sway.cloud.microsoft/noscript
38 kB URL sway.cloud.microsoft/noscript
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (60205), with CRLF, LF line terminators
Hash d60e0384b509f10b44b1d657a7e36511
c5a54088c37e9b549b075bca831f24bd172b0093
284f39da3de4984e95f9ea05f6441b31b392940ce924e4ce43e6d96fa7908450
Analyzer Verdict Alert OpenPhish phishing Office365
GET /noscript HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: e1f772f7-652e-4aad-b896-9a36bee87c0f
x-usersessionid: e1f772f7-652e-4aad-b896-9a36bee87c0f
x-officefe: SwayFrontEnd_IN_7
x-officeversion: 16.0.17624.40100
x-officecluster: weu-001.www.sway.com
x-partitioning-enabled: true
anonuserid: 832835eb-09c3-4e54-a9d7-d4cd2fc98f82
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: a8d733a8-124e-464f-a8a0-6d04fb07a629
x-trackingid: 27516f24-9bd8-485c-b016-c600c2ccda8f
x-powered-by: ARR/3.0
date: Sat, 11 May 2024 01:52:50 GMT
content-length: 38126
X-Firefox-Spdy: h2
sway.cloud.microsoft/
20 kB IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (27869), with CRLF, LF line terminators
Hash 75c85a7ce8836fee0b44cf91baaa6643
09e7fedbe7d963da9938da1cadcb2e2b9d166b37
116aeec37307626a973022665e2a527c8bfceb482d237cef683c428476760472
Analyzer Verdict Alert OpenPhish phishing Office365
GET / HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/noscript
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: AuthSess=553cfe14-8462-463c-bbef-0bc6facd9746; domain=sway.cloud.microsoft; path=/; samesite=none; secure; HttpOnly
AADNonce=a481fcce-2534-40c3-a2cd-423fa612c863.638509891721313087; domain=cloud.microsoft; path=/; samesite=none; secure; HttpOnly
x-correlationid: e4861f79-641d-4515-ad42-43bb53439724
x-usersessionid: e4861f79-641d-4515-ad42-43bb53439724
x-officefe: SwayFrontEnd_IN_14
x-officeversion: 16.0.17624.40100
x-officecluster: weu-000.www.sway.com
x-partitioning-enabled: true
anonuserid: 047e4aa6-f095-48a8-8bd3-8309e421e997
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: 4affd284-5bd0-477a-bdb4-a1b94c3f0683
x-trackingid: 5f0f50a9-ce6d-494d-90af-8ee4d8c2f74e
x-frame-options: SAMEORIGIN
x-key: mp1KR5jZbBgQM4qpH1suChYocyca71JxaIvkb9RDf9g=,638509891721000548
x-ua-compatible: IE=edge
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ARR/3.0
date: Sat, 11 May 2024 01:52:51 GMT
content-length: 19644
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
18 kB URL weu-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
IP
File type JavaScript source, ASCII text, with very long lines (32214), with CRLF line terminators
Hash 29e67338030f5091caa7f4290c2bc417
3bcdba4e5f642367cd5a42b7ecdac8ba02a01fad
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
GET /Content/jquery-ui-1.11.4-custom.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 17891
Cache-Control: public, max-age=10998
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
30 kB URL weu-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
IP
File type JavaScript source, ASCII text, with very long lines (32236), with CRLF line terminators
Hash 338472d280d64be84d11980dd512176a
95de9f83181ac211f54bf97fd010624513a90459
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
GET /Content/jquery-2.2.4-custom-1.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 29703
Cache-Control: public, max-age=10998
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/en-us/Resources.js
39 kB URL weu-www.sway-cdn.com/161762440100_Content/en-us/Resources.js
IP
File type Unicode text, UTF-8 text, with very long lines (65491), with no line terminators
Hash a4dbabe661737162129e9e4bb621da1c
38be9cfafb4a4be9dc5fe9b615ca7bc22cf90e1f
b5b21c586d572568821d08b71fdbd06605d321706f6dc864e930dedf08c22bfa
GET /161762440100_Content/en-us/Resources.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 39147
Cache-Control: public, max-age=51461
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/29-591900/68-c3a397/f4-0855a6/a8-3dc4a6/f1-3221a1/dc-d4cb46/1f-806835/7a-c9e644?ver=2.0&_cf=20210618
23 kB URL www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/29-591900/68-c3a397/f4-0855a6/a8-3dc4a6/f1-3221a1/dc-d4cb46/1f-806835/7a-c9e644?ver=2.0&_cf=20210618
IP
File type Unicode text, UTF-8 text, with very long lines (64241)
Hash b7af9fb8eb3f12d3baa37641537bedc2
a3fbb622fd4d19cdb371f0b71146dd9f2605d8a4
928acfba36ccd911340d2753db52423f0c7f6feaa72824e2a1ef6f5667ed4a71
GET /onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/29-591900/68-c3a397/f4-0855a6/a8-3dc4a6/f1-3221a1/dc-d4cb46/1f-806835/7a-c9e644?ver=2.0&_cf=20210618 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
last-modified: Tue, 26 Mar 2024 00:24:53 GMT
x-activity-id: 06c822fd-8249-4ab6-a7b0-3146ee74fdba
x-appversion: 1.0.8823.42235
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-02-28T08:27:50.0000000Z}
ms-operation-id: 7710a3d30eba16489a4331717c4937c0
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-03-26T00:24:53
x-s2: 2024-03-26T00:24:53
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
x-azure-ref: 20240326T063233Z-z0hg63zc0x7k91z6mmes18ew3400000000qg000000002g8p
accept-ranges: bytes
content-encoding: gzip
content-length: 22747
ak-forward-host:
cache-control: public, max-age=27556298
expires: Wed, 26 Mar 2025 00:24:30 GMT
date: Sat, 11 May 2024 01:52:52 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV5c818836.0
ms-cv-esi: CASMicrosoftCV5c818836.0
x-rtag: RT
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/161762440100_Content/Preload.css
12 kB URL weu-www.sway-cdn.com/161762440100_Content/Preload.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 103e03370e3023306cd2f3e4d2b8512d
dadc7d138734d2b42f978e0cd0d0383f4dd0ffd4
0f30fad32c0debda2ae7fb2816b34d4ec7da737e8fb48aaba1f3f07c21fd40a2
GET /161762440100_Content/Preload.css HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 11753
Cache-Control: public, max-age=48453
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/Home.js
80 kB URL weu-www.sway-cdn.com/161762440100_Content/Home.js
IP
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 27a513b7cbbf0423c6202586820535e7
f74981fc69fd2418859397654e917165d4398136
7f27659f82e18dd96aad45e0138708cfb0c5a2511492218266aca58a24361530
GET /161762440100_Content/Home.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 80473
Cache-Control: public, max-age=61828
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
3.2 kB URL weu-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
IP
File type JavaScript source, ASCII text, with very long lines (7649), with CRLF line terminators
Hash f299dc10bcddd2e7808b978b3de18936
d8273fb0282bfa670f554e45f8ae7b1f73ec8071
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
GET /Content/modernizr-3.3.1-custom.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 3210
Cache-Control: public, max-age=10998
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/Preload.js
4.2 kB URL weu-www.sway-cdn.com/161762440100_Content/Preload.js
IP
File type JavaScript source, ASCII text, with very long lines (18297), with no line terminators
Hash f070ffc5c8bde496d241e5ef6ea85ae9
