SSL&wreply=https:%2F%2F52.109.13.38%2Fauthredir%3Furl%3Dhttps%253a%252f%252f52.109.13.38%253a443%252fhome%252fsso%26hurl%3DuIs4Dqum7h9qCXHozAIuvY5TasVy32Bwmbv9pizyRgQ%253d.xohCCTw12QYyzu%252b6HIWrLSfx6gOdAFOGcFqvhpzfX28%253d%26ipt%3D0%26si%3D1%26wctx%3Daf9db32b-d5d8-4a06-b1ec-22d3495cd30e&lc=1035&id=292491&lw=1&fl=easi2&aadredir=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 28 Feb 2023 08:21:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 Jan 2023 09:50:16 GMT
PPServer
PPV: 30 H: BL6PPF8F0C68590 V: 0
ETag
"0fc7eecfd32d91:0"
Content-Type
image/jpeg
x-ms-request-id
7c877d8f-97fa-4e0a-9f8d-259e2721d61e
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
2797
X-XSS-Protection
1; mode=block
meCore.min.js
amcdn.msftauth.net/scripts/me/MeControl/10.23038.5/fi-FI/
99 KB
16 KB
Script
General
Full URL
https://amcdn.msftauth.net/scripts/me/MeControl/10.23038.5/fi-FI/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=Sway&market=fi-fi&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
492ad5be5f872df74abd55a9f5963c458fcaac597f85da4e5c0d9fc29563b685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Origin
https://52.109.13.38
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 08:21:22 GMT
last-modified
Thu, 16 Feb 2023 20:57:48 GMT
x-azure-ref-originshield
00+b8YwAAAADyIhOMu4usS7oPUS4KqLUqQU1TMDRFREdFMTgxOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d9428c615425e3"
x-azure-ref
0grn9YwAAAAD+R173KO6QTrd437dIipVwU1RPRURHRTEzMTIAOWZlNmMzZjEtMTcxOC00YTkzLTkyNTUtNjNjZDNmOGNhNWFi
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
mecache
amcdn.msftauth.net/me/ Frame A854
739 B
1 KB
Document
General
Full URL
https://amcdn.msftauth.net/me/mecache?partner=sway&wreply=https%3A%2F%2F52.109.13.38
Requested by
Host: amcdn.msftauth.net
URL: https://amcdn.msftauth.net/scripts/me/MeControl/10.23038.5/fi-FI/meBoot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c39ff531b6ee9ca894eb536e54eb8ceb3a5d77b1f0b75e6dfd13d6d0e1ed06d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://52.109.13.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
public, no-transform, max-age=7200
content-length
739
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:21:22 GMT
expires
Tue, 28 Feb 2023 10:21:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
0grn9YwAAAABtAKh7llO2SabhQHg107Y1U1RPRURHRTEzMjIAOWZlNmMzZjEtMTcxOC00YTkzLTkyNTUtNjNjZDNmOGNhNWFi
x-azure-ref-originshield
0g7n9YwAAAADggsUR6aZ9TodMzYK7XzdqQU1TMDRFREdFMTgwOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ua-compatible
IE=edge
RWOalS
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/
5 KB
5 KB
Image
General
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWOalS?ver=cc6e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::217:9a3b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed69c47044ae1e59ed17bffa949757b0fdaf213f53fa4c78295c10c4862178c8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:21:22 GMT
last-modified
Thu, 16 Feb 2023 20:22:17 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
4926
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216395
x-activityid
5e9acada-6675-4063-aea7-0d774378880b
timing-allow-origin
*
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RWOalS?ver=cc6e
content-length
4926
expires
Thu, 02 Mar 2023 20:27:57 GMT
v1
web.vortex.data.microsoft.com/collect/
0
0
Ping
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Da07ee19e12ed471fa1ec758b2febc491%26HASH%3Da07e%26LV%3D202302%26V%3D4%26LU%3D1677572480848%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://52.109.13.38/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

OfficeBrowserFeedback.js
52.109.13.38/161620640101_Content/feedback/
158 KB
45 KB
Script
General
Full URL
https://52.109.13.38/161620640101_Content/feedback/OfficeBrowserFeedback.js
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/161620640101_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://52.109.13.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
