mail.com.pt Open in urlscan Pro
2a01:4f8:c17:c9fd::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mail.com.pt/
Submission: On February 26 via api (February 26th 2023, 3:40:23 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 57 HTTP transactions. The main IP is 2a01:4f8:c17:c9fd::1, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is mail.com.pt.

This is the only time mail.com.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a01:4f8:c17:... 2a01:4f8:c17:c9fd::1	24940 (HETZNER-AS) (HETZNER-AS)
4	52.109.76.142 52.109.76.142	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
30	23.217.22.241 23.217.22.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:a92:... 2620:1ec:a92::194	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2600:141b:13:... 2600:141b:13::17d7:82a8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.110.205.119 20.110.205.119	() ()
1 1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1	2620:1ec:48:1... 2620:1ec:48:1::40	() ()
4	20.189.173.6 20.189.173.6	() ()
1	13.69.109.130 13.69.109.130	() ()
57	10

1 2a01:4f8:c17:c9fd::1 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)

mail.com.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.109.76.142 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sway.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 23.217.22.241 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-22-241.deploy.static.akamaitechnologies.com

eus-www.sway-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sway-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

forms.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:141b:13::17d7:82a8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.forms.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (None, ) 1 redirects

ASN- ()

c.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, ) 1 redirects

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:48:1::40 (None, )

ASN- ()

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.189.173.6 (None, )

ASN- ()

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.109.130 (None, )

ASN- ()

eu-mobile.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	sway-cdn.com eus-www.sway-cdn.com — Cisco Umbrella Rank: 41970 www.sway-cdn.com — Cisco Umbrella Rank: 55430	2 MB
12	office.net cdn.forms.office.net — Cisco Umbrella Rank: 8336	340 KB
8	office.com 1 redirects sway.office.com — Cisco Umbrella Rank: 34854 forms.office.com — Cisco Umbrella Rank: 5754 c.office.com	56 KB
5	microsoft.com browser.events.data.microsoft.com eu-mobile.events.data.microsoft.com Failed	2 KB
1	azure.com js.monitor.azure.com	61 KB
1	bing.com 1 redirects c.bing.com	735 B
1	mail.com.pt mail.com.pt	633 B
57	7

	Domain	Requested by
27	eus-www.sway-cdn.com	sway.office.com eus-www.sway-cdn.com
12	cdn.forms.office.net	forms.office.com cdn.forms.office.net
4	browser.events.data.microsoft.com	js.monitor.azure.com
4	sway.office.com	mail.com.pt sway.office.com eus-www.sway-cdn.com
3	www.sway-cdn.com	sway.office.com
2	c.office.com	1 redirects
2	forms.office.com	eus-www.sway-cdn.com forms.office.com
1	eu-mobile.events.data.microsoft.com	cdn.forms.office.net
1	js.monitor.azure.com	cdn.forms.office.net
1	c.bing.com	1 redirects
1	mail.com.pt
57	11

This site contains no links.

Subject Issuer	Validity	Valid
sway.office.com Microsoft Azure TLS Issuing CA 06	`2023-02-02` - `2024-01-28`	a year	crt.sh
www.sway-cdn.com Microsoft RSA TLS CA 02	`2022-09-09` - `2023-09-09`	a year	crt.sh
forms.office.com Microsoft Azure TLS Issuing CA 02	`2022-07-20` - `2023-07-15`	a year	crt.sh
cdn.forms.office.net Microsoft Azure TLS Issuing CA 06	`2022-09-28` - `2023-09-23`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 05	`2022-12-23` - `2023-12-18`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-12-07` - `2023-12-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://mail.com.pt/
Frame ID: 90F578D3016AF9D2FAE4EB65A75ED403
Requests: 1 HTTP requests in this frame

Frame: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed
Frame ID: 0710086E140A25A1157FE3B4D51E83F8
Requests: 36 HTTP requests in this frame

Frame: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true
Frame ID: CBC96C05C129D597D603FFF9709F2A3A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

mail.com.pt

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

57
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

2606 kB
Transfer

7391 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://c.office.com/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D4AEE94141064A968F2439161372ED6C&RedC=c.office.com&MXFR=0A5470F2172A654235506236132A6E92 HTTP 302
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=D4AEE94141064A968F2439161372ED6C&MUID=0A5470F2172A654235506236132A6E92

57 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.com.pt/ 537 B
633 B 448ms
174ms Document
text/html 2a01:4f8:c17:c9fd::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.com.pt/
Protocol: HTTP/1.1
Server: 2a01:4f8:c17:c9fd::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: abd74b234c2f1624c6f70c175200ef7a4e848df138da4a4b109ccb3a754ded86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Feb 2023 15:40:15 GMT
Last-Modified: Thu, 19 May 2022 17:13:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding,User-Agent