9b574040fafb228cabc86c6afdb1ed87b140a3af
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
GET /161762440100_Content/Preload.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 4168
Cache-Control: public, max-age=47455
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/tdb.js
32 kB URL weu-www.sway-cdn.com/161762440100_Content/tdb.js
IP
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash eae96e25b7ea4f06dc2b686160f661a9
6b0daeb5c08657a9bf96d79ed859985f3da6da52
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
GET /161762440100_Content/tdb.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 32326
Cache-Control: public, max-age=44449
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/Common.js
203 kB URL weu-www.sway-cdn.com/161762440100_Content/Common.js
IP
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 203 kB (202745 bytes)
Hash aaa0980252987a922eeba0361b1ebb6c
94bb79af19c8e32dbbc477705417ed8b440b20f4
d317583407d823e8b6d81fb522f7b0044fe17a8fa4375d33550365826ef398a0
GET /161762440100_Content/Common.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 202745
Cache-Control: public, max-age=51461
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
13 kB URL weu-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
IP
File type JavaScript source, Non-ISO extended-ASCII text, with very long lines (2360), with CRLF line terminators
Hash fd14998badf27d4f974ca33841c97397
d951a5fc5d3a3075e8986dba845d956a9831423e
2306ca934e2c1a52219d8a608c130f2bcdb7d859303f4ca5806cd48db0c9ae6f
GET /Content/CommonDiagnostics-Sway-1.0.0.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 13381
Cache-Control: public, max-age=10998
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/Content/DefaultSignIn-1.3.1387.1646.js
4.3 kB URL weu-www.sway-cdn.com/Content/DefaultSignIn-1.3.1387.1646.js
IP
File type JavaScript source, ASCII text, with very long lines (20760), with no line terminators
Hash ed30e7ea26f6f548848d0c140c159cfe
0b12f1554001f05c2a672d88a0ae316a5cfd15d6
eddc6731714c47cb0d0669c32fec49cb9826a3140f578ec7cb825c48b04b6f11
GET /Content/DefaultSignIn-1.3.1387.1646.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 4257
Cache-Control: public, max-age=11334
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/Common.css
28 kB URL weu-www.sway-cdn.com/161762440100_Content/Common.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d85d6ed927f23145dcf8b67bd4dba111
a497c4f87145c8568dbef0cb7832d05b14f7110b
4d2758d65f0be67c8bab930d2fd3576270b2522d5d60cca4fefa40d5fbcebb81
GET /161762440100_Content/Common.css HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 27721
Cache-Control: public, max-age=44450
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
js.monitor.azure.com/scripts/c/ms.jsll-4.min.js
122 kB URL js.monitor.azure.com/scripts/c/ms.jsll-4.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JavaScript source, ASCII text, with very long lines (65410)
Size 122 kB (122369 bytes)
Hash a7604485c5ed0c96df30bf0a027ec157
dffd6b8410fe4228385fa2739fff3186b2774324
f1d74512d57c705af7ad9588113d0fd6ca9bfd18b1e7e1bc165f5148bcc87a19
GET /scripts/c/ms.jsll-4.min.js HTTP/1.1
Host: js.monitor.azure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1800, immutable, no-transform
last-modified: Wed, 08 May 2024 18:03:51 GMT
x-ms-request-id: 9ba02335-001e-005a-1173-a188b8000000
x-ms-version: 2009-09-19
x-ms-meta-jssdkver: 4.2.0
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.jsll-4.2.0.min.js
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015252Z-er15bb998b7rck962t2sme067400000006hg0000000048q2
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2
x-cache: TCP_HIT
content-encoding: br
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/161762440100_Content/StoryPage.css
79 kB URL weu-www.sway-cdn.com/161762440100_Content/StoryPage.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash c9d603858710d7e1dcd9158bad98b4b8
26e47ef27aedef469021b3cba19b5de6dc250ff9
8f3e1c114c15fbf1f4f239ada9aebdfc616ac27236b7290ef11d969e0653494b
GET /161762440100_Content/StoryPage.css HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 79203
Cache-Control: public, max-age=51462
Date: Sat, 11 May 2024 01:52:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/story_cluster.css
930 B URL weu-www.sway-cdn.com/161762440100_Content/story_cluster.css
IP
File type ASCII text, with very long lines (3298), with no line terminators
Hash b05af20933a5c55d8228372b62cff439
8c7d1b8f149a66f4c82266c284aa12e2ca384cc1
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
GET /161762440100_Content/story_cluster.css HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 930
Cache-Control: public, max-age=48648
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/Content/segoeui.woff
76 kB URL weu-www.sway-cdn.com/Content/segoeui.woff
IP
File type Web Open Font Format, TrueType, length 75464, version 0.0
Hash 5fa620c9eefcd9c86b00199b3733d6e8
8ba2626e252e2f39b3a063810dadee2b55e0643b
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
GET /Content/segoeui.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 75464
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/favicon-16x16.png
449 B URL weu-www.sway-cdn.com/161762440100_Content/favicon-16x16.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash bbbd88901b3703b227f1158d7d6cdf3d
71fbff0b5d1deeb299fd663362b226b35f7e939e
28c98c3e57b496d377df3cbd176d7f0874705bba69a9d9fe60509cc89435c317
GET /161762440100_Content/favicon-16x16.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 98aecd46-7566-401a-a94c-42d582a8eeee
X-UserSessionId: 98aecd46-7566-401a-a94c-42d582a8eeee
X-OfficeFE: SwayFrontEnd_IN_1
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 42485736-8036-464b-a54c-0c0ca2eb619c
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 731dc13a-db29-44c4-830b-60791255156d
X-TrackingId: 8777019a-8a7c-4f2b-8705-507cbbda0482
X-Powered-By: ARR/3.0
Content-Length: 449
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/favicon-192x192.png
5.7 kB URL weu-www.sway-cdn.com/161762440100_Content/favicon-192x192.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Hash 9e295099860619954254f1507bb85ec0
8a4442b11d577c36d25761d4474c67292ccadf9c
ceddc01c593a39581cfaaabf6d6e2611ec8280cd15bbe63df32ce6820ccccc4d
GET /161762440100_Content/favicon-192x192.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: f510fb68-643b-4325-a3e5-998ea7f99477
X-UserSessionId: f510fb68-643b-4325-a3e5-998ea7f99477
X-OfficeFE: SwayFrontEnd_IN_5
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 678fd405-8e77-4cb6-91d1-9dae4695d0bb
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 997a46c9-940b-474c-8027-23eb2e2691b3
X-TrackingId: 3a9b094e-e51f-4075-9324-d9878dbe97ac
X-Powered-By: ARR/3.0
Content-Length: 5651
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/common_raw.js
6.4 kB URL weu-www.sway-cdn.com/161762440100_Content/common_raw.js
IP
File type JavaScript source, ASCII text, with very long lines (23668), with no line terminators
Hash 16596d4249f021d9b71bb5caddb7cc3b
7d3f469ccef320e01ecd9c601e80ef5192326869
