urlscan.io logo urlscan.io
SecurityTrails logo

sway.office.com Open in urlscan Pro
52.109.12.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Submission: On October 16 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 52.109.12.50, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is sway.office.com.
TLS certificate: Issued by Microsoft IT TLS CA 5 on July 10th 2018. Valid for: 2 years.
This is the only time sway.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.109.12.50 8075 (MICROSOFT...)
20 172.227.101.223 16625 (AKAMAI-AS)
1 104.41.216.16 8075 (MICROSOFT...)
23 3
Domain Requested by
20 eus-www.sway-cdn.com sway.office.com
eus-www.sway-cdn.com
2 sway.office.com eus-www.sway-cdn.com
1 login.microsoftonline.com eus-www.sway-cdn.com
23 3

This site contains no links.

Subject Issuer Validity Valid
sway.office.com
Microsoft IT TLS CA 5		 2018-07-10 -
2020-07-10		 2 years crt.sh
www.sway-cdn.com
Microsoft IT TLS CA 5		 2018-03-05 -
2020-03-04		 2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 4		 2017-12-28 -
2019-12-28		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Frame ID: A57ED7B7575F4B8BE40D30211F545C6F
Requests: 22 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/authorize?response_mode=form_post&response_type=id_token+code&scope=openid&mkt=en-US&msafed=0&nonce=e9d47d72-3ad5-47df-a9cc-e9b064dab812.636753092560030786&state=https%3a%2f%2fsway.office.com%2fhome%2fisauthenticated&client_id=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&redirect_uri=https%3a%2f%2fsway.office.com%2fauth%2fsignin
Frame ID: 24766AE268C2495B1FE0C5B57FBE43A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