GET
H/1.1 200
OK embed Show response
sway.office.com/s/t4iQ3543TYNSbbD3/ Frame 0710 40 KB
13 KB 757ms
320ms Document
text/html 52.109.76.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Requested by

Host: mail.com.pt
URL: http://mail.com.pt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.76.142 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

9b559c4e312c20b983e2a8a877bbad3c8858586bf25f68dd0f44a240e72b0603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://mail.com.pt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Length: 11652
Content-Type: text/html; charset=utf-8
Date: Sun, 26 Feb 2023 15:40:15 GMT
Expires: -1
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Pragma: no-cache
Vary: Accept-Encoding
X-Powered-By: ARR/3.0
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-correlationid: f080b771-88e5-4280-9612-484391b7a12b
x-html-minification-powered-by: WebMarkupMin
x-key: 5jxIb/IVroGgWMbRlLmK4HbG/8YssyE8tKE40noVebY=,638130228158620160
x-officecluster: eus-003.www.sway.com
x-officefe: SwayFrontEnd_IN_20
x-officeversion: 16.0.16221.40100
x-requestid: be8caae5-1010-4cb6-86d9-6c8e40a379cb
x-trackingid: ee582400-d7c6-4c48-8fbf-0ce47220aecd
x-ua-compatible: IE=edge
x-usersessionid: f080b771-88e5-4280-9612-484391b7a12b

GET
H/1.1 200
OK Preload.css
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 84 KB
12 KB 313ms
73ms Stylesheet
text/css 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/Preload.css

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=31185
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 11735

GET
H/1.1 200
OK jquery-2.2.4-custom-1.js Show response
eus-www.sway-cdn.com/Content/ Frame 0710 83 KB
30 KB 315ms
75ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=75086
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 29703

GET
H/1.1 200
OK jquery-ui-1.11.4-custom.js Show response
eus-www.sway-cdn.com/Content/ Frame 0710 64 KB
18 KB 318ms
79ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=62518
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 17891

GET
H/1.1 200
OK modernizr-3.3.1-custom.js Show response
eus-www.sway-cdn.com/Content/ Frame 0710 8 KB
4 KB 303ms
65ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=75083
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 3210

GET
H/1.1 200
OK Preload.js Show response
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 18 KB
5 KB 307ms
68ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=35584
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 4168

GET
H/1.1 200
OK tdb.js Show response
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 141 KB
32 KB 314ms
76ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/tdb.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=34244
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 32326

GET
H/1.1 200
OK CommonDiagnostics-Sway-1.0.0.js Show response
eus-www.sway-cdn.com/Content/ Frame 0710 59 KB
14 KB 310ms
71ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=62518
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 13381

GET
H/1.1 200
OK Common.js Show response
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 1 MB
198 KB 381ms
77ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/Common.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

8fac2245102dbf687b11b64139f6e06bd9d0947b4a28fde1e7ae59f85583b3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=31108
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 202572

GET
H/1.1 200
OK Resources.js Show response
eus-www.sway-cdn.com/161622140100_Content/en-us/ Frame 0710 122 KB
38 KB 388ms
80ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/en-us/Resources.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

abe3613e06a609e63597ae6c53e1091f42a8151b275f50b3159f1938d67c42d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=31185
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 38609

GET
H/1.1 200
OK StoryPage.js Show response
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 1 MB
256 KB 407ms
82ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/StoryPage.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

9cba22d72eb8ae568a49875f871b5205a52453c18ce821734f17c1fc870c7ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=34292
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 262052

POST
H/1.1 200
OK get Show response
sway.office.com/s/t4iQ3543TYNSbbD3/ Frame 0710 95 KB
15 KB 310ms
309ms XHR
application/json 52.109.76.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/s/t4iQ3543TYNSbbD3/get?currentClientVersion=201

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.76.142 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

c410d8c402f477a21f571f2f9c5348c121caea0aac9ccac5562879bc227ce7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-WebClientVersion: 201
X-UserSessionId: f080b771-88e5-4280-9612-484391b7a12b
accept-language: en-US,en;q=0.9
X-Key: 5jxIb/IVroGgWMbRlLmK4HbG/8YssyE8tKE40noVebY=,638130228158620160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-LookupId: t4iQ3543TYNSbbD3
Referer: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
X-StoryId: 5EN9uMwGuD56F4juYuNf

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
x-requestid: 94dda93b-e58c-40d2-9f2c-fe560cfc545d
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_22
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length: 13962
x-storyid: 5EN9uMwGuD56F4juYuNf
x-payload-size: 14677
Pragma: no-cache
x-trackingid: b9bf5f9b-96a9-407e-a949-c0ae547bd1d9
x-correlationid: 6b2021b6-8d55-40ee-b0aa-590cf17562ac
x-officecluster: eus-003.www.sway.com
x-usersessionid: f080b771-88e5-4280-9612-484391b7a12b
x-frame-options: SAMEORIGIN
Content-Type: application/json
x-lookupid: t4iQ3543TYNSbbD3
Cache-Control: no-cache, no-store, must-revalidate
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
timing-allow-origin: *
x-server-time-elapsed: 109
Expires: -1