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
GET /161762440100_Content/common_raw.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 6432
Cache-Control: public, max-age=44449
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/Hammer-2.0.4.js
6.4 kB URL weu-www.sway-cdn.com/Content/Hammer-2.0.4.js
IP
File type JavaScript source, ASCII text, with very long lines (18177), with CRLF line terminators
Hash d22d7500ab7c72da9195c571002c2495
528c2d1d834916f8a4c47191cb20d16d2f6a53d3
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
GET /Content/Hammer-2.0.4.js HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 6449
Cache-Control: public, max-age=10998
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
Vary: Accept-Encoding
weu-www.sway-cdn.com/161762440100_Content/swayicon.woff
22 kB URL weu-www.sway-cdn.com/161762440100_Content/swayicon.woff
IP
File type Web Open Font Format, TrueType, length 22140, version 1.0
Hash 7d6194a2c2e90678fee013960ea9eca7
98fa90ec84cafcf1e0ff194664e8b4c4d99c056e
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
GET /161762440100_Content/swayicon.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 22140
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
sway.cloud.microsoft/home/sso
640 B URL sway.cloud.microsoft/home/sso
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (568), with CRLF line terminators
Hash 7e11d9b1e9ae84f49e891572f6bf58ac
da7588aba421d31a9a7433fbd42c72c3bcde49df
90678af38073885e0233de860a871d1b2f6a4818c747e812adbcc00e2f139d15
Analyzer Verdict Alert OpenPhish phishing Office365
GET /home/sso HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/
DNT: 1
Connection: keep-alive
Cookie: AuthSess=553cfe14-8462-463c-bbef-0bc6facd9746; AADNonce=a481fcce-2534-40c3-a2cd-423fa612c863.638509891721313087; MicrosoftApplicationsTelemetryDeviceId=f3234165-7772-4573-bb48-b7a8fb7df6ad; ai_session=cWzOlIwq1Q0qfyBrH/ZIEq|1715392373039|1715392373039
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 15da8ae6-4da8-42db-868b-332a315cb563
x-usersessionid: 15da8ae6-4da8-42db-868b-332a315cb563
x-officefe: SwayFrontEnd_IN_10
x-officeversion: 16.0.17624.40100
x-officecluster: weu-000.www.sway.com
x-partitioning-enabled: true
anonuserid: 44cbd520-f67d-459a-a442-272f2429b78f
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: a268cbf4-d21b-48c1-94c0-66b675f972bd
x-trackingid: a5028b69-95df-45ad-8ea1-73e5b2bed137
x-frame-options: SAMEORIGIN
x-powered-by: ARR/3.0
date: Sat, 11 May 2024 01:52:52 GMT
content-length: 640
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/161762440100_Content/WebBadgeIcon.png
563 B URL weu-www.sway-cdn.com/161762440100_Content/WebBadgeIcon.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGB, non-interlaced
Hash a58557c441ca57cc98ef45e54c5f3a6b
e768af00efa4d5f30882ce1b653352e5aba6131b
2903ba56f2302f5bd9721761e1421c69fa82fef7ea7589e182cf805acf55b26c
GET /161762440100_Content/WebBadgeIcon.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: a1f03f46-140f-4452-8011-e9b38b3a7cb7
X-UserSessionId: a1f03f46-140f-4452-8011-e9b38b3a7cb7
X-OfficeFE: SwayFrontEnd_IN_13
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: af9d913d-0723-4d87-9114-3c67c09f23bb
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 0298b195-88c3-4096-abcd-93fa5af7dd9e
X-TrackingId: cf8cb36b-4de6-4e84-8fcb-e9d7c4ab3171
X-Powered-By: ARR/3.0
Content-Length: 563
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/d6-d6e6df/89-746ba4/df-3feeb0/f5-14aef8/bd-f5f332/27-13b2c3/e9-07937b/33-b505e5/fa-7a47db/6e-e2d05f/74-0b2d48/88-5b9b75/1b-240b37/4e-8e1a50/c2-370434/6f-bf5d0f/ea-315ddf/2e-e273bf/17-02d9ee/cf-2a93c7/c0-2ffa80/77-785548/48-4f52bb/3c-6c8ad0/3a-0d7cd3/5f-7d882b/c1-621df2/38-e8e647/17-c82a09/85-bd536d/44-776362/f8-86938e/61-951d1b/39-3d9dc2/81-96da47/ec-e44e19/6c-7627b9?ver=2.0&_cf=20210618&iife=1
36 kB URL www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/d6-d6e6df/89-746ba4/df-3feeb0/f5-14aef8/bd-f5f332/27-13b2c3/e9-07937b/33-b505e5/fa-7a47db/6e-e2d05f/74-0b2d48/88-5b9b75/1b-240b37/4e-8e1a50/c2-370434/6f-bf5d0f/ea-315ddf/2e-e273bf/17-02d9ee/cf-2a93c7/c0-2ffa80/77-785548/48-4f52bb/3c-6c8ad0/3a-0d7cd3/5f-7d882b/c1-621df2/38-e8e647/17-c82a09/85-bd536d/44-776362/f8-86938e/61-951d1b/39-3d9dc2/81-96da47/ec-e44e19/6c-7627b9?ver=2.0&_cf=20210618&iife=1
IP
File type JavaScript source, ASCII text, with very long lines (42133)
Hash b9c3e4320db870036919f1ee117bda6e
29b5a9066b5b1f1fe5afe7ee986e80a49e86606a
a1fe019388875b696edb373b51a51c0a8e3bad52cd489617d042c0722bdb1e48
GET /onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/d6-d6e6df/89-746ba4/df-3feeb0/f5-14aef8/bd-f5f332/27-13b2c3/e9-07937b/33-b505e5/fa-7a47db/6e-e2d05f/74-0b2d48/88-5b9b75/1b-240b37/4e-8e1a50/c2-370434/6f-bf5d0f/ea-315ddf/2e-e273bf/17-02d9ee/cf-2a93c7/c0-2ffa80/77-785548/48-4f52bb/3c-6c8ad0/3a-0d7cd3/5f-7d882b/c1-621df2/38-e8e647/17-c82a09/85-bd536d/44-776362/f8-86938e/61-951d1b/39-3d9dc2/81-96da47/ec-e44e19/6c-7627b9?ver=2.0&_cf=20210618&iife=1 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Wed, 17 Jan 2024 22:30:34 GMT
x-activity-id: 246a010f-d3ad-44e4-babb-d471f27afa0c
x-appversion: 1.0.8745.29656
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-operation-id: a2913d150cfe9e45ac69fffd9f385eb7
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2024-01-17T22:30:34
x-s2: 2024-01-17T22:30:34
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 36102
cache-control: public, max-age=21674220
expires: Thu, 16 Jan 2025 22:29:53 GMT
date: Sat, 11 May 2024 01:52:53 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV5c819449.0
ms-cv-esi: CASMicrosoftCV5c819449.0
x-rtag: RT
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/161762440100_Content/WindowsStoreBadge_en-us.png
20 kB URL weu-www.sway-cdn.com/161762440100_Content/WindowsStoreBadge_en-us.png
IP
File type PNG image data, 100 x 40, 8-bit/color RGBA, non-interlaced
Hash 5d6f310e57c8135a99edc100909b268b
44c98e7374fd552cfb0b285de796eaf992535c62
d0c637a8e36342951d373b2f5256976492a9a1d87c4981ba2853f9574762797c
GET /161762440100_Content/WindowsStoreBadge_en-us.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 9ebc2de6-3152-4d7f-a98b-1eaa78a86fec
X-UserSessionId: 9ebc2de6-3152-4d7f-a98b-1eaa78a86fec
X-OfficeFE: SwayFrontEnd_IN_1
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: e6589d5c-1468-4d4a-b0fe-d90c9e51d017
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 2f601007-032c-46f4-87fd-8de4c8312e06
X-TrackingId: 61263c88-562a-452e-851f-74e0efd87994
X-Powered-By: ARR/3.0
Content-Length: 19513
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/icons_1_communication.png
697 B URL weu-www.sway-cdn.com/161762440100_Content/icons_1_communication.png
IP
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 8beae8cc69c260d693351ec3938dbb85
e0f109c03cb134dc9964c501cd725b5a49c5435f
67a2d862f78db9f7566a2acd37e949aec271ce9d0a1acd30dbb975312d04f577
GET /161762440100_Content/icons_1_communication.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 8d4196e8-754b-4d01-8953-3b0cc71af454