x-content-type-options
nosniff
Date
Tue, 28 Feb 2023 08:21:23 GMT
Last-Modified
Mon, 06 Feb 2023 04:50:26 GMT
ETag
"0955687e639d91:0"
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
45168
RemoteUls.ashx
52.109.13.38/
0
911 B
XHR
General
Full URL
https://52.109.13.38/RemoteUls.ashx
Requested by
Host: 52.109.13.38
URL: https://52.109.13.38/Content/CommonDiagnostics-Sway-1.0.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.38 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://52.109.13.38/
X-UserSessionId
c1f8c482-173f-41a6-ad3e-4b0885dd9062
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
Date
Tue, 28 Feb 2023 08:21:23 GMT
x-content-type-options
nosniff, nosniff
x-requestid
19e6617e-7355-44f5-89a8-c0e90b02e424
x-officeversion
16.0.16206.40101
X-Powered-By
ARR/3.0
x-officefe
SwayFrontEnd_IN_10
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
Content-Length
0
x-trackingid
231fa855-2a5e-467b-b6ac-db39abaf55c0
x-correlationid
713c0c79-09d5-4d7b-98e9-5a4c8a5b9027
x-officecluster
eus-001.www.sway.com
x-usersessionid
c1f8c482-173f-41a6-ad3e-4b0885dd9062
x-download-options
noopen
Content-Type
text/plain
Cache-Control
private
anonuserid
6a530846-8224-4908-8d3f-fc3cbe0b0cb4
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| PageExecutionBegin function| getCookie function| tryParseInt function| onContentError function| onContentLoad object| errorsDuringLoad object| CommonSettings object| LandingPageSettings boolean| IsProductionEnvironment boolean| UnitTestMode boolean| NoRunOnLoad object| PreloadUrls string| CurrentPage function| $ function| jQuery object| Modernizr object| StoryApp function| __extends object| TDB object| ArrayExtensions object| Obj object| StringExtensions object| DictionaryExtensions function| DisposableHolder function| Disposable object| EnumParser object| PlatformPolyFill object| platform function| Size object| KeyCodeType object| KeyCodes object| Sys object| Diag function| fidoCallback function| capturePerformanceMetric object| CommonBindings object| ControlAttributes function| SharingDisabledDialog object| HistoryManager object| StoryLimitType object| LimitMessageType function| LimitData function| LimitDataCounter object| RemoveViewedStories object| StoryPerformance function| ConditionalExecute object| AppType object| Aria object| Delete object| EmbedHostType object| FontIcons object| FontLoadTest object| FontIconsMapping function| FirstModel object| StoryBrandingMode object| StoryJoinResult object| UserType object| VisualLinkMode object| ActionLogger object| ClientAction function| FileObject function| Flags object| ResourceManager object| State function| CancellationSource function| Cookie object| PageType function| ObjectOM function| CompartmentComponent function| DisposableObjectOM function| Point object| EdgeSegment function| BaseRect function| Rect object| RemoveEditor function| Color object| FlightList object| Glyphs function| HashMap object| Icons object| FREDialogPage1ImageLarge object| FREDialogPage1ImageSmall object| UX object| CookieConsent function| AuthoringDisabledDialog function| BRSDialog function| ErrorDialog function| NyiDialog function| SurveyDialog function| OneNoteSurveyDialog function| WatchableSwitchesTransport object| DocumentIngestion object| FeatureDetection function| FlightClientSettings object| IdGenerator object| ImageUtils object| Containers object| CommonMain undefined| PerformanceMetrics boolean| IsPerformanceModeOn object| StoryAudience object| StoryLog object| StoryLogUtilities object| StoryManager object| MonitoredScope function| StoryReference object| StoryViewMode function| Task function| DeferredTask function| TaskPool object| DropShadow object| TextShadow function| AudioStreamingInfoRequest function| AudioStreamingInfoResponse object| ChangeLinkErrorCode