GET
DATA 200
OK truncated
/ Frame 0710 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK segoeui.woff
eus-www.sway-cdn.com/Content/ Frame 0710 74 KB
74 KB 167ms
132ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/segoeui.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:16 GMT
x-content-type-options: nosniff
X-Powered-By: ARR/3.0
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 75464

GET
H/1.1 200
OK Common.css
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 247 KB
28 KB 96ms
95ms Stylesheet
text/css 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/Common.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=33183
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 27698

GET
H/1.1 200
OK Home.css
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 365 KB
32 KB 190ms
82ms Stylesheet
text/css 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/Home.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=31186
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 31952

GET
H/1.1 200
OK StoryPage.css
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 826 KB
78 KB 195ms
67ms Stylesheet
text/css 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/StoryPage.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e724c84db2673674e9b9b57e0e30339c2878b641bf88fcc33915707b68e5d0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=34292
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 79108

GET
H/1.1 200
OK story_cluster.css
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 3 KB
1 KB 197ms
68ms Stylesheet
text/css 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/story_cluster.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=31170
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 930

GET
H/1.1 200
OK common_raw.js Show response
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 23 KB
7 KB 68ms
67ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/common_raw.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=31170
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 6432

GET
H/1.1 200
OK Hammer-2.0.4.js Show response
eus-www.sway-cdn.com/Content/ Frame 0710 18 KB
7 KB 87ms
86ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:16 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=9773
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 6449

GET
H/1.1 200
OK swayicon.woff
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 22 KB
22 KB 68ms
67ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/swayicon.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:16 GMT
x-content-type-options: nosniff
X-Powered-By: ARR/3.0
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 22140

GET
H/1.1 200
OK TisaOffcSerifPro-Thin.woff
www.sway-cdn.com/Content/ Frame 0710 60 KB
61 KB 353ms
73ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/TisaOffcSerifPro-Thin.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

c3b51638746f221571b37a6b2cb74b3bf065c8bdb00ef29f29071d518571a3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
X-Powered-By: ARR/3.0
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 61724

GET
H/1.1 200
OK TisaOffcSerifPro-Bold.woff
www.sway-cdn.com/Content/ Frame 0710 62 KB
62 KB 353ms
74ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/TisaOffcSerifPro-Bold.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f62e0a33677faa76a3baaa301113202712832ffc0bc6fc13f7b7d8a8b27d1435

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 21 Feb 2023 01:32:34 GMT
ETag: "065455f9445d91:0"
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 63332

GET
H/1.1 200
OK TisaOffcSerifPro-ThinItalic.woff
www.sway-cdn.com/Content/ Frame 0710 55 KB
56 KB 353ms
75ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/TisaOffcSerifPro-ThinItalic.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

362d4348d260c748b69e46b3956bb98db76d3cb1cdf3b5a371914472857e04fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 21 Feb 2023 01:32:34 GMT
ETag: "065455f9445d91:0"
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 56704

POST
H/1.1 202 analytics Show response
sway.office.com/sway/v1.0/t4iQ3543TYNSbbD3/ Frame 0710 2 B
978 B 348ms
347ms XHR
application/json 52.109.76.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/sway/v1.0/t4iQ3543TYNSbbD3/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.76.142 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-WebClientVersion: 201
X-UserSessionId: f080b771-88e5-4280-9612-484391b7a12b
accept-language: en-US,en;q=0.9
X-Key: 5jxIb/IVroGgWMbRlLmK4HbG/8YssyE8tKE40noVebY=,638130228158620160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json; charset=utf-8
X-LookupId: t4iQ3543TYNSbbD3
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed
X-Requested-With: XMLHttpRequest
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
X-StoryId: 5EN9uMwGuD56F4juYuNf

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: 78a978a3-d3bd-4f11-a0f4-7988dddb5cf6
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_22
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length: 2
x-storyid: 5EN9uMwGuD56F4juYuNf
x-trackingid: 461f5390-09a2-4bc1-a4eb-67cbe40edfce
x-correlationid: 76b00d45-6230-4e60-a7be-d8765f98f2f5
x-officecluster: eus-003.www.sway.com
x-usersessionid: f080b771-88e5-4280-9612-484391b7a12b
x-frame-options: SAMEORIGIN
Content-Type: application/json
x-lookupid: t4iQ3543TYNSbbD3
Cache-Control: private
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
timing-allow-origin: *

GET
H/1.1 200
OK Background_DotLine_02.png
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 9 KB
9 KB 73ms
72ms Image
image/png 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/Background_DotLine_02.png