X-UserSessionId: 8d4196e8-754b-4d01-8953-3b0cc71af454
X-OfficeFE: SwayFrontEnd_IN_14
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: ff7650e3-da46-4ada-87bf-10256aaca861
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: d031ad44-7f39-4ea6-934d-ae6428ccaf2c
X-TrackingId: 57d7cf60-411e-4bde-82b4-a69dc69581eb
X-Powered-By: ARR/3.0
Content-Length: 697
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/icons_1_newsletter.png
607 B URL weu-www.sway-cdn.com/161762440100_Content/icons_1_newsletter.png
IP
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 2a149bd8017b3f798eb53e9a452adefd
1490cde3e2a8ca144102b1a98bf72254f58f59e3
3018522b0ad4f89ffc7a8e01d1f370e87b99663489c5d74bde1b9b5eaa200ee4
GET /161762440100_Content/icons_1_newsletter.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 9b0631a8-73ea-46ba-820a-d33ad099e672
X-UserSessionId: 9b0631a8-73ea-46ba-820a-d33ad099e672
X-OfficeFE: SwayFrontEnd_IN_13
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 404b4631-de47-4d25-b81f-983161d661c9
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 4c608ad6-70ab-482f-a2b2-777dd34edd9f
X-TrackingId: c02d9684-e536-48ff-8267-1df92a9cdb21
X-Powered-By: ARR/3.0
Content-Length: 607
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/icons_1_presentation.png
397 B URL weu-www.sway-cdn.com/161762440100_Content/icons_1_presentation.png
IP
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash da26ebaa3824cdf4e671478a03d0de60
e86d29961199ee7efb5a939022ed0fa7e36d9675
9f94843778b32fc32be3739a81185d3cfac9c0748dfa936f3d6d6108c583dd1c
GET /161762440100_Content/icons_1_presentation.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 48d4e160-a0e2-4c09-94b3-602dbc2f75e9
X-UserSessionId: 48d4e160-a0e2-4c09-94b3-602dbc2f75e9
X-OfficeFE: SwayFrontEnd_IN_8
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 8b33755a-41dd-4458-a0ac-a764e7357327
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: f0856125-f755-418c-b165-a932a1146f3f
X-TrackingId: 4f04a8f3-7362-4db0-8919-202fbd8f75cb
X-Powered-By: ARR/3.0
Content-Length: 397
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/segoeuilight.woff
28 kB URL weu-www.sway-cdn.com/Content/segoeuilight.woff
IP
File type Web Open Font Format, TrueType, length 27544, version 1.0
Hash 77f59b6f344e8ad0b45aaf11cade55f0
f2c5d0ab0e7af54664715909b4bd84f87fd68d66
6103756591a0902515ab10671ed7dcab4100573121ec704e75433abb453f5cb9
GET /Content/segoeuilight.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 27544
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
26 kB URL www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
IP
File type Web Open Font Format, TrueType, length 26288, version 0.0
Hash d0263dc03be4c393a90bda733c57d6db
8a032b6deab53a33234c735133b48518f8643b92
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Thu, 18 Jan 2024 11:19:43 GMT
x-activity-id: 1d286420-d906-4932-a5b6-7cdae2bc95a2
x-appversion: 1.0.8745.29656
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-operation-id: d591d5197659514a84508ea6267c8621
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=21720363
expires: Fri, 17 Jan 2025 11:18:56 GMT
date: Sat, 11 May 2024 01:52:53 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV5c8194fc.0
ms-cv-esi: CASMicrosoftCV5c8194fc.0
x-rtag: RT
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/161762440100_Content/newhomepagebackground_1920.jpg
372 kB URL weu-www.sway-cdn.com/161762440100_Content/newhomepagebackground_1920.jpg
IP
File type JPEG image data, baseline, precision 8, 1920x576, components 3
Size 372 kB (371843 bytes)
Hash 6612d96f6f7bd65a1e299a97073fd9eb
6ea344c1245638ae4d5a33b159f23e9546912641
0c5adadbdd947199bd68146720f44584c7fbc7dfb4db9e3c2023574db0d8518b
GET /161762440100_Content/newhomepagebackground_1920.jpg HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 371843
Content-Type: image/jpeg
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 2584e94c-8e6c-455b-9fb9-5e8ac5109402
X-UserSessionId: 2584e94c-8e6c-455b-9fb9-5e8ac5109402
X-OfficeFE: SwayFrontEnd_IN_1
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 1f5f9e4a-fb53-40ee-8fb2-b8c391032e77
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 2f3fad3c-2f12-41dd-a4c2-54c02f568533
X-TrackingId: 186a5a32-0301-4e87-bb5f-878612d5c359
X-Powered-By: ARR/3.0
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/swayiconsb.woff
24 kB URL weu-www.sway-cdn.com/161762440100_Content/swayiconsb.woff
IP
File type Web Open Font Format, TrueType, length 23704, version 1.0
Hash 7dded8e00e4e1fa6b8301ba58fdb96f1
a5cc4c84ed041ef71d6a989b34b841942234ba2b
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
GET /161762440100_Content/swayiconsb.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 23704
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/swayiconsl.woff
18 kB URL weu-www.sway-cdn.com/161762440100_Content/swayiconsl.woff
IP
File type Web Open Font Format, TrueType, length 17928, version 1.0
Hash 79fe1f8b05fee28587b8f88540aea467
77465646d7c48b25debbe396810d515bc4ef34ef
3ba8db3c78db3dc15cb4a8c2523b5fbe189cf4ba8a24b07a810616ef4946b279
GET /161762440100_Content/swayiconsl.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 17928
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/HomepageTestimonialLogoMS.png
14 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageTestimonialLogoMS.png
IP
File type PNG image data, 377 x 92, 8-bit/color RGBA, non-interlaced
Hash 810a6d9fdacfeff409e8f248f5ef72b4
92e86dbd8faba4e53e9cfcb507bd618476c92597
7c1a831a2cc0922a98ec02f4efa3020c510d62855ab965cff0b1b11105511292
GET /161762440100_Content/HomepageTestimonialLogoMS.png HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 506da4bd-eb69-4374-921b-25fdd1ce8329
X-UserSessionId: 506da4bd-eb69-4374-921b-25fdd1ce8329
X-OfficeFE: SwayFrontEnd_IN_13
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: efbe7159-e6b1-4dc9-98e5-02014fec6893
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 78732524-1150-41b7-b220-b3dd7680693f
X-TrackingId: d58f8279-9665-4dd5-86b2-1910ddc23cd5
X-Powered-By: ARR/3.0
Content-Length: 13837
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/HomepageUpsell_1920.jpg
280 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageUpsell_1920.jpg
IP
File type JPEG image data, baseline, precision 8, 1920x640, components 3
Size 280 kB (279610 bytes)
Hash 541966f566df278cbf182ee3d87cd1d6
1866d49cc7bd662928c86975c1c8c64210a4bebd
0da231bed8c88daf26dcbaa2a8f65799713acd1a9d24732ff1c780496f62799d
GET /161762440100_Content/HomepageUpsell_1920.jpg HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 279610
Content-Type: image/jpeg
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 43f39367-6854-47c3-a56f-751ef534f316
X-UserSessionId: 43f39367-6854-47c3-a56f-751ef534f316
X-OfficeFE: SwayFrontEnd_IN_3
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: d9333e5b-2951-432a-a04b-345dba888527
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 4bf1e004-4dc6-4286-bfed-ffa6261f3255
X-TrackingId: c9c87a38-bfe2-441b-a69c-ce7611aaa12a
X-Powered-By: ARR/3.0
