sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
52.111.243.44200 OK 12 kB URL User Request GET HTTP/2 sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (18104), with CRLF, LF line terminators
Hash 213dbc8e93c03e8f096b1186e740b8bb
e357e0590139fefab982851f2f497f5ad31a751e
5dc226bb4da6826dc65fa527255bfc56b15f2889e00e8adf3dfe8f71f7b8327e
Analyzer Verdict Alert OpenPhish phishing Office365
GET /BPP24n0KTDvIFWKf?ref=Link HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: AuthSess=aaf2c3a8-b3cd-4049-8ef5-6c7c16a5e759; domain=sway.cloud.microsoft; path=/; samesite=none; secure; HttpOnly
AADNonce=5cff6355-e2d3-4c47-93f1-a02c5c4e9f74.638507704007802140; domain=cloud.microsoft; path=/; samesite=none; secure; HttpOnly
x-correlationid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-usersessionid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-officefe: SwayFrontEnd_IN_4
x-officeversion: 16.0.17703.40101
x-officecluster: eus-000.www.sway.com
x-partitioning-enabled: true
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: d9330869-995a-46bd-a48d-aa03a2dee0b2
x-trackingid: 19a4b858-9501-4e63-913c-6d9f55de24df
x-frame-options: SAMEORIGIN
x-key: DCRUzsVzNtaW63iQV4pS4IsgsxIdwatTIh6tXHGhmqc=,638507704007020951
x-robots-tag: noindex, nofollow
x-ua-compatible: IE=edge
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 13:06:40 GMT
content-length: 11797
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/161770340101_Content/Preload.css
104.66.127.98200 OK 12 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/Preload.css
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 103e03370e3023306cd2f3e4d2b8512d
dadc7d138734d2b42f978e0cd0d0383f4dd0ffd4
0f30fad32c0debda2ae7fb2816b34d4ec7da737e8fb48aaba1f3f07c21fd40a2
GET /161770340101_Content/Preload.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 11753
Vary: Accept-Encoding
Cache-Control: public, max-age=56688
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
104.66.127.98200 OK 30 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32236), with CRLF line terminators
Hash 338472d280d64be84d11980dd512176a
95de9f83181ac211f54bf97fd010624513a90459
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
GET /Content/jquery-2.2.4-custom-1.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 29703
Cache-Control: public, max-age=69425
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/Common.js
104.66.127.98200 OK 203 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/Common.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 203 kB (202745 bytes)
Hash aaa0980252987a922eeba0361b1ebb6c
94bb79af19c8e32dbbc477705417ed8b440b20f4
d317583407d823e8b6d81fb522f7b0044fe17a8fa4375d33550365826ef398a0
GET /161770340101_Content/Common.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 202745
Cache-Control: public, max-age=57987
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
104.66.127.98200 OK 18 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32214), with CRLF line terminators
Hash 29e67338030f5091caa7f4290c2bc417
3bcdba4e5f642367cd5a42b7ecdac8ba02a01fad
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
GET /Content/jquery-ui-1.11.4-custom.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 17891
Cache-Control: public, max-age=67294
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
104.66.127.98200 OK 3.2 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (7649), with CRLF line terminators
Hash f299dc10bcddd2e7808b978b3de18936
d8273fb0282bfa670f554e45f8ae7b1f73ec8071
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
GET /Content/modernizr-3.3.1-custom.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 3210
Cache-Control: public, max-age=69425
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/Preload.js
104.66.127.98200 OK 4.2 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/Preload.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18297), with no line terminators
Hash f070ffc5c8bde496d241e5ef6ea85ae9
9b574040fafb228cabc86c6afdb1ed87b140a3af
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
GET /161770340101_Content/Preload.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 4168
Cache-Control: public, max-age=46883
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
104.66.127.98200 OK 13 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, Non-ISO extended-ASCII text, with very long lines (2360), with CRLF line terminators