function| ChangeLinkErrorResponse function| ChangeLinkRequest function| ChangeLinkResponse function| CreateAndJoinRequest function| CreateAndJoinResponse function| EnabledLanguagesResponse function| DynamicStyleInfo function| EmbeddedOneDriveInfo function| EmbeddedStoryInfo function| EmbeddedOneDriveInfoRequest function| LogStackTraceResponse function| LogStackTraceRequest object| MakeOutlineResponseType object| MakeOutlineErrorType function| MakeOutlineResponse function| FacebookConnectUrlResponse function| ImageCropsResponse function| ImageCropRequest function| ImageCropsRequest function| O365ShellServiceResponse object| OneDriveEmbedType function| StoryTileBase function| StoryTile function| ThumbnailResponse function| VideoStreamingInfoRequest function| VideoStreamingInfoResponse function| AnalyticsStoryTile function| ViewedStoryTile function| ViewOptionOverrides object| FileUploader object| Resources undefined| MyStoriesSettings object| ViewedStoryListRequests object| MyStoriesPageTitleControler function| RemoveEditorDialog object| HomeMain object| MobileFeaturedMain function| BaseStoryListRequest function| OdaViewCountResponse function| StoryListBaseResponse function| StoryListRequest function| StoryListResponse object| StoryListRequests object| HomeControllerInit object| AWAInit function| ViewedStoryListRequest function| ViewedStoryListResponse object| onShellReadyToLoad object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| isValidMsaUser function| isValidAadUser function| getAadData function| getMsaData function| getAadMsaData boolean| enableConsoleLog boolean| msaFedEnabled function| getAccount object| OfficeBrowserFeedback object| awa string| behaviorKey string| PageServedBy boolean| pageReady string| pageID object| UhfUrls object| ccpaElement string| resolvedTimeZone object| timeZones undefined| showLink function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader function| DismissPopupBanner function| GetRootDomain function| CreateCookie function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| GetRedirectUrlFromFederationProvider function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| OnErrorPageLoaded function| SetWarmupFrameUrl function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml string| g_rootDomain undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive boolean| g_persistentDialog object| g_hrdTimeout object| g_defaultSignInTimeout undefined| g_preferredIdpForDefaultSignIn undefined| g_orgIdReturnUrl undefined| g_msaReturnUrl undefined| g_appId boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| Hammer object| msCommonShell object| onMeControlReadyToLoad object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| oneDsMeControl

8 Cookies

Domain/Path Name / Value
52.109.13.38/ Name: AuthSess
Value: af9db32b-d5d8-4a06-b1ec-22d3495cd30e
.microsoft.com/ Name: MC1
Value: GUID=a07ee19e12ed471fa1ec758b2febc491&HASH=a07e&LV=202302&V=4&LU=1677572480848
.microsoft.com/ Name: MS0
Value: d8c600baa90a42488f1e49da687964ab
52.109.13.38/ Name: MSFPC
Value: GUID=a07ee19e12ed471fa1ec758b2febc491&HASH=a07e&LV=202302&V=4&LU=1677572480848
login.microsoftonline.com/ Name: fpc
Value: AvEFOXcHAe9PpcP-hrXRfN4
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr3f30y5ml5hawaVBvNp5ThFfo7APcgOiYBGhsh9mdNf_C78cxUGtMJtkw5DSj5VF3ZSivjwPx4KgIxGbgxBl5lWi3y53v7ZZkDqZX5itmjZSWiAoo6V1JuVA8WyRnFxhgIkVrB9R6MdhRexBT0wZl3VnOD0-ZMQQomyWZW-Pc5G23O45j4CHlGFlQZvmWlngzkJgf5UsJU1jKoKDK2bxPOW1R-ZF97uqhBddcl071mOQgAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd

5 Console Messages

Source Level URL
Text
rendering warning URL: https://52.109.13.38/161620640101_Content/Home.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://52.109.13.38/161620640101_Content/Home.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://52.109.13.38/161620640101_Content/Home.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://52.109.13.38/
