urlscan.io logo urlscan.io
SecurityTrails logo

sarweb.microsoft.com Open in urlscan Pro
20.118.138.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sarweb.microsoft.com/
Effective URL: https://sarweb.microsoft.com/swagger/index.html
Submission Tags: @phishunt_io
Submission: On January 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 20.118.138.135, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sarweb.microsoft.com.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on December 7th 2023. Valid for: 3 months.
This is the only time sarweb.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 20.118.138.135 8075 (MICROSOFT...)
5 2
Apex Domain
Subdomains		 Transfer
7 microsoft.com
sarweb.microsoft.com
538 KB
5 1
Domain Requested by
7 sarweb.microsoft.com 2 redirects sarweb.microsoft.com
5 1

This site contains no links.

Subject Issuer Validity Valid
sarweb.microsoft.com
Microsoft Azure RSA TLS Issuing CA 08		 2023-12-07 -
2024-03-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sarweb.microsoft.com/swagger/index.html
Frame ID: 8845E6756D4A778CD926A4DDCAF286A4
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Swagger UI

Page URL History Show full URLs

  1. https://sarweb.microsoft.com/ HTTP 302
    https://sarweb.microsoft.com/swagger HTTP 302
    https://sarweb.microsoft.com/swagger/index.html Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

537 kB
Transfer

1507 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sarweb.microsoft.com/ HTTP 302
    https://sarweb.microsoft.com/swagger HTTP 302
    https://sarweb.microsoft.com/swagger/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
sarweb.microsoft.com/swagger/
Redirect Chain
  • https://sarweb.microsoft.com/
  • https://sarweb.microsoft.com/swagger
  • https://sarweb.microsoft.com/swagger/index.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sarweb.microsoft.com/swagger/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.138.135 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a78b7d54197db6b712bf19bb22c2368d45344176f3cb98e3a50077705b0a2ffc
Security Headers
Name Value
Content-Security-Policy object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
object-src 'none'; form-action 'self'; frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 04:53:10 GMT
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:e0a9c17a-1777-443c-b465-8f87f76611c5
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
object-src 'none'; form-action 'self'; frame-ancestors 'none'
date
Wed, 31 Jan 2024 04:53:10 GMT
location
/swagger/index.html
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:e0a9c17a-1777-443c-b465-8f87f76611c5
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
swagger-ui.css
sarweb.microsoft.com/swagger/ 		141 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sarweb.microsoft.com/swagger/swagger-ui.css
Requested by
Host: sarweb.microsoft.com
URL: https://sarweb.microsoft.com/swagger/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.138.135 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
13997c2b52057d46e46f00e054f2e599b81f7a2686de4df56e5dc682a8735aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarweb.microsoft.com/swagger/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 17 Oct 2023 18:22:26 GMT
server
Microsoft-IIS/10.0
etag
"1da0126e1396859"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:e0a9c17a-1777-443c-b465-8f87f76611c5
swagger-ui-bundle.js
sarweb.microsoft.com/swagger/ 		1 MB
389 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sarweb.microsoft.com/swagger/swagger-ui-bundle.js
Requested by
Host: sarweb.microsoft.com
URL: https://sarweb.microsoft.com/swagger/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.138.135 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b27589db2d47d61c698f915e347ae5facba147e62357147d544e5934d8845227
Security Headers
Name Value
Content-Security-Policy object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarweb.microsoft.com/swagger/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-security-policy
object-src 'none'; form-action 'self'; frame-ancestors 'none'
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
request-context
appId=cid-v1:e0a9c17a-1777-443c-b465-8f87f76611c5
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 17 Oct 2023 18:22:26 GMT
server
Microsoft-IIS/10.0
etag
"1da0126e12b788d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
swagger-ui-standalone-preset.js
sarweb.microsoft.com/swagger/ 		305 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sarweb.microsoft.com/swagger/swagger-ui-standalone-preset.js
Requested by
Host: sarweb.microsoft.com
URL: https://sarweb.microsoft.com/swagger/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.138.135 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
15ece7cbab792923cdf2252629337ca42d2da189e5f3fc55e7d1a5c17e1a17a4
Security Headers
Name Value
Content-Security-Policy object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarweb.microsoft.com/swagger/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-security-policy
object-src 'none'; form-action 'self'; frame-ancestors 'none'
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
request-context
appId=cid-v1:e0a9c17a-1777-443c-b465-8f87f76611c5
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 17 Oct 2023 18:22:26 GMT
server
Microsoft-IIS/10.0
etag
"1da0126e13f9f06"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
692881516b5727543e5d0e2afe602c1659d1b50d7af857219c33d12913167520

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
swagger.json
sarweb.microsoft.com/swagger/v1/ 		10 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sarweb.microsoft.com/swagger/v1/swagger.json
Requested by
Host: sarweb.microsoft.com
URL: https://sarweb.microsoft.com/swagger/swagger-ui-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.138.135 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
45a201ac0829f6f018004c464c1de063cf7068d79b47718da1c478e84daf93c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json,*/*
Referer
https://sarweb.microsoft.com/swagger/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 04:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
request-context
appId=cid-v1:e0a9c17a-1777-443c-b465-8f87f76611c5
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5873d70e03e1dfb1e4a734cea4ada473e8520b7fec49c7e9d387cc25ac43a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime function| SwaggerUIBundle object| SwaggerUIStandalonePreset object| versions object| ui

2 Cookies

Domain/Path Name / Value
.sarweb.microsoft.com/ Name: ARRAffinity
Value: 650cbc946f160ad7eb881a19c70937d92b84699141aa7d6ad2eb4d18f46aab57
.sarweb.microsoft.com/ Name: ARRAffinitySameSite
Value: 650cbc946f160ad7eb881a19c70937d92b84699141aa7d6ad2eb4d18f46aab57

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block