628 kB
Transfer

2305 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Owh7E9f78bDrjPPs
sway.office.com/ 		39 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
065d6669d62006f782816dd77ef40c2dc0785c1de219baa559c6c4eac63e023a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
sway.office.com
:scheme
https
:path
/Owh7E9f78bDrjPPs?ref=email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
401
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
Microsoft-IIS/10.0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
pagerequesttime=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure pagerequesttarget=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure pagerequestoperation=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure AuthSess=b43b5398-01d9-46bb-8865-bffd79545d45; domain=sway.office.com; path=/; secure AADNonce=e9d47d72-3ad5-47df-a9cc-e9b064dab812.636753092560030786; domain=office.com; path=/; secure; HttpOnly cookieblocked=; path=/; secure
x-correlationid
e61861f9-eb6b-4e56-8066-b9db7608aad9
x-usersessionid
e61861f9-eb6b-4e56-8066-b9db7608aad9
x-officefe
SwayFrontEnd_IN_3
x-officeversion
18.3.6012.6852
x-officecluster
eus-003.www.sway.com
anonuserid
f0dd6978-3424-4937-9c87-ee2c569e31d0
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains; preload
timing-allow-origin
*
x-requestid
542c7c1a-57fb-489a-a486-0f8ab4dcd08a
x-trackingid
70ece964-8f5a-4058-b39f-9c26536bb8d3
x-frame-options
SAMEORIGIN
x-key
KntF3P+kbJm8sC5tiNRhbxmlMqWfDp0sy4QL/hS/yOg=,636753092560030786
x-ua-compatible
IE=edge
x-powered-by
ARR/2.5
date
Tue, 16 Oct 2018 17:54:15 GMT
content-length
39705
Preload.css
eus-www.sway-cdn.com/18360126852_Content/ 		84 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/Preload.css
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
46868a5cb4cfe96a4b62d12ad26e24af422dd70c4951fc4e310b56595cdd96d8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76009
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11730
jquery-2.2.4-custom-1.js
eus-www.sway-cdn.com/Content/ 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76009
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
29703
jquery-ui-1.11.4-custom.js
eus-www.sway-cdn.com/Content/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76009
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
17891
modernizr-3.3.1-custom.js
eus-www.sway-cdn.com/Content/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
3210
Preload.js
eus-www.sway-cdn.com/18360126852_Content/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76009
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
4168
tdb.js
eus-www.sway-cdn.com/18360126852_Content/ 		141 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/tdb.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
701808505e89cbcca7d21b4a2ed1285368631135d33db3cf70cc46de6fa28bb0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
32325
CommonDiagnostics-Sway-1.0.0.js
eus-www.sway-cdn.com/Content/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13381
Common.js
eus-www.sway-cdn.com/18360126852_Content/ 		1 MB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/Common.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
ca3c2c192402e56b3c376b5f6157e50b9ac54750c5abc1337a5b3f2c476c4deb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
200534
Resources.js
eus-www.sway-cdn.com/18360126852_Content/en-us/ 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/en-us/Resources.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
9b9572437f8ebc3e9369310dd75fbe81f7f641330238023e91eccca6977b9dbb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76217
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
38657
Error.js
eus-www.sway-cdn.com/18360126852_Content/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/Error.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
42ed2e13b71546e35c4d8905b2dd6badc97958be2c5fef17bb20f7c7e9775f08
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
application/javascript
Server
Microsoft-IIS/10.0
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76737
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
998
story.png
eus-www.sway-cdn.com/18360126852_Content/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/story.png
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
b873b01e0e402814c286b35bd10e230f5bdcb13965e1a5e4901210ba3fd0dc18
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-OfficeCluster
eus-002.www.sway.com
X-RequestId
e98aba39-5377-473c-8a97-f63801df6cb6
X-OfficeVersion
18.3.6011.6647
X-OfficeFE
SwayFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
10221
ETag
"0c8f0f49fd31:0"
X-TrackingId
6247cae4-8e0a-4948-b2e3-f78537eef443
Last-Modified
Tue, 06 Feb 2018 04:36:32 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
c7861f17-2b47-4fbb-8f58-3e22035dda88
X-Powered-By
ARR/2.5
Date
Tue, 16 Oct 2018 17:54:16 GMT
anonuserid
36840f7f-16da-49bf-8c6d-92dd18fe9d39
Content-Type
image/png
X-CorrelationId
c7861f17-2b47-4fbb-8f58-3e22035dda88
Accept-Ranges
bytes
Timing-Allow-Origin
*
Common.css
eus-www.sway-cdn.com/18360126852_Content/ 		230 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/Common.css
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
a36db2778c1fc2886b8d54595dca8336e3fe2c9f2efe0cc74546019817b2e69f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
25909
Error.css
eus-www.sway-cdn.com/18360126852_Content/ 		79 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/Error.css
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
075d761c9728be9d8766f7fa023e68736297bb32d509be02fd77542fea7c41c2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76551
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7786
story_cluster.css
eus-www.sway-cdn.com/18360126852_Content/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/story_cluster.css
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
930
common_raw.js
eus-www.sway-cdn.com/18360126852_Content/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/common_raw.js
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
85152f9c04d2f007248f6b881540b4fcdf1558fafb61e71835c4459d54ea70b0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
6186
Hammer-2.0.4.js
eus-www.sway-cdn.com/Content/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.js
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
6449
Cookie set authorize
login.microsoftonline.com/common/oauth2/ Frame 2476 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?response_mode=form_post&response_type=id_token+code&scope=openid&mkt=en-US&msafed=0&nonce=e9d47d72-3ad5-47df-a9cc-e9b064dab812.636753092560030786&state=https%3a%2f%2fsway.office.com%2fhome%2fisauthenticated&client_id=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&redirect_uri=https%3a%2f%2fsway.office.com%2fauth%2fsignin
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.41.216.16 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
login.microsoftonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://sway.office.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
x-ms-request-id
b863c053-5be8-497c-806c-364269c0db00
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
buid=AQABAAEAAAC5una0EUFgTIF8ElaxtWjT-HVllQWFqVqiEUTSyylt6UwQsoBphAFHkQesg9JgaahuqJRBK6XwCQCaejpeCAPy2H-3YAMT8t9Mxqy4KbgZshEwpUspxzEkr2-LYqPZuXAgAA; expires=Thu, 15-Nov-2018 17:54:16 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAAC5una0EUFgTIF8ElaxtWjTPEe1w8tgg_KWPkb749TG1e4cQSiOL9SroTlm1gshXI81ugFJSvmDXknr8uGQewUxDcavi1NvVFOkmOyskDU2sqhsNH4apVtn8MFFXJ5zmn7voQppoPV0inAw1ER4QhGuEzpdyAgDozjjbXlE_LPFqCIYYpkHzJSXu3rQsmkkgrMgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=010; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Date
Tue, 16 Oct 2018 17:54:16 GMT
Content-Length
10092
segoeuilight.woff
eus-www.sway-cdn.com/Content/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/segoeuilight.woff
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
6103756591a0902515ab10671ed7dcab4100573121ec704e75433abb453f5cb9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Timing-Allow-Origin
*
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ARR/2.5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Content-Length
27544
segoeui.woff
eus-www.sway-cdn.com/Content/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/segoeui.woff
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Timing-Allow-Origin
*
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ARR/2.5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Content-Length
75464
segoeuisb.woff
eus-www.sway-cdn.com/Content/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/Content/segoeuisb.woff
Requested by
Host: sway.office.com
URL: https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sway.office.com/
Origin
https://sway.office.com