Message:
Mixed Content: The page at 'https://52.109.13.38/' was loaded over HTTPS, but requested an insecure element 'http://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWOalS?ver=cc6e'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://amcdn.msftauth.net/me/mecache?partner=sway&wreply=https%3A%2F%2F52.109.13.38
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
az725175.vo.msecnd.net
c.s-microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
login.microsoftonline.com
mem.gfx.ms
statics-marketingsites-eus-ms-com.akamaized.net
web.vortex.data.microsoft.com
www.microsoft.com
104.43.200.36
152.199.19.160
2.18.79.144
20.190.159.74
2620:1ec:4a::27
2620:1ec:4e:1::44
2620:1ec:4f:1::44
2a02:26f0:11a:398::356e
2a02:26f0:11a::217:9a3b
2a02:26f0:f700:4b8::356e
52.109.13.38
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
0c5adadbdd947199bd68146720f44584c7fbc7dfb4db9e3c2023574db0d8518b
0da231bed8c88daf26dcbaa2a8f65799713acd1a9d24732ff1c780496f62799d
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
119542aa37774e9ba255c6875823688234e692ccdeb496e5426308d884e6ffbb
14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
1bf9b11b8c2fad0f9d91e55cc74774a0bd25dac8fcf9b79ed88712d48f88510f
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
2903ba56f2302f5bd9721761e1421c69fa82fef7ea7589e182cf805acf55b26c
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
3018522b0ad4f89ffc7a8e01d1f370e87b99663489c5d74bde1b9b5eaa200ee4
36c98d4ecbf49f31420f37dc5d0759899b75a805996d4c80e5d4cb11ee3d16b7
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
3ba8db3c78db3dc15cb4a8c2523b5fbe189cf4ba8a24b07a810616ef4946b279
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
492ad5be5f872df74abd55a9f5963c458fcaac597f85da4e5c0d9fc29563b685
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
5bf77c7dc1f1dc8bc0741311721f503c431b2f7d12e6f2229be5140f5cb25b00
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
5ffccc58b747d4fef935e9c5c83f32775ae39fb8a7708320cda1bfbd277e6f2a
6103756591a0902515ab10671ed7dcab4100573121ec704e75433abb453f5cb9
624f05fb542998ef5b9c57aa9da919e77be96e2464662c235af01444c17613db
67a2d862f78db9f7566a2acd37e949aec271ce9d0a1acd30dbb975312d04f577
68c156340833a6f3820dd22dcba8719eafbb2c09b43b97a97c9716629310d744
7c1a831a2cc0922a98ec02f4efa3020c510d62855ab965cff0b1b11105511292
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
82693a6fdcf691d4e751d571bbd0a12bb5895733d76c52d4c8a2bff69b8bea3d
82935f0914e3d5d6ffeadcfa90297cea58a2663d2897620f6e5e8bbfab983fb2
8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345
8fac2245102dbf687b11b64139f6e06bd9d0947b4a28fde1e7ae59f85583b3a3
9f94843778b32fc32be3739a81185d3cfac9c0748dfa936f3d6d6108c583dd1c
a839e03fee5b924963b15d79afe925b0d035ff7629b7820135620116c42a4a9f
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
ada6cca337c7f7e23dd9eb0037e51ac7c873f1b03fd7ec391f6702ed881088d6
b39abf5f37aded2277b95b30c5303730eba83cbd11524b7ba497be86abce746c
b488c3ab4e658a6842fe8193186a614367dd7f3721ec77c7fc0aca1a20632b76
bc2b16b51738b77d94ed7591ad1033fa804297ca9faaa35222aa65773f749164
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
c39ff531b6ee9ca894eb536e54eb8ceb3a5d77b1f0b75e6dfd13d6d0e1ed06d5
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
ca062f9efdd4b0c0be820fa871bb7445a69022cbd8ed61e8a272efa51c8cabdc
cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e724c84db2673674e9b9b57e0e30339c2878b641bf88fcc33915707b68e5d0c8
e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42
ed69c47044ae1e59ed17bffa949757b0fdaf213f53fa4c78295c10c4862178c8
eddc6731714c47cb0d0669c32fec49cb9826a3140f578ec7cb825c48b04b6f11
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f09edb2afbef30a26a801b03c6d7952993d167cdac5fe8f6a1ee375e8c5817bf
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6
f8c597e80855853ce2c8328a751c6c580751ba77e33326b5b5e2f1a67ae64e73