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

a870fc016cf4b9bda0638d8f23e2aca6d4d4f9b86e86e89be47d8b03c5905a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: 0f59bc71-3346-4b30-93c5-8561c338db03
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_19
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 8735
x-trackingid: 3903f8d0-afed-47fb-a7bc-92352ef839f2
Last-Modified: Tue, 21 Feb 2023 01:32:34 GMT
x-correlationid: 1620cd6f-b7ab-4168-8e95-df9a31daf802
x-usersessionid: 1620cd6f-b7ab-4168-8e95-df9a31daf802
x-officecluster: eus-000.www.sway.com
ETag: "065455f9445d91:0"
Content-Type: image/png
Accept-Ranges: bytes
anonuserid: 46154949-2829-4002-b48e-8f03e0c8422f
timing-allow-origin: *

GET
H/1.1 200
OK swayiconsb.woff
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 23 KB
24 KB 68ms
67ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/swayiconsb.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
X-Powered-By: ARR/3.0
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 23704

GET
H/1.1 200
OK story.png
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 10 KB
11 KB 70ms
69ms Image
image/png 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/story.png

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: 3d80dceb-6e38-411f-90d7-87baec3eeeee
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10721
x-trackingid: 8da3a06d-e1a3-407b-bf7a-9930d5186d14
Last-Modified: Tue, 21 Feb 2023 01:32:34 GMT
x-correlationid: 8ee3638d-8a12-4ee2-9758-8ec105be6b35
x-usersessionid: 8ee3638d-8a12-4ee2-9758-8ec105be6b35
x-officecluster: eus-000.www.sway.com
ETag: "065455f9445d91:0"
Content-Type: image/png
Accept-Ranges: bytes
anonuserid: 5257d318-7c4e-4322-af25-b6cc95f2bfd5
timing-allow-origin: *

GET
H/1.1 200
OK traveling_dots1color_shorter_white.gif
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 7 KB
8 KB 67ms
65ms Image
image/gif 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/traveling_dots1color_shorter_white.gif

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: 61fb7625-a5d2-4d6a-a481-459fba1cd56e
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_24
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6828
x-trackingid: 482d5556-ff28-487d-92fd-29a1416fb7c1
Last-Modified: Tue, 21 Feb 2023 01:32:34 GMT
x-correlationid: 86a87569-f9cd-41ae-8e14-174358fdc9d2
x-usersessionid: 86a87569-f9cd-41ae-8e14-174358fdc9d2
x-officecluster: eus-001.www.sway.com
ETag: "065455f9445d91:0"
Content-Type: image/gif
Accept-Ranges: bytes
anonuserid: ed0a7eaa-e861-4754-8e75-ef598073d046
timing-allow-origin: *

GET
H/1.1 200
OK whitespinner.32x32.gif
eus-www.sway-cdn.com/161622140100_Content/ Frame 0710 1 KB
2 KB 67ms
65ms Image
image/gif 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/whitespinner.32x32.gif

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: a51f1507-8b75-4aab-97b8-058f90fe0344
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_20
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1278
x-trackingid: be177d3f-821b-49dd-b00d-c63000d79050
Last-Modified: Tue, 21 Feb 2023 01:32:34 GMT
x-correlationid: ca27cc44-474e-4970-8134-72dd3cf7ee18
x-usersessionid: ca27cc44-474e-4970-8134-72dd3cf7ee18
x-officecluster: eus-002.www.sway.com
ETag: "065455f9445d91:0"
Content-Type: image/gif
Accept-Ranges: bytes
anonuserid: 427b0e2c-d901-427e-998d-f7ebc3a6bafa
timing-allow-origin: *

GET
H/1.1 200
OK QmznMRkHedoQu9
eus-www.sway-cdn.com/s/t4iQ3543TYNSbbD3/images/ Frame 0710 246 KB
247 KB 413ms
354ms Image
image/jpeg 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/t4iQ3543TYNSbbD3/images/QmznMRkHedoQu9?quality=960&allowAnimation=false

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

bb7d1d6cfc0f8ab8efb89f213c70e5743ff55e4b90c6280944eb56f6dca10d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: 16aff4f0-92be-47d3-a3c6-025706c32502
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_22
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 252203
x-trackingid: f64999f6-a671-4c52-a928-5b74dd2607dc
x-correlationid: 83eb1917-67cf-40af-bd26-634364c5796c
x-officecluster: eus-002.www.sway.com
x-usersessionid: 83eb1917-67cf-40af-bd26-634364c5796c
x-frame-options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 12504a54-3f64-4e37-bd60-dbac593ce2be
timing-allow-origin: *

POST
H/1.1 200
OK RemoteUls.ashx Show response
sway.office.com/ Frame 0710 0
973 B 381ms
134ms XHR
text/plain 52.109.76.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/RemoteUls.ashx

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.76.142 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff

Request headers

X-WebClientVersion: 201
X-UserSessionId: f080b771-88e5-4280-9612-484391b7a12b
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json
X-LookupId: t4iQ3543TYNSbbD3
Referer: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
X-StoryId: 5EN9uMwGuD56F4juYuNf