Response headers

Timing-Allow-Origin
*
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ARR/2.5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Date
Tue, 16 Oct 2018 17:54:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Content-Length
31712
RemoteUls.ashx
sway.office.com/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/RemoteUls.ashx
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff

Request headers

origin
https://sway.office.com
accept-encoding
gzip, deflate
cookie
AuthSess=b43b5398-01d9-46bb-8865-bffd79545d45; AADNonce=e9d47d72-3ad5-47df-a9cc-e9b064dab812.636753092560030786; cookieblocked=
content-length
629
:path
/RemoteUls.ashx
pragma
no-cache
x-usersessionid
e61861f9-eb6b-4e56-8066-b9db7608aad9
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
sway.office.com
referer
https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
:scheme
https
anonuserid
f0dd6978-3424-4937-9c87-ee2c569e31d0
:method
POST
Referer
https://sway.office.com/Owh7E9f78bDrjPPs?ref=email
Origin
https://sway.office.com
X-UserSessionId
e61861f9-eb6b-4e56-8066-b9db7608aad9
anonuserid
f0dd6978-3424-4937-9c87-ee2c569e31d0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
x-content-type-options
nosniff nosniff
x-officecluster
eus-001.www.sway.com
x-requestid
e4ee974b-b194-4f68-86e7-7fdc553aaa5a
x-officeversion
18.1.6015.5211
x-officefe
SwayFrontEnd_IN_0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-trackingid
44a937e2-6801-4c41-8363-2122d47e23ec
x-correlationid
1d0cce9a-c400-490f-85ca-1a0c06cc227f
server
Microsoft-IIS/10.0
x-usersessionid
e61861f9-eb6b-4e56-8066-b9db7608aad9
x-powered-by
ARR/2.5
date
Tue, 16 Oct 2018 17:54:16 GMT
x-download-options
noopen
content-type
text/plain
cache-control
private
anonuserid
f0dd6978-3424-4937-9c87-ee2c569e31d0
timing-allow-origin
*
OfficeBrowserFeedback.js
eus-www.sway-cdn.com/18360126852_Content/feedback/ 		158 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus-www.sway-cdn.com/18360126852_Content/feedback/OfficeBrowserFeedback.js
Requested by
Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/18360126852_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.223 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-223.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ARR/2.5
Resource Hash
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By
ARR/2.5
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=76010
Date
Tue, 16 Oct 2018 17:54:18 GMT
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
45168