Hash fd14998badf27d4f974ca33841c97397
d951a5fc5d3a3075e8986dba845d956a9831423e
2306ca934e2c1a52219d8a608c130f2bcdb7d859303f4ca5806cd48db0c9ae6f
GET /Content/CommonDiagnostics-Sway-1.0.0.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 13381
Cache-Control: public, max-age=9820
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/tdb.js
104.66.127.98200 OK 32 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/tdb.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash eae96e25b7ea4f06dc2b686160f661a9
6b0daeb5c08657a9bf96d79ed859985f3da6da52
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
GET /161770340101_Content/tdb.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 32326
Cache-Control: public, max-age=55441
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/en-us/Resources.js
104.66.127.98200 OK 39 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/en-us/Resources.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65481), with no line terminators
Hash 32cfda17933d23e248ebfdfb30d52198
46402d60da46b511be51bb87263f86b0ebeeb707
9f5ac56832c2aab36183cba49d5d6b1526cbc885609388ec5b4376978181db53
GET /161770340101_Content/en-us/Resources.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 39017
Cache-Control: public, max-age=62001
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/StoryPage.js
104.66.127.98200 OK 262 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/StoryPage.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 262 kB (262123 bytes)
Hash 8f0f2fb85f30e911d8be44078f392344
85167056f8c51e155e4a89ed3b28e5e58b02791f
6b4d0d07f8a0aafd09dfa3806bada144aab09704390d8c57a9a8d76f516dd349
GET /161770340101_Content/StoryPage.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 262123
Vary: Accept-Encoding
Cache-Control: public, max-age=55491
Date: Wed, 08 May 2024 13:06:41 GMT
Connection: keep-alive
sway.cloud.microsoft/s/BPP24n0KTDvIFWKf/get?currentClientVersion=201
52.111.243.44200 OK 53 kB URL POST HTTP/2 sway.cloud.microsoft/s/BPP24n0KTDvIFWKf/get?currentClientVersion=201
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash 5ebd6399e862884e9227de4cf7a49558
675c5679a1883f07644768941078d8a81f12e187
53229a9d59de6b13b356a593c57dc005d9ada941cdd0366a904502b04cdf5a45
Analyzer Verdict Alert OpenPhish phishing Office365
POST /s/BPP24n0KTDvIFWKf/get?currentClientVersion=201 HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-StoryId: hc858PwTUHBGH5tcSNBE
X-LookupId: BPP24n0KTDvIFWKf
X-WebClientVersion: 201
X-UserSessionId: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
X-Key: DCRUzsVzNtaW63iQV4pS4IsgsxIdwatTIh6tXHGhmqc=,638507704007020951
Content-Length: 164
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Cookie: AuthSess=aaf2c3a8-b3cd-4049-8ef5-6c7c16a5e759; AADNonce=5cff6355-e2d3-4c47-93f1-a02c5c4e9f74.638507704007802140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json
content-encoding: gzip
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: c8e03ad5-3011-4416-85d5-460c10f95094
x-usersessionid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-officefe: SwayFrontEnd_IN_34
x-officeversion: 16.0.17624.40100
x-officecluster: eus-002.www.sway.com
x-partitioning-enabled: true
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: hc858PwTUHBGH5tcSNBE
x-lookupid: BPP24n0KTDvIFWKf
x-requestid: c31a1bfd-938a-4264-b7e5-c0dd4751a5da
x-trackingid: 76cc267a-b367-4e55-a250-233fceb3d50d
x-frame-options: SAMEORIGIN
x-server-time-elapsed: 453
x-payload-size: 53978
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 13:06:41 GMT
content-length: 53237
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/Content/segoeui.woff
104.66.127.98200 OK 76 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/segoeui.woff
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 75464, version 0.0
Hash 5fa620c9eefcd9c86b00199b3733d6e8
8ba2626e252e2f39b3a063810dadee2b55e0643b
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
GET /Content/segoeui.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 75464
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/Common.css
104.66.127.98200 OK 28 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/Common.css
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d85d6ed927f23145dcf8b67bd4dba111
a497c4f87145c8568dbef0cb7832d05b14f7110b
4d2758d65f0be67c8bab930d2fd3576270b2522d5d60cca4fefa40d5fbcebb81
GET /161770340101_Content/Common.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 27721