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/segoeuisl.woff
30 kB URL weu-www.sway-cdn.com/Content/segoeuisl.woff
IP
File type Web Open Font Format, TrueType, length 29464, version 1.0
Hash 6a419545705dee19082e8e62105488df
72a5d33a47932ed6cf2d196c8d8222204e4a71fd
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
GET /Content/segoeuisl.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 29464
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/segoeuisb.woff
32 kB URL weu-www.sway-cdn.com/Content/segoeuisb.woff
IP
File type Web Open Font Format, TrueType, length 31712, version 1.0
Hash f9ec3999394b8cce87da4f77e45a5a6a
abb546981566494ea71c7e294caa59bd60906887
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
GET /Content/segoeuisb.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 31712
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Add_Contents_Tall_600.mp4
313 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Add_Contents_Tall_600.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]
Size 313 kB (312730 bytes)
Hash 143de3e45a7298ccbbb7fe75ec93d204
ffd739eec723e67108f9794d0174a6daa27cf881
a839e03fee5b924963b15d79afe925b0d035ff7629b7820135620116c42a4a9f
GET /161762440100_Content/HomepageVideos/Add_Contents_Tall_600.mp4 HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
anonuserid: dd5b84db-881e-4b63-b068-ddf4f2a892e5
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Cache-Control: public, max-age=9254
Date: Sat, 11 May 2024 01:52:53 GMT
Content-Range: bytes 0-312729/312730
Content-Length: 312730
Connection: keep-alive
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
4.1 kB URL img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
Hash 9f14c20150a003d7ce4de57c298f0fba
daa53cf17cc45878a1b153f3c3bf47dc9669d78f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
GET /cms/api/am/imageFileData/RE1Mu3b?ver=5c31 HTTP/1.1
Host: img-prod-cms-rt-microsoft-com.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
last-modified: Tue, 30 Apr 2024 01:06:24 GMT
x-datacenter: eastus
x-activityid: c8149afb-a7c6-49a6-bed7-6b9e647fa136
timing-allow-origin: *
x-frame-options: DENY
x-resizerversion: 1.0
content-type: image/png
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
x-source-length: 4054
content-length: 4054
cache-control: public, max-age=219191
expires: Mon, 13 May 2024 14:46:04 GMT
date: Sat, 11 May 2024 01:52:53 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
X-Firefox-Spdy: h2
login.microsoftonline.com/savedusers?wreply=https://sway.cloud.microsoft/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true
1.0 kB URL login.microsoftonline.com/savedusers?wreply=https://sway.cloud.microsoft/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JavaScript source, ASCII text, with CRLF line terminators
Hash f671e0a1dc4af74cf5ee3396708a3fee
6a382977420551d9ebb514023e2eed3e357c118f
01129c3b66fda869e46fb07b70cedd0b0cff1bd616fa191d821633491a7b4e29
GET /savedusers?wreply=https://sway.cloud.microsoft/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: af72a558-2972-40b2-bde7-dd30a2d93800
x-ms-ests-server: 2.1.18037.7 - FRC ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: fpc=Ascrkp2oOJ5HjzXDFds5pcA; expires=Mon, 10-Jun-2024 01:52:53 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8EnPaCcFnQzfzmzLLa3t1wVAvRWfvRQQHf5dQnOUbYR8I1EWQTQ3BgTEU5dk88Yfxa5jlSe6IfGOwB1sOWYS0lqk9iMqKrTgCWHatVpPEPtJw_-RQ8p2H6P53NAUEGpBS4q2fHMQkHVwfKhBfhyKuv6Xs8dEkvnqu8WfTBlE0li4gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Sat, 11 May 2024 01:52:53 GMT
Content-Length: 1022
weu-www.sway-cdn.com/161762440100_Content/newhomepagebackground_1366.jpg
210 kB URL weu-www.sway-cdn.com/161762440100_Content/newhomepagebackground_1366.jpg
IP
File type JPEG image data, baseline, precision 8, 1366x375, components 3
Size 210 kB (210080 bytes)
Hash b0a81d9bafae48898877e0c85ffeeb2b
263a929bccafe5bc67b0a614a57ce2ca22b796d3
69867332c2809683f8e41eafc1d6d724c64de5cb60fc3864cd0ad246567a8c30
GET /161762440100_Content/newhomepagebackground_1366.jpg HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 1217cb35-8f77-45b8-b41a-c31bff8cc334
X-UserSessionId: 1217cb35-8f77-45b8-b41a-c31bff8cc334
X-OfficeFE: SwayFrontEnd_IN_9
X-OfficeVersion: 16.0.17611.40102
X-OfficeCluster: weu-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 649eb627-ded6-44d1-bb79-c75279d1969b
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 92452408-e42e-4602-af89-cb1609581748
X-TrackingId: 2a06cf47-3998-435d-a5c9-f3720c024cbe
X-Powered-By: ARR/3.0
Content-Length: 210080
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/HomepageUpsell_1366.jpg
154 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageUpsell_1366.jpg
IP
File type JPEG image data, baseline, precision 8, 1366x455, components 3
Size 154 kB (154489 bytes)
Hash 7977ac29324ac70a025508ddd9e87064
eb376e0521d25b82a06a9245674c57984564d5d2
2b07333a31520588a6d6c9f967ea8464d418f4055825509978ae61e752581d5a
GET /161762440100_Content/HomepageUpsell_1366.jpg HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: ff48b27d-688b-43c4-b8f8-aff2c699a438
X-UserSessionId: ff48b27d-688b-43c4-b8f8-aff2c699a438
X-OfficeFE: SwayFrontEnd_IN_0
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: weu-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 4538690b-523f-4c95-82e4-5fb05de909e2
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: d42aab06-d64a-476f-b6a6-3e50bd865275
X-TrackingId: 439fe974-c644-4f02-a1ec-251d78601314
X-Powered-By: ARR/3.0
Content-Length: 154489
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Remix_v10_Tall_310.mp4
55 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Remix_v10_Tall_310.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]
Hash 98d62304bbe26f244eab7148918ffe6c
7ba2f112d4560185dc9614605205ebbd309f7288
820ca3370a1d21ca8753d82e9b6212527be82a24c24cc726f9f13ed02acb2b87
GET /161762440100_Content/HomepageVideos/Remix_v10_Tall_310.mp4 HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
anonuserid: 18bacf09-7b01-4fda-9ef1-d48b4efae8b2
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Cache-Control: public, max-age=64086
Date: Sat, 11 May 2024 01:52:53 GMT
Content-Range: bytes 0-55172/55173
Content-Length: 55173
Connection: keep-alive
weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Add_Contents_Tall_310.mp4
121 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Add_Contents_Tall_310.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]
Size 121 kB (120949 bytes)
Hash 0b5344aeb4e610e133d34d619ceae4f2
ca4ebe7e3bc21ea5f7d1eacfe6530f97e4ccb1b1
326758284976e10dd393934be11cd00682a93130c3c2c673c2b17bd484948920
GET /161762440100_Content/HomepageVideos/Add_Contents_Tall_310.mp4 HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
anonuserid: 7cecc53b-2250-4445-a854-b7df31d9e6f7
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Cache-Control: public, max-age=64086
Date: Sat, 11 May 2024 01:52:53 GMT
Content-Range: bytes 0-120948/120949
Content-Length: 120949
Connection: keep-alive
login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