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff, nosniff
x-requestid: 2e35f213-d489-4f41-9ff3-8cc608346659
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_7
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: N/A
x-buls-suppressedtags
content-disposition: attachment
Content-Length: 0
x-storyid: 5EN9uMwGuD56F4juYuNf
x-trackingid: 8469f2c4-b065-42a6-80a2-47350b6dd662
x-correlationid: 890ba94a-d4e6-43c1-b143-e914d8a78e56
x-officecluster: neu-001.www.sway.com
x-usersessionid: f080b771-88e5-4280-9612-484391b7a12b
x-download-options: noopen
Content-Type: text/plain
x-lookupid: t4iQ3543TYNSbbD3
Cache-Control: private
anonuserid: 1b83a290-1bcc-4347-8172-ef6fe4e41ad2
timing-allow-origin: *

GET
H/1.1 200
OK QmznMRkHedoQu9
eus-www.sway-cdn.com/s/t4iQ3543TYNSbbD3/images/ Frame 0710 732 KB
733 KB 308ms
308ms Image
image/jpeg 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/t4iQ3543TYNSbbD3/images/QmznMRkHedoQu9?quality=1920&allowAnimation=true&embeddedHost=true

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f23a6a832cb346100204b7c500d169004b1bd6b8ccd615f75cfdcd655532a012

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
x-requestid: 4b6430d2-447a-4983-8af6-fef897fa45e8
x-officeversion: 16.0.16221.40100
X-Powered-By: ARR/3.0
x-officefe: SwayFrontEnd_IN_17
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 749762
x-trackingid: fa65602b-d01f-4ee5-88b7-f754cd50985b
x-correlationid: 933770fd-7a58-43a7-ac6b-7f1d734c3d69
x-officecluster: eus-001.www.sway.com
x-usersessionid: 933770fd-7a58-43a7-ac6b-7f1d734c3d69
x-frame-options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 2b292fa8-5cfc-4308-aeb3-4a6c7c394f78
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 0710 178 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca039f5b330aa6dc2035829338508f21180bdb8df94f33a18b75282088432ae7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK segoeuisl.woff
eus-www.sway-cdn.com/Content/ Frame 0710 29 KB
29 KB 68ms
68ms Font
application/font-woff 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/segoeuisl.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/t4iQ3543TYNSbbD3/embed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Date: Sun, 26 Feb 2023 15:40:17 GMT
x-content-type-options: nosniff
X-Powered-By: ARR/3.0
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 29464

GET
H2 200 ResponsePage.aspx Show response
forms.office.com/Pages/ Frame CBC9 76 KB
23 KB 180ms
85ms Document
text/html 2620:1ec:a92::194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/tdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bdd997af800873fc9f616ac6a2a9c78688b460aa8e682826dfa15c89c73a9f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://sway.office.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 26 Feb 2023 15:40:17 GMT
expires: 0
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma: no-cache
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-correlationid: b53d320d-e920-4f5b-9b9f-5b05fbb16fdf
x-msedge-ref: Ref A: 445CFCEC1DD54292B728817E3B0CC183 Ref B: MIA301000104019 Ref C: 2023-02-26T15:40:17Z
x-officecluster: ncus-100.forms.office.com
x-officefe: FormsSingleBox_IN_0
x-officeversion: 16.0.16220.42052
x-robots-tag: noindex, nofollow
x-routingcorrelationid: b53d320d-e920-4f5b-9b9f-5b05fbb16fdf
x-routingofficecluster: eus2-100.forms.office.com
x-routingofficefe: FormsSingleBox_IN_5
x-routingofficeversion: 16.0.16220.42052
x-routingsessionid: 91a05d6e-4f02-40c1-acb3-42599dcbb05e
x-usersessionid: 91a05d6e-4f02-40c1-acb3-42599dcbb05e

GET
H2 200 ls-response.en-us.d249a4c16.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 26 KB
8 KB 325ms
69ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.d249a4c16.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5b55cff8eeb1327250baf8e99d5112c71d3f39c89c0c58d94fb6eb4b7509e966

Request headers

Referer: https://forms.office.com/
Origin: https://forms.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: hlTtFwirH/JnjfNYPWuL+Q==
content-length: 7945
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155ACD46678B
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 03282223-b01e-0014-554a-476a9d000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H2 200 light-response-page.min.d1fe43d.css
cdn.forms.office.net/forms/css/dist/ Frame CBC9 143 KB
23 KB 332ms
76ms Stylesheet
text/css 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/css/dist/light-response-page.min.d1fe43d.css
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ed576a16f0a8f991a5450acfe8b5330b1fe6f7d610d78ca8c7d40735f50d8d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: X+cAXuz3Eu7pzZFC1V/W8g==
content-length: 23463
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:58:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AAAC5904A
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 02d67ecd-a01e-0029-414a-47dfbb000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H2 200 light-response-page.min.44a644c.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 328 KB
93 KB 330ms
74ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 772c17944f29d4df878b0b428551a46d43a7a1b42b36475df3029334fa19eff0