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PageExecutionBegin function| getCookie function| tryParseInt function| onContentError function| onContentLoad object| errorsDuringLoad object| CommonSettings boolean| IsProductionEnvironment boolean| UnitTestMode boolean| NoRunOnLoad object| PreloadUrls string| CurrentPage function| $ function| jQuery object| Modernizr object| StoryApp function| __extends object| TDB object| ArrayExtensions object| Obj object| StringExtensions object| DictionaryExtensions function| DisposableHolder function| Disposable object| EnumParser object| PlatformPolyFill object| platform function| Size object| KeyCodeType object| KeyCodes object| Sys object| Diag function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader function| DismissPopupBanner function| GetRootDomain function| CreateCookie function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| SetWarmupFrameUrl function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml string| g_rootDomain undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive boolean| g_persistentDialog object| g_hrdTimeout object| g_defaultSignInTimeout undefined| g_preferredIdpForDefaultSignIn undefined| g_orgIdReturnUrl undefined| g_msaReturnUrl undefined| g_appId boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| Hammer function| fidoCallback function| capturePerformanceMetric object| CommonBindings object| ControlAttributes function| SharingDisabledDialog object| HistoryManager object| StoryLimitType object| LimitMessageType function| LimitData function| LimitDataCounter object| RemoveViewedStories object| StoryPerformance function| ConditionalExecute object| AppType object| Aria object| Delete object| EmbedHostType object| FontIcons object| FontLoadTest object| FontIconsMapping function| FirstModel object| StoryBrandingMode object| StoryJoinResult object| UserType object| VisualLinkMode object| ActionLogger object| ClientAction function| FileObject function| Flags object| ResourceManager object| State function| CancellationSource function| Cookie object| PageType function| ObjectOM function| CompartmentComponent function| DisposableObjectOM function| Point object| EdgeSegment function| BaseRect function| Rect object| RemoveEditor function| Color object| FlightList object| Glyphs function| HashMap object| Icons object| FREDialogPage1ImageLarge object| FREDialogPage1ImageSmall object| UX object| CookieConsent function| AuthoringDisabledDialog function| BRSDialog function| ErrorDialog function| NyiDialog function| SurveyDialog function| OneNoteSurveyDialog function| WatchableSwitchesTransport object| DocumentIngestion object| FeatureDetection function| FlightClientSettings object| IdGenerator object| ImageUtils object| Containers object| CommonMain undefined| PerformanceMetrics boolean| IsPerformanceModeOn object| StoryAudience object| StoryLog object| StoryLogUtilities object| StoryManager object| MonitoredScope function| StoryReference object| StoryViewMode function| Task function| DeferredTask function| TaskPool object| DropShadow object| TextShadow function| AudioStreamingInfoRequest function| AudioStreamingInfoResponse object| ChangeLinkErrorCode function| ChangeLinkErrorResponse function| ChangeLinkRequest function| ChangeLinkResponse function| CreateAndJoinRequest function| CreateAndJoinResponse function| EnabledLanguagesResponse function| DynamicStyleInfo function| EmbeddedOneDriveInfo function| EmbeddedStoryInfo function| EmbeddedOneDriveInfoRequest function| LogStackTraceResponse function| LogStackTraceRequest object| MakeOutlineResponseType object| MakeOutlineErrorType function| MakeOutlineResponse function| FacebookConnectUrlResponse function| ImageCropsResponse function| ImageCropRequest function| ImageCropsRequest function| O365ShellServiceResponse object| OneDriveEmbedType function| StoryTileBase function| StoryTile function| ThumbnailResponse function| VideoStreamingInfoRequest function| VideoStreamingInfoResponse function| AnalyticsStoryTile function| ViewedStoryTile function| ViewOptionOverrides object| FileUploader object| Resources object| OfficeBrowserFeedback function| isEmbedded function| setTargetBlank function| setDivText boolean| shouldPollAADSignInUrl string| signInPopupUrl string| PageServedBy boolean| pageReady string| pageID

3 Cookies

Domain/Path Name / Value
sway.office.com/ Name: cookieblocked
Value:
.office.com/ Name: AADNonce
Value: e9d47d72-3ad5-47df-a9cc-e9b064dab812.636753092560030786
.sway.office.com/ Name: AuthSess
Value: b43b5398-01d9-46bb-8865-bffd79545d45

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eus-www.sway-cdn.com
login.microsoftonline.com
sway.office.com
104.41.216.16
172.227.101.223
52.109.12.50
065d6669d62006f782816dd77ef40c2dc0785c1de219baa559c6c4eac63e023a
075d761c9728be9d8766f7fa023e68736297bb32d509be02fd77542fea7c41c2
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
42ed2e13b71546e35c4d8905b2dd6badc97958be2c5fef17bb20f7c7e9775f08
46868a5cb4cfe96a4b62d12ad26e24af422dd70c4951fc4e310b56595cdd96d8
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
6103756591a0902515ab10671ed7dcab4100573121ec704e75433abb453f5cb9
701808505e89cbcca7d21b4a2ed1285368631135d33db3cf70cc46de6fa28bb0
85152f9c04d2f007248f6b881540b4fcdf1558fafb61e71835c4459d54ea70b0
9b9572437f8ebc3e9369310dd75fbe81f7f641330238023e91eccca6977b9dbb
a36db2778c1fc2886b8d54595dca8336e3fe2c9f2efe0cc74546019817b2e69f
b873b01e0e402814c286b35bd10e230f5bdcb13965e1a5e4901210ba3fd0dc18
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
ca3c2c192402e56b3c376b5f6157e50b9ac54750c5abc1337a5b3f2c476c4deb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3