200 OK 11 kB URL User Request GET HTTP/1.1 login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerDigiCert Inc
Subjectlogin.live.com
Fingerprint82:2F:20:E4:BD:99:37:36:52:F8:AF:FC:4D:86:73:BA:3A:7A:65:3E
ValidityFri, 29 Mar 2024 00:00:00 GMT - Sat, 29 Mar 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (24895)
Hash 522171e712d53faf214da2d0e90eafef
966a72ebb69a40c608231571c622b17ec7d1263d
095a218f59d04092e8a1119c71ca5cc2921fba00a8b92ecc5b18f153cf4fb030
GET /login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sat, 11 May 2024 01:51:53 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-DNS-Prefetch-Control: on
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://logincdn.msftauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: C542_BL2
x-ms-request-id: d4a43dfa-3715-4095-81c6-6c94252df5dc
PPServer: PPV: 30 H: BL02EPF0001D945 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=fe4e7b58b6e1471ea8cbdb505ba3436e; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=296906<=1715392373&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSCC=91.90.42.154-NO; expires=Thu, 05-Jun-2025 01:52:53 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPOK=$uuid-c8c056f1-38cf-431f-a303-bce9643d6100; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
OParams=11O.DiglQA!GnzuzkwfDtxKnUZCF!uyITNLVIITtue!t*S0P2MQVoUtj!OLtD1PUn41iIyM*rMhIRfPwcmhKNrXrXADZhYNBYkSDpfd*NvZz04vSgpDI4Gs4WmvHeGih0sPULgrw3HIC1iLB!o*z4qMxu02pBwp1bwsEOhcz!BORVilaDInglPGf64pd*62RE!vNvbQUvLs7acvWZOflgFRQ!nvwPzIpyFZERhYUl!gWxUtMILh0592IODpG1sLrpJ8*TYc3QhlYQELnrld**UAD*mYMGJ6yF!BQpacbGxCb0FeJZ0zxKnw8DkAj4TQEXmYFThzitJZGKqCW*SRsL8sBjrmit2KzmDJ3WQzcHnr3VsviDo7zaAxDWVtLA3hyIvFGOnXNBqjsDauFJcsWbMi4gXsgaMIhdGkurluLalR2yTgVO6kf4ZDkXGi0mbir67vMfz0*Ab3pRijg2zoBGjDfWiwHkzCInWOr759ZjMHhtPodTrVxGUJZsMogm7XXblZKBEAKJsho16rvtzU!7Vw8ETfMOK9ovGc7G!hqKeNw8ZFPL**q9ioJf6FsxJqhAGnpJw$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Sat, 11 May 2024 01:52:53 GMT
Content-Length: 10896
weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Remix_v10_Tall_600.mp4
335 kB URL weu-www.sway-cdn.com/161762440100_Content/HomepageVideos/Remix_v10_Tall_600.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]
Size 335 kB (335401 bytes)
Hash d5ed0e64ac9201c835e9037bdb22ecc0
27a06269c35884ea17b011de511859cc3bc0f23a
69ed8556f005099eb15b3648d37d5c85024787d6c35517453aab033ca48dae3a
GET /161762440100_Content/HomepageVideos/Remix_v10_Tall_600.mp4 HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
anonuserid: 9103b918-449b-4eb7-8d3b-c470b95a9232
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Cache-Control: public, max-age=9254
Date: Sat, 11 May 2024 01:52:53 GMT
Content-Range: bytes 0-130776/130777
Content-Length: 130777
Connection: keep-alive
sway.cloud.microsoft/RemoteUls.ashx
0 B URL sway.cloud.microsoft/RemoteUls.ashx
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Office365
POST /RemoteUls.ashx HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/
Content-Type: application/json
X-UserSessionId: e4861f79-641d-4515-ad42-43bb53439724
anonuserid: 047e4aa6-f095-48a8-8bd3-8309e421e997
Content-Length: 4804
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=553cfe14-8462-463c-bbef-0bc6facd9746; AADNonce=a481fcce-2534-40c3-a2cd-423fa612c863.638509891721313087; MicrosoftApplicationsTelemetryDeviceId=f3234165-7772-4573-bb48-b7a8fb7df6ad; ai_session=cWzOlIwq1Q0qfyBrH/ZIEq|1715392373039|1715392373039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 07a3697c-2ed3-413d-b5ed-0cad1156d5a8
x-usersessionid: e4861f79-641d-4515-ad42-43bb53439724
x-officefe: SwayFrontEnd_IN_11
x-officeversion: 16.0.17624.40100
x-officecluster: weu-001.www.sway.com
x-partitioning-enabled: true
anonuserid: 047e4aa6-f095-48a8-8bd3-8309e421e997
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: 4aa2c52a-6c37-477a-ac66-1c18f4ed8b97
x-trackingid: 9b0ad9a0-144d-4f14-beb0-d7dea800ab65
x-buls-suppressionetag: N/A
x-buls-suppressedtags:
x-content-type-options: nosniff, nosniff
x-download-options: noopen
content-disposition: attachment
x-powered-by: ARR/3.0
date: Sat, 11 May 2024 01:52:52 GMT
content-length: 0
X-Firefox-Spdy: h2
weu-www.sway-cdn.com/Content/segoeui.woff
76 kB URL weu-www.sway-cdn.com/Content/segoeui.woff
IP
File type Web Open Font Format, TrueType, length 75464, version 0.0
Hash 5fa620c9eefcd9c86b00199b3733d6e8
8ba2626e252e2f39b3a063810dadee2b55e0643b
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
GET /Content/segoeui.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 75464
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/segoeuisb.woff
32 kB URL weu-www.sway-cdn.com/Content/segoeuisb.woff
IP
File type Web Open Font Format, TrueType, length 31712, version 1.0
Hash f9ec3999394b8cce87da4f77e45a5a6a
abb546981566494ea71c7e294caa59bd60906887
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
GET /Content/segoeuisb.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 31712
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/segoeuilight.woff
28 kB URL weu-www.sway-cdn.com/Content/segoeuilight.woff
IP
File type Web Open Font Format, TrueType, length 27544, version 1.0
Hash 77f59b6f344e8ad0b45aaf11cade55f0
f2c5d0ab0e7af54664715909b4bd84f87fd68d66
6103756591a0902515ab10671ed7dcab4100573121ec704e75433abb453f5cb9
GET /Content/segoeuilight.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 27544
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
weu-www.sway-cdn.com/Content/segoeuisl.woff
30 kB URL weu-www.sway-cdn.com/Content/segoeuisl.woff
IP
File type Web Open Font Format, TrueType, length 29464, version 1.0
Hash 6a419545705dee19082e8e62105488df
72a5d33a47932ed6cf2d196c8d8222204e4a71fd
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
GET /Content/segoeuisl.woff HTTP/1.1
Host: weu-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 29464
Cache-Control: public, max-age=86400
Date: Sat, 11 May 2024 01:52:53 GMT
Connection: keep-alive
sway.cloud.microsoft/my/getstories
1.7 kB URL sway.cloud.microsoft/my/getstories
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 194ce0cc7d71646a408aeedfb9313a30
91f3001d1acb4c417bafcc369073266a63419aaa
bda05c01b9e178e0378ca0fcbe56cbb4237ceb277784ce898d71e11ba7fd2b09
Analyzer Verdict Alert OpenPhish phishing Office365
POST /my/getstories HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/
Content-Type: application/json; charset=utf-8
anonuserid: 047e4aa6-f095-48a8-8bd3-8309e421e997
X-UserSessionId: e4861f79-641d-4515-ad42-43bb53439724
X-Key: mp1KR5jZbBgQM4qpH1suChYocyca71JxaIvkb9RDf9g=,638509891721000548
X-Requested-With: XMLHttpRequest
Content-Length: 53
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=553cfe14-8462-463c-bbef-0bc6facd9746; AADNonce=a481fcce-2534-40c3-a2cd-423fa612c863.638509891721313087; MicrosoftApplicationsTelemetryDeviceId=f3234165-7772-4573-bb48-b7a8fb7df6ad; ai_session=cWzOlIwq1Q0qfyBrH/ZIEq|1715392373039|1715392373039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: application/json
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 065b9f90-a842-4f84-a680-a65c0e6f2ca3