Cache-Control: public, max-age=52505
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/story_cluster.css
104.66.127.98200 OK 930 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/story_cluster.css
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (3298), with no line terminators
Hash b05af20933a5c55d8228372b62cff439
8c7d1b8f149a66f4c82266c284aa12e2ca384cc1
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
GET /161770340101_Content/story_cluster.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 930
Vary: Accept-Encoding
Cache-Control: public, max-age=55494
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/Home.css
104.66.127.98200 OK 32 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/Home.css
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 676b87d5ad95754d468e2e8fe7fda78b
3e273867aab00db4fcf29baefc5c528e1ad53926
d411078332480e8ea193296de3ce3161553ea90cc593d5ce0ac8ddca6506652c
GET /161770340101_Content/Home.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 31989
Vary: Accept-Encoding
Cache-Control: public, max-age=57548
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/StoryPage.css
104.66.127.98200 OK 79 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/StoryPage.css
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c9d603858710d7e1dcd9158bad98b4b8
26e47ef27aedef469021b3cba19b5de6dc250ff9
8f3e1c114c15fbf1f4f239ada9aebdfc616ac27236b7290ef11d969e0653494b
GET /161770340101_Content/StoryPage.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 79203
Vary: Accept-Encoding
Cache-Control: public, max-age=56586
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/favicon-192x192.png
104.66.127.98200 OK 5.7 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/favicon-192x192.png
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Hash 9e295099860619954254f1507bb85ec0
8a4442b11d577c36d25761d4474c67292ccadf9c
ceddc01c593a39581cfaaabf6d6e2611ec8280cd15bbe63df32ce6820ccccc4d
GET /161770340101_Content/favicon-192x192.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 03e5883d-d6c1-4275-a371-db820e114f60
X-UserSessionId: 03e5883d-d6c1-4275-a371-db820e114f60
X-OfficeFE: SwayFrontEnd_IN_13
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 8ae86238-59c8-47a1-a6c7-e1a6efc43b96
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: bf35edc0-820d-4235-9532-e47d4947f52c
X-TrackingId: cddd4033-9610-45ea-8abb-3be16bfd0744
X-Powered-By: ARR/3.0
Content-Length: 5651
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/Hammer-2.0.4.js
104.66.127.98200 OK 6.4 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/Hammer-2.0.4.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18177), with CRLF line terminators
Hash d22d7500ab7c72da9195c571002c2495
528c2d1d834916f8a4c47191cb20d16d2f6a53d3
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
GET /Content/Hammer-2.0.4.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 6449
Cache-Control: public, max-age=21496
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/common_raw.js
104.66.127.98200 OK 6.3 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/common_raw.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (23205), with no line terminators
Hash 8898fc982847a13a7c214fed5a35ee19
e8ae6de8565a1f2cd5b37e956e50a84e0327531b
9d1916e44e69f90d84b552e67410488c45b10138c5db806a25b0588b4dfc8610
GET /161770340101_Content/common_raw.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 6307
Cache-Control: public, max-age=57990
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161770340101_Content/story.png
104.66.127.98200 OK 11 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/story.png
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 310 x 319, 8-bit/color RGBA, non-interlaced
Hash b0d76c4804189526dcef946d94ca58a9
ce86c3623f53e4b39d9cd33cc924afc45e91f94f
d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434
GET /161770340101_Content/story.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: af7c358f-8c9c-4816-bef8-b456879f00d0
X-UserSessionId: af7c358f-8c9c-4816-bef8-b456879f00d0
X-OfficeFE: SwayFrontEnd_IN_0
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: b1be2838-2e92-4b23-8941-f921cf79d9f4
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 8c5b07e8-5831-4612-b3b9-3146e923c47e
X-TrackingId: 8909cf26-108a-4049-ae8c-c736786d1d13
X-Powered-By: ARR/3.0
Content-Length: 10721