Request headers

Referer: https://forms.office.com/
Origin: https://forms.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: SRLL/UFW1g8bCCY8+FmPXw==
content-length: 94571
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC97EF09E
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 844c321c-301e-0005-1d4a-475d86000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H2 200 runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u') Show response
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-7ffeaf08418b/light/ Frame CBC9 7 KB
2 KB 1079ms
1079ms XHR
application/json 2620:1ec:a92::194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-7ffeaf08418b/light/runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u')?$expand=questions($expand=choices)

Requested by

Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

40bcefd84e914c70139592f16e85effa61fa34f4bdf408b3be1120f45b725058

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__q8IQYtUNEdGU1VKT1Q2VUY3Wk5VTjNTNzhVVEpURS4u&embed=true
X-UserSessionId: 91a05d6e-4f02-40c1-acb3-42599dcbb05e
accept-language: en-US,en;q=0.9
__RequestVerificationToken: 26UZKSnl9GTF6o1WN-6aQPj14gKOTySiTMBrbC0tPKOUTbrOg1J-6rKwZC716kJNWKDA6DoG5tWKJmCbZaK7_d4cyUme2uFkhLUZlTAaYdc1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
date: Sun, 26 Feb 2023 15:40:18 GMT
x-officeversion: 16.0.16220.42052
x-officefe: FormsSingleBox_IN_1
x-cache: CONFIG_NOCACHE
x-routingofficefe: FormsSingleBox_IN_2, FormsSingleBox_IN_1
x-routingofficeversion: 16.0.16220.42052, 16.0.16220.42052
x-correlationid: 76015456-8ee3-4514-b54b-2d5e959d5bcc
x-officecluster: ncus-100.forms.office.com
x-usersessionid: 91a05d6e-4f02-40c1-acb3-42599dcbb05e
x-msedge-ref: Ref A: DB7BB6AAFC9240CD9EDAF348673677C4 Ref B: MIA301000104019 Ref C: 2023-02-26T15:40:17Z
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-routingcorrelationid: 76015456-8ee3-4514-b54b-2d5e959d5bcc
x-routingsessionid: 91a05d6e-4f02-40c1-acb3-42599dcbb05e
x-robots-tag: noindex, nofollow
x-routingofficecluster: eus2-100.forms.office.com, ncus-100.forms.office.com

GET
H2 200 light-response-page.chunk.lrp_ext.7913a41.js
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 0
57 KB 118ms
117ms Other
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.7913a41.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: OFQC/uXIZhTfHvwKrM9RWQ==
content-length: 58294
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC97DB847
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e02d5bcc-101e-0012-5a4b-479de5000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H2 200 light-response-page.chunk.lrp_cover.3bfe216.js
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 0
30 KB 184ms
184ms Other
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.3bfe216.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: bEMN2mjpQHLvL06J8YzH+A==
content-length: 30006
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC97136FD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1b1698d5-301e-0063-7c4b-47efdc000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H2 200 light-response-page.chunk.lrp_post.boot.5bb7430.js
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 0
4 KB 72ms
71ms Other
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.5bb7430.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: nBwHpAc3SEr3HuDiN3B3UQ==
content-length: 3717
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC975A32C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8e59d6e-501e-0051-4a4b-47b70c000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H/1.1 200
OK OfficeBrowserFeedback.js Show response
eus-www.sway-cdn.com/161622140100_Content/feedback/ Frame 0710 158 KB
45 KB 67ms
66ms Script
application/javascript 23.217.22.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161622140100_Content/feedback/OfficeBrowserFeedback.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161622140100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.22.241 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-22-241.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Sun, 26 Feb 2023 15:40:18 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control: public, max-age=34292
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 45168

GET
H2 200 light-response-page.chunk.lrp_ext.7913a41.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 188 KB
57 KB 65ms
65ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.7913a41.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3c4cd69ed03bbb6343a01c65f521e4faad7f00bb3ecd1be33cf45a48cbabdfb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:18 GMT
content-encoding: br
content-md5: OFQC/uXIZhTfHvwKrM9RWQ==
content-length: 58294
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC97DB847
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e02d5bcc-101e-0012-5a4b-479de5000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:18 GMT

GET
H2 200 light-response-page.chunk.lrp_cover.3bfe216.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 110 KB
30 KB 66ms
66ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.3bfe216.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ffccff531229f7518a1b0e09340c47bc9c7ceb85533b44f3ff7e4dde1bfb7ed4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:19 GMT
content-encoding: br
content-md5: bEMN2mjpQHLvL06J8YzH+A==
content-length: 30006
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC97136FD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1b1698d5-301e-0063-7c4b-47efdc000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:19 GMT