x-usersessionid: e4861f79-641d-4515-ad42-43bb53439724
x-officefe: SwayFrontEnd_IN_3
x-officeversion: 16.0.17624.40100
x-officecluster: weu-001.www.sway.com
x-partitioning-enabled: true
anonuserid: 047e4aa6-f095-48a8-8bd3-8309e421e997
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: 69c26054-3976-4d84-9c86-7ce2d8038f45
x-trackingid: 101ea64a-dd73-4e0d-b444-3164bc173a5c
x-frame-options: SAMEORIGIN
x-powered-by: ARR/3.0
date: Sat, 11 May 2024 01:52:53 GMT
content-length: 1737
X-Firefox-Spdy: h2
logincdn.msauth.net/shared/5/js/login_en_1cVzCBHvh3SPpo0O3t4SnQ2.js
200 OK 229 kB URL GET HTTP/2 logincdn.msauth.net/shared/5/js/login_en_1cVzCBHvh3SPpo0O3t4SnQ2.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type JavaScript source, ASCII text, with very long lines (65470)
Size 229 kB (229109 bytes)
Hash d5c5730811ef87748fa68d0edede129d
6ac47192b67a2ceaa026b6a6fe6ddad6f2c22c2f
0be6bac721fbbceda14c3a1cb5003853f25a9c6d1fd61fd1357b9efd3947ec06
GET /shared/5/js/login_en_1cVzCBHvh3SPpo0O3t4SnQ2.js HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
Origin: https://login.live.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:54 GMT
content-type: application/x-javascript
content-length: 229109
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Apr 2024 03:11:25 GMT
etag: 0x8DC68C33835875D
x-ms-request-id: 28c1a3fc-b01e-001d-724c-a08aa7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015254Z-er15bb998b76lfppctne8f52gs00000006qg00000000292q
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
200 OK 11 kB URL User Request GET HTTP/1.1 login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerDigiCert Inc
Subjectlogin.live.com
Fingerprint82:2F:20:E4:BD:99:37:36:52:F8:AF:FC:4D:86:73:BA:3A:7A:65:3E
ValidityFri, 29 Mar 2024 00:00:00 GMT - Sat, 29 Mar 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (24845)
Hash 488b0933ddbddc51fb4c4441c6c70431
342c3b708227f7d9717744787ef51ab82a020e38
ea1bcf4e4bfe1b0308619af867ae4c16017da2f37ab76dc15b1bf1201423212f
GET /login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sat, 11 May 2024 01:51:54 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-DNS-Prefetch-Control: on
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://logincdn.msftauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: C548_BL2
x-ms-request-id: 5a94cf3a-768e-4f13-97a1-11eea4360898
PPServer: PPV: 30 H: BL02EPF0001D99D V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=e092d50fed1846bc8d40e8c7f4df0331; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=296906<=1715392374&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSCC=91.90.42.154-NO; expires=Thu, 05-Jun-2025 01:52:54 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPOK=$uuid-a43852ab-9200-4756-b2a9-78f8aa0b6174; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
OParams=11O.DsQv5kz61ff7WHEZzAK8N4MByrJgW21BHcgaMCJj*zetoojpk!*pBT57lnwDkm3UuH8W10u**ps34ah5ZW2VmGQXevD0uhzaZtI32k8obcrhqsY7IrE5ivU*rvr0ZaVjoEUqLwBZ*8PgcATIMhC3n4XeyCiM6ZKM798pbSxnxeL04sDX1wm9uoWm7NfnrTxm4eAqFANMh2ZfXt7QDbnihe2cAtleXVrbv2zl6Eqddp9bnl**uOCg8cbxuDqst2EuqsCMzlmuhnLmCVGlth2KOOzszceNeQp3x1AHIsBzujlosD6IKKcRytXn4SctB*Yxbkz6kGYybr!iVVds82UIv60VmYBmV1GAiFv4vcEm2mWzrKZLNDgnUvPfhZOQ13BnuoHCcN3PEr1*OzGDb4c*nVJH1PNXQkCNNouzQXqOu!nkRnWA5pGoKJ9TiTkgvB0z!T1SaMOOpoUtq11mR1SWUr7K2gMF!Pzdch05ldJs48*bnkHhAmu9OC1yRvvLIyvdSgoussMiSYDOtpd3x3*oPfhbJJ1PXSzFSFaBa869jI8nE9!!pXYR8HhfWk*Nj8Q90Q$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Sat, 11 May 2024 01:52:54 GMT
Content-Length: 10896
logincdn.msauth.net/shared/5/js/login_en_1cVzCBHvh3SPpo0O3t4SnQ2.js
200 OK 229 kB URL GET HTTP/2 logincdn.msauth.net/shared/5/js/login_en_1cVzCBHvh3SPpo0O3t4SnQ2.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type JavaScript source, ASCII text, with very long lines (65470)
Size 229 kB (229109 bytes)
Hash d5c5730811ef87748fa68d0edede129d
6ac47192b67a2ceaa026b6a6fe6ddad6f2c22c2f
0be6bac721fbbceda14c3a1cb5003853f25a9c6d1fd61fd1357b9efd3947ec06
GET /shared/5/js/login_en_1cVzCBHvh3SPpo0O3t4SnQ2.js HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
Origin: https://login.live.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:54 GMT
content-type: application/x-javascript
content-length: 229109
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Apr 2024 03:11:25 GMT
etag: 0x8DC68C33835875D
x-ms-request-id: 28c1a3fc-b01e-001d-724c-a08aa7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015254Z-er15bb998b7dzfrgu6mmp2sphn00000006tg000000006bqm
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js
200 OK 33 kB URL GET HTTP/2 logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type JavaScript source, ASCII text, with very long lines (65436)
Hash d390aa6a6d257834d807d8e7ddc90968
6a6efd105dbbeb099d25998a38875808d83af5c8
d755d7ce744425dee51a3bd8cba9b2a789d96c584c9958082b557feb70f226d9
GET /shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
Origin: https://login.live.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:54 GMT
content-type: application/x-javascript
content-length: 32821
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 01:22:56 GMT
etag: 0x8DC5057EDD0C741
x-ms-request-id: fceb0845-401e-000a-3427-9feb8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015254Z-er15bb998b7dzfrgu6mmp2sphn00000006tg000000006bqx
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
200 OK 1.4 kB URL GET HTTP/2 logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type SVG Scalable Vector Graphics image
Hash ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:54 GMT
content-type: image/svg+xml
content-length: 1435
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 15:44:25 GMT
etag: 0x8DB772562988611
x-ms-request-id: 7d5e65f6-401e-001a-4c25-9f5ba9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015254Z-er15bb998b7dzfrgu6mmp2sphn00000006tg000000006br1
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
200 OK 673 B URL GET HTTP/2 logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type SVG Scalable Vector Graphics image
Hash bc3d32a696895f78c19df6c717586a5d
9191cb156a30a3ed79c44c0a16c95159e8ff689d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:54 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 15:44:22 GMT
etag: 0x8DB7725611C3E0C
x-ms-request-id: d9c41f78-101e-006f-3efd-9e2ea3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015254Z-er15bb998b7dzfrgu6mmp2sphn00000006tg000000006br2
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
logincdn.msauth.net/16.000.30208.15/images/favicon.ico
200 OK 17 kB URL GET HTTP/2 logincdn.msauth.net/16.000.30208.15/images/favicon.ico
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /16.000.30208.15/images/favicon.ico HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:54 GMT
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=604800
last-modified: Mon, 29 Apr 2024 22:34:04 GMT
etag: 0x8DC689C79A0B0C0
x-ms-request-id: 776db92d-201e-0048-193f-9f6e9e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015254Z-er15bb998b7dzfrgu6mmp2sphn00000006tg000000006br4