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/whitespinner.32x32.gif
104.66.127.98200 OK 1.3 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/whitespinner.32x32.gif
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 32 x 32
Hash 71fe5aa913d40cb6e596c795eb2a0bdc
7b9925cee0045982261680d4ecef525b29efc314
11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415
GET /161770340101_Content/whitespinner.32x32.gif HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 8aa39f60-3099-4b5f-b079-23904bf05545
X-UserSessionId: 8aa39f60-3099-4b5f-b079-23904bf05545
X-OfficeFE: SwayFrontEnd_IN_2
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 8775e438-3d58-4c34-ac04-b906bfc1a3c6
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 7c9f6ea5-d6ea-4d61-9b3d-aea614545093
X-TrackingId: 42875a69-9c96-4b25-8cb5-eef8a473d5ce
X-Powered-By: ARR/3.0
Content-Length: 1278
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/traveling_dots1color_shorter_white.gif
104.66.127.98200 OK 6.8 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/traveling_dots1color_shorter_white.gif
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 439 x 8
Hash 2bf75fed35af53b95f6265c32ae6fa86
20f92aed3ad96c505f7a21ccae780d8cee27f252
2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf
GET /161770340101_Content/traveling_dots1color_shorter_white.gif HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 8d1c5b37-1673-457a-b9c7-1be93e612301
X-UserSessionId: 8d1c5b37-1673-457a-b9c7-1be93e612301
X-OfficeFE: SwayFrontEnd_IN_26
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 75e4fd11-3386-46c6-9f50-301dfa52cc97
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 59ec25ac-932b-4c9f-9bd3-3474a9321609
X-TrackingId: 0ca0dbdc-19bf-4dee-bbe3-40ef1bac1267
X-Powered-By: ARR/3.0
Content-Length: 6828
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/swayicon.woff
104.66.127.98200 OK 22 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/swayicon.woff
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 22140, version 1.0
Hash 7d6194a2c2e90678fee013960ea9eca7
98fa90ec84cafcf1e0ff194664e8b4c4d99c056e
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
GET /161770340101_Content/swayicon.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 22140
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
sway.cloud.microsoft/sway/v1.0/BPP24n0KTDvIFWKf/worlds?_=1715173601508
52.111.243.44200 OK 193 B URL GET HTTP/2 sway.cloud.microsoft/sway/v1.0/BPP24n0KTDvIFWKf/worlds?_=1715173601508
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash 3e3b4ff57860d66390c19f158f2bf790
2ac7ee6a5697a5ee303be48d8fb97399d02a363a
60be31c3673e4e587cd06fcbef09d629766487a71eaf33b2d331011c6458ad1c
Analyzer Verdict Alert OpenPhish phishing Office365
GET /sway/v1.0/BPP24n0KTDvIFWKf/worlds?_=1715173601508 HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
X-StoryId: hc858PwTUHBGH5tcSNBE
X-LookupId: BPP24n0KTDvIFWKf
X-WebClientVersion: 201
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
X-UserSessionId: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: AuthSess=aaf2c3a8-b3cd-4049-8ef5-6c7c16a5e759; AADNonce=5cff6355-e2d3-4c47-93f1-a02c5c4e9f74.638507704007802140; CDNFailureCount=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: application/json
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: CDNFailureCount=0; expires=Mon, 08-May-2023 13:06:42 GMT; path=/; secure
x-correlationid: ecb67370-f456-43e3-bde3-1bac82b8add5
x-usersessionid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-officefe: SwayFrontEnd_IN_62
x-officeversion: 16.0.17624.40100
x-officecluster: weu-001.www.sway.com
x-partitioning-enabled: true
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: hc858PwTUHBGH5tcSNBE
x-lookupid: BPP24n0KTDvIFWKf
x-requestid: c3cb7a43-1682-40c4-8994-3df518a5eede
x-trackingid: 5fddafdc-7cdb-4f02-a55c-547cc2fbddc6
x-frame-options: SAMEORIGIN
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 13:06:42 GMT
content-length: 193
X-Firefox-Spdy: h2
www.sway-cdn.com/Content/ArialNova.woff
95.101.96.137200 OK 95 kB URL GET HTTP/1.1 www.sway-cdn.com/Content/ArialNova.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 95108, version 0.0
Hash 2fc1e86e6c3059cc3f4da8b18e2de069
c4ae03ad45aa2b0cc3089a5d2e49f934f8903308
4e841925f9a79e4070abef2b10516191eb3b5884d92eba5cb1c5807892d99a53
GET /Content/ArialNova.woff HTTP/1.1
Host: www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 95108