GET
H2 200 light-response-page.chunk.lrp_post.boot.5bb7430.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 10 KB
4 KB 76ms
76ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.5bb7430.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 148ebd3d531ab07475a251e5ae083aa82b59bdfa2800435f874bb29a608e5c31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:19 GMT
content-encoding: br
content-md5: nBwHpAc3SEr3HuDiN3B3UQ==
content-length: 3717
x-ms-lease-status: unlocked
last-modified: Thu, 23 Feb 2023 04:59:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB155AC975A32C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8e59d6e-501e-0051-4a4b-47b70c000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:19 GMT

GET
H2 200 light-response-page.chunk.1ds.4a73f96.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 92 KB
30 KB 69ms
68ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4a73f96.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:19 GMT
content-encoding: br
content-md5: GsKp5CfkVSci/cTjnUW9Qw==
content-length: 30105
x-ms-lease-status: unlocked
last-modified: Fri, 28 Oct 2022 04:14:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAB89AE1D68FA7
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0cbc51da-f01e-0031-5c97-eaf22e000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:19 GMT

GET
H2 200 light-response-page.chunk.sw.0b67d9e.js Show response
cdn.forms.office.net/forms/scripts/dists/ Frame CBC9 1 KB
947 B 73ms
73ms Script
application/javascript 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.0b67d9e.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.44a644c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:19 GMT
content-encoding: br
content-md5: ZNwilL15/8Od96vW3cMpow==
content-length: 524
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 04:53:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF846C5423F40
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ed366174-d01e-0026-1b42-2a324d000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:19 GMT

GET
H2

200

c.gif
c.office.com/ Frame CBC9
Redirect Chain

https://c.office.com/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D4AEE94141064A968F2439161372ED6C&RedC=c.office.com&MXFR=0A5470F2172A654235506236132A6E92
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=D4AEE94141064A968F2439161372ED6C&MUID=0A5470F2172A654235506236132A6E92

42 B
463 B

54ms
54ms

Image
image/gif

20.110.205.119

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.office.com/c.gif?ctsa=mr&CtsSyncId=D4AEE94141064A968F2439161372ED6C&MUID=0A5470F2172A654235506236132A6E92
Protocol: H2
Server: 20.110.205.119 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 15:40:20 GMT
last-modified: Thu, 16 Feb 2023 21:34:25 GMT
server: Microsoft-IIS/10.0
etag: "fd3efe704e42d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 15:40:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E3F027ACA6444803B7C9194D41CAC987 Ref B: MIAEDGE1409 Ref C: 2023-02-26T15:40:20Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.office.com/c.gif?ctsa=mr&CtsSyncId=D4AEE94141064A968F2439161372ED6C&MUID=0A5470F2172A654235506236132A6E92
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame CBC9 4 KB
4 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin: https://forms.office.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 ms.jsll-3.min.js Show response
js.monitor.azure.com/scripts/c/ Frame CBC9 179 KB
61 KB 1564ms
56ms Script
text/javascript 2620:1ec:48:1::40

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.5bb7430.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 15:40:20 GMT
content-encoding: br
x-azure-ref-originshield: 0NHf7YwAAAAAENbhy3uNGQ43jPfoB6WImTU5aMjIxMDYwNjEyMDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: b+j9g6sJxD1l0IIs+rjbCw==
x-cache: TCP_HIT
x-ms-meta-jssdkver: 3.2.9
last-modified: Tue, 21 Feb 2023 18:33:42 GMT
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.jsll-3.2.9.min.js
etag: 0x8DB143A28B32497
x-azure-ref: 0ZH37YwAAAADYzdml2qjQSIOWxTU1LiCmQk4xQUEyMDUxMDIxMDI1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a411c36d-d01e-00e7-37f4-495cf2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ Frame CBC9 2 KB
2 KB 105ms
105ms Image
image/svg+xml 2600:141b:13::17d7:82a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 26 Feb 2023 15:40:20 GMT
content-md5: 3xzT8tqu5fYpwQ+8YJysNQ==
content-length: 1795
x-ms-lease-status: unlocked
last-modified: Fri, 23 Dec 2022 04:36:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAE49F429D278D
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 75ce5d4c-601e-0034-2ce3-180651000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:40:20 GMT

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame CBC9 153 B
1 KB 383ms
94ms XHR
application/json 20.189.173.6

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

02556f067c6beba5310287eafb7a4f8667b33d4a961cf4e770f742484eb546d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1677426021819
accept-language: en-US,en;q=0.9
client-version: 1DS-Web-JS-3.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://forms.office.com/
apikey: a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 26 Feb 2023 15:40:21 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 819
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: application/json
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 488ms
93ms Preflight 20.189.173.6

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://forms.office.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Sun, 26 Feb 2023 15:40:21 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame CBC9 153 B
592 B 94ms
93ms XHR
application/json 20.189.173.6