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374015&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
204 No Content 0 B URL POST HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374015&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/
Certificate IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B
ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374015&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1083
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=6d524c1e49934f328c1121b0eb7eb9a6&HASH=6d52&LV=202405&V=4&LU=1715392374870; Domain=.microsoft.com; Expires=Sun, 11 May 2025 01:52:54 GMT; Path=/;Secure; SameSite=None
MS0=45e686b1b235473b810886bb6e5cec39; Domain=.microsoft.com; Expires=Sat, 11 May 2024 02:22:54 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 855
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://sway.cloud.microsoft
access-control-expose-headers: time-delta-millis
date: Sat, 11 May 2024 01:52:54 GMT
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374033&w=0&NoResponseBody=true
204 No Content 0 B URL POST HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374033&w=0&NoResponseBody=true
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/
Certificate IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B
ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374033&w=0&NoResponseBody=true HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1036
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=082527efce614a78a248eec083895099&HASH=0825&LV=202405&V=4&LU=1715392374933; Domain=.microsoft.com; Expires=Sun, 11 May 2025 01:52:54 GMT; Path=/;Secure; SameSite=None
MS0=ef70aa92a3e74421b35314a15aa5eb87; Domain=.microsoft.com; Expires=Sat, 11 May 2024 02:22:54 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 900
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://sway.cloud.microsoft
access-control-expose-headers: time-delta-millis
date: Sat, 11 May 2024 01:52:54 GMT
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374305&w=0&NoResponseBody=true
204 No Content 0 B URL POST HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374305&w=0&NoResponseBody=true
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/
Certificate IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B
ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-4.2.0&apikey=5d1fa744e5384d0093c87728b8c82ba5-50cec549-2dcb-4608-82d5-aa15b5262c46-7389&upload-time=1715392374305&w=0&NoResponseBody=true HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4238
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=7e18d23cb7ca40f88fc21b8d11a336b0&HASH=7e18&LV=202405&V=4&LU=1715392374964; Domain=.microsoft.com; Expires=Sun, 11 May 2025 01:52:54 GMT; Path=/;Secure; SameSite=None
MS0=551799c477eb41d3892bbe79a06cffbf; Domain=.microsoft.com; Expires=Sat, 11 May 2024 02:22:54 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 659
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://sway.cloud.microsoft
access-control-expose-headers: time-delta-millis
date: Sat, 11 May 2024 01:52:54 GMT
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.17&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1715392374309&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
204 No Content 0 B URL POST HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.17&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1715392374309&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/
Certificate IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B
ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.17&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1715392374309&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7814
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=d2821f5c96e04e9882f72dc8bce3c1bd&HASH=d282&LV=202405&V=4&LU=1715392374964; Domain=.microsoft.com; Expires=Sun, 11 May 2025 01:52:54 GMT; Path=/;Secure; SameSite=None
MS0=4632d85fbb0a42008fb2a890a5de7bc6; Domain=.microsoft.com; Expires=Sat, 11 May 2024 02:22:54 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 655
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://sway.cloud.microsoft
access-control-expose-headers: time-delta-millis
date: Sat, 11 May 2024 01:52:54 GMT
X-Firefox-Spdy: h2
logincdn.msauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg
200 OK 621 B URL GET HTTP/2 logincdn.msauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B
ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT
File type SVG Scalable Vector Graphics image
Hash 4e48046ce74f4b89d45037c90576bfac
4a41b3b51ed787f7b33294202da72220c7cd2c32
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 May 2024 01:52:55 GMT
content-type: image/svg+xml
content-length: 621
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 15:44:30 GMT
etag: 0x8DB772565B93440
x-ms-request-id: dde73f1b-101e-0043-6f17-9d4b89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240511T015255Z-er15bb998b7dzfrgu6mmp2sphn00000006tg000000006brg
x-fd-int-roxy-purgeid: 67912908
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
200 OK 0 B URL OPTIONS HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B
ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://login.live.com/
Origin: https://login.live.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://login.live.com
date: Sat, 11 May 2024 01:52:56 GMT
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
200 OK 153 B URL OPTIONS HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&ct=1715392373&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fsway.cloud.microsoft%2Fauthredir%3Furl%3Dhttps%253a%252f%252fsway.cloud.microsoft%253a443%252fhome%252fsso%26hurl%3D%252bZ9wRR%252bJ0PU5Zb%252fYOli0tOBBaorRbnj16q%252fabzIZrmU%253d.eYXYY3UWHyHk0EBPKj%252bKALZv%252fDn6oAcVMb6h%252bY9udo0%253d%26ipt%3D0%26sn%3Dalternate%26si%3D1%26wctx%3D553cfe14-8462-463c-bbef-0bc6facd9746&lc=1033&id=296906&lw=1&fl=easi2&aadredir=1
Certificate IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B
ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT
Hash 3095ca5e040dd06cb39bd6a8f16dd1e9
2e1d109ea6215e68ca4c88f9c4c5f9706114c9db
c45f3e44d05961b39b385b2ebca88ddb81cc54231f9a183f9c2e4b24ef252dac
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.15
apikey: 69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293
upload-time: 1715392377247
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 3464
Origin: https://login.live.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=22fbf74d6e43435880d7db5a3ba2c96f&HASH=22fb&LV=202405&V=4&LU=1715392377724; Domain=.microsoft.com; Expires=Sun, 11 May 2025 01:52:57 GMT; Path=/;Secure; SameSite=None
MS0=3303b1afad78419aa5c6d2d1338acee0; Domain=.microsoft.com; Expires=Sat, 11 May 2024 02:22:57 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 477
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://login.live.com
access-control-expose-headers: time-delta-millis
date: Sat, 11 May 2024 01:52:57 GMT
X-Firefox-Spdy: h2
52.111.243.44
2.18.173.151
52.168.117.168
95.101.96.137
20.190.177.85
0.0.0.0