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
www.sway-cdn.com/Content/ArialNova-Italic.woff
95.101.96.137200 OK 91 kB URL GET HTTP/1.1 www.sway-cdn.com/Content/ArialNova-Italic.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 91328, version 0.0
Hash f6a02bc222bd3a91737546e2513c60ab
1d07624c7ff4afbf17fd26b773b2ce57ebb68b96
d956a3b813e6b8df27721b0fa22f40068c9fac4211bc405be961c45bbc633a90
GET /Content/ArialNova-Italic.woff HTTP/1.1
Host: www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 91328
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive
www.sway-cdn.com/Content/ArialNova-Bold.woff
95.101.96.137200 OK 95 kB URL GET HTTP/1.1 www.sway-cdn.com/Content/ArialNova-Bold.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 94732, version 0.0
Hash 4b4443560f834ef3f5bf08abd2219f88
28128bc2fc2d9343839c34db7adcd1a0448b55ef
3531c91eb5e76aa3cc7050597616503f2fcb747ab8fbac52fedced005e2885ba
GET /Content/ArialNova-Bold.woff HTTP/1.1
Host: www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 94732
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/4hDE7q4JFPXcdi?quality=1026&allowAnimation=false
104.66.127.98200 OK 117 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/4hDE7q4JFPXcdi?quality=1026&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 1026x533, components 3
Size 117 kB (116879 bytes)
Hash 74bc4e292b9a4b7897ec5ed97d8c7493
172ea996cb4e972787715a36f218d19da9d166f3
1fc940fc30c6b55488cb0b287d2ca79b34e5691514854b7ded2206d99ae834f3
GET /s/BPP24n0KTDvIFWKf/images/4hDE7q4JFPXcdi?quality=1026&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 49e52650-ca1b-4138-98f4-7d23a76acd5d
X-UserSessionId: 49e52650-ca1b-4138-98f4-7d23a76acd5d
X-OfficeFE: SwayFrontEnd_IN_10
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 512978b0-26cb-441d-9283-5e96c8dbb1d7
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: a800924d-5994-4b85-8b2f-bbdb28e34fa3
X-TrackingId: 2b383c16-01aa-4dba-8569-d2d25ee0fd8b
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 116879
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/Fx0nLcevb6H_69?quality=792&allowAnimation=false
104.66.127.98200 OK 48 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/Fx0nLcevb6H_69?quality=792&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 792x198, components 3
Hash 3e491b669dfc0e70bed9942c99d46f9e
7af4f63fef50a16f3cba5740ca67b00554aa9b58
6605626d63663df5cce46dc68b91da99857fcbc7d05be8517526e851a7f3c99b
GET /s/BPP24n0KTDvIFWKf/images/Fx0nLcevb6H_69?quality=792&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 6d7a88dd-99c8-43c4-a9b7-c21c516d00e8
X-UserSessionId: 6d7a88dd-99c8-43c4-a9b7-c21c516d00e8
X-OfficeFE: SwayFrontEnd_IN_18
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 92428ca0-3062-4e60-8a4c-a3ee1f42c11b
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: f9c6b77d-924f-4471-87d2-6b3dd1562713
X-TrackingId: b96976a9-ffb9-4f68-a07e-44510c2ca382
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 48317
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/swayiconsb.woff
104.66.127.98200 OK 24 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/swayiconsb.woff
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 23704, version 1.0
Hash 7dded8e00e4e1fa6b8301ba58fdb96f1
a5cc4c84ed041ef71d6a989b34b841942234ba2b
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
GET /161770340101_Content/swayiconsb.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 23704
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/segoeui.woff
104.66.127.98200 OK 76 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/segoeui.woff
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 75464, version 0.0
Hash 5fa620c9eefcd9c86b00199b3733d6e8
8ba2626e252e2f39b3a063810dadee2b55e0643b
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
GET /Content/segoeui.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 75464
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/FEQZm7B80EMXAD?quality=960&allowAnimation=false
104.66.127.98200 OK 103 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/FEQZm7B80EMXAD?quality=960&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 960x540, components 3
Size 103 kB (103120 bytes)
Hash 35053af5c76bab8b49470d4218bfd3e6
cc589c044a697860ba32b80d1ea7a97e8d3e2d28
ee24f30f146e57809457edfe8e6a781a48db991390dad63db96ecefd195415ba
GET /s/BPP24n0KTDvIFWKf/images/FEQZm7B80EMXAD?quality=960&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 69d51985-0e17-4d20-8809-75aabb3a6c8f