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

84bb4ad54308fe5693f9d51fc800b26f05d887643dd839c7406d534b5962b6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1677426022821
accept-language: en-US,en;q=0.9
client-version: 1DS-Web-JS-3.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
time-delta-to-apply-millis: 819
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://forms.office.com/
apikey: a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 26 Feb 2023 15:40:21 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 129
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 153

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 93ms
93ms Preflight 20.189.173.6

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://forms.office.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Sun, 26 Feb 2023 15:40:22 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST /
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame CBC9 0
0

OPTIONS
H/1.1 200
OK /
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 617ms
138ms Preflight 13.69.109.130

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.109.130 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://forms.office.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Sun, 26 Feb 2023 15:40:22 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eu-mobile.events.data.microsoft.com
URL: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sway.office.com/	1969-12-31 23:59:59	Name: AuthSess Value: 2dfab801-5419-4890-9fc2-bfa3bee3e3aa
.office.com/	1969-12-31 23:59:59	Name: AADNonce Value: 986182b2-e485-4255-bf94-65a17adf049f.638130228159557501
forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: DagYAWIgUzRFow_XZk2yQMcqmxA4PmwLHCCMbTvDSsV6uB-yuubfEvY4SaVAdaoMpZoN3pRSdEaBdDLSs99VyZVTAxGPy9oSp9MMMDQvk4k1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
eu-mobile.events.data.microsoft.com
eus-www.sway-cdn.com
forms.office.com
js.monitor.azure.com
mail.com.pt
sway.office.com
www.sway-cdn.com
eu-mobile.events.data.microsoft.com
13.69.109.130
20.110.205.119
20.189.173.6
23.217.22.241
2600:141b:13::17d7:82a8
2620:1ec:48:1::40
2620:1ec:a92::194
2620:1ec:c11::200
2a01:4f8:c17:c9fd::1
52.109.76.142
02556f067c6beba5310287eafb7a4f8667b33d4a961cf4e770f742484eb546d5
11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415
148ebd3d531ab07475a251e5ae083aa82b59bdfa2800435f874bb29a608e5c31
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
362d4348d260c748b69e46b3956bb98db76d3cb1cdf3b5a371914472857e04fe
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
3c4cd69ed03bbb6343a01c65f521e4faad7f00bb3ecd1be33cf45a48cbabdfb7
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
40bcefd84e914c70139592f16e85effa61fa34f4bdf408b3be1120f45b725058
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
5b55cff8eeb1327250baf8e99d5112c71d3f39c89c0c58d94fb6eb4b7509e966
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
772c17944f29d4df878b0b428551a46d43a7a1b42b36475df3029334fa19eff0
7ed576a16f0a8f991a5450acfe8b5330b1fe6f7d610d78ca8c7d40735f50d8d7
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
84bb4ad54308fe5693f9d51fc800b26f05d887643dd839c7406d534b5962b6d3
8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345
8fac2245102dbf687b11b64139f6e06bd9d0947b4a28fde1e7ae59f85583b3a3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b559c4e312c20b983e2a8a877bbad3c8858586bf25f68dd0f44a240e72b0603
9cba22d72eb8ae568a49875f871b5205a52453c18ce821734f17c1fc870c7ade
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8
a870fc016cf4b9bda0638d8f23e2aca6d4d4f9b86e86e89be47d8b03c5905a26
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
abd74b234c2f1624c6f70c175200ef7a4e848df138da4a4b109ccb3a754ded86
abe3613e06a609e63597ae6c53e1091f42a8151b275f50b3159f1938d67c42d8
b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5
bb7d1d6cfc0f8ab8efb89f213c70e5743ff55e4b90c6280944eb56f6dca10d41
bdd997af800873fc9f616ac6a2a9c78688b460aa8e682826dfa15c89c73a9f67
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
c3b51638746f221571b37a6b2cb74b3bf065c8bdb00ef29f29071d518571a3cd
c410d8c402f477a21f571f2f9c5348c121caea0aac9ccac5562879bc227ce7df
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
ca039f5b330aa6dc2035829338508f21180bdb8df94f33a18b75282088432ae7
d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749
e724c84db2673674e9b9b57e0e30339c2878b641bf88fcc33915707b68e5d0c8
e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42
f23a6a832cb346100204b7c500d169004b1bd6b8ccd615f75cfdcd655532a012
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
f62e0a33677faa76a3baaa301113202712832ffc0bc6fc13f7b7d8a8b27d1435
f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6
ffccff531229f7518a1b0e09340c47bc9c7ceb85533b44f3ff7e4dde1bfb7ed4

mail.com.pt Open in urlscan Pro 2a01:4f8:c17:c9fd::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

50 %IPv6

7 Domains

11 Subdomains

10 IPs

3 Countries

2606 kBTransfer

7391 kBSize

3 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.com.pt Open in urlscan Pro
2a01:4f8:c17:c9fd::1 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

2606 kB
Transfer

7391 kB
Size

3
Cookies

57 HTTP transactions
3 data transactions