X-UserSessionId: 69d51985-0e17-4d20-8809-75aabb3a6c8f
X-OfficeFE: SwayFrontEnd_IN_11
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 79d71694-3f67-4c0d-b3a9-8e0eee2de11f
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 4f68d58c-c0e7-4f41-8955-81e6f1ae9041
X-TrackingId: 6c2e2bb3-14dc-43de-b565-a244fe4d011b
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 103120
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
sway.cloud.microsoft/RemoteUls.ashx
52.111.243.44200 OK 0 B URL POST HTTP/2 sway.cloud.microsoft/RemoteUls.ashx
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Office365
POST /RemoteUls.ashx HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Content-Type: application/json
X-UserSessionId: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
X-StoryId: hc858PwTUHBGH5tcSNBE
X-LookupId: BPP24n0KTDvIFWKf
X-WebClientVersion: 201
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
Content-Length: 9029
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=aaf2c3a8-b3cd-4049-8ef5-6c7c16a5e759; AADNonce=5cff6355-e2d3-4c47-93f1-a02c5c4e9f74.638507704007802140; CalloutShownCount={"VerticalNavigation":1}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: b35d5086-37c1-407c-8db5-cae6bbc9b414
x-usersessionid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-officefe: SwayFrontEnd_IN_31
x-officeversion: 16.0.17624.40100
x-officecluster: weu-000.www.sway.com
x-partitioning-enabled: true
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: hc858PwTUHBGH5tcSNBE
x-lookupid: BPP24n0KTDvIFWKf
x-requestid: 9e8668d6-bfe6-4257-a686-8d6edf58b1ba
x-trackingid: 32516806-267d-4dbf-960c-e7d18ef36ac9
x-buls-suppressionetag: N/A
x-buls-suppressedtags:
x-content-type-options: nosniff, nosniff
x-download-options: noopen
content-disposition: attachment
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 13:06:43 GMT
content-length: 0
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/161770340101_Content/LayoutVerticalWorld.png
104.66.127.98200 OK 384 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/LayoutVerticalWorld.png
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 152 x 86, 8-bit/color RGBA, non-interlaced
Hash 82da14b5120deab904793f8c04f28f45
211936a6e1bccc5ff72ae814f463e1697b373141
ddd565809b26a720fc695f80fb88d61b8985a35c11a5d15926b6b2ded99823df
GET /161770340101_Content/LayoutVerticalWorld.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: ed254957-cac0-46a1-b5b1-7c89b26b0551
X-UserSessionId: ed254957-cac0-46a1-b5b1-7c89b26b0551
X-OfficeFE: SwayFrontEnd_IN_12
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 523d9ec2-bb5a-44d4-be2a-82a325d412e4
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: b8391f8b-2274-4e9e-920f-3d119eb6ee10
X-TrackingId: 77aa4884-db53-4bac-b048-b1e55a78185c
X-Powered-By: ARR/3.0
Content-Length: 384
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/LayoutPanoramaWorld.png
104.66.127.98200 OK 387 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/LayoutPanoramaWorld.png
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 152 x 86, 8-bit/color RGBA, non-interlaced
Hash 11c0728c70771f303aec32fedd7c9fbc
4c8756cf903e48838e5c6d4f81869de549e9675b
0eccaf7f0137b30c89aa77248f35c2b17e0f455ee46ae9fd1edb805f45816934
GET /161770340101_Content/LayoutPanoramaWorld.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 62f21212-ce5a-478d-9ab5-1a5f177ad75c
X-UserSessionId: 62f21212-ce5a-478d-9ab5-1a5f177ad75c
X-OfficeFE: SwayFrontEnd_IN_20
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: d129566e-0f48-43fc-b2cf-92dc051ae621
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 6e962591-d6be-4d54-94e0-d48ac7126048
X-TrackingId: acb375db-24c5-489a-a11f-5160a815c38d
X-Powered-By: ARR/3.0
Content-Length: 387
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/F5mONXA27Cl2ax?quality=357&allowAnimation=false
104.66.127.98200 OK 20 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/F5mONXA27Cl2ax?quality=357&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 314x357, components 3
Hash d5bb1720bc434d78948ddf20a06124b0
7690db91fab30c0d0168ac60367695035c9bc50e
b5520e69da818148004d28c00fc500f5da3327f4622f808df1da735072a2c60d
GET /s/BPP24n0KTDvIFWKf/images/F5mONXA27Cl2ax?quality=357&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: c1eff199-2af7-468d-a4cd-14d2e6535023
X-UserSessionId: c1eff199-2af7-468d-a4cd-14d2e6535023
X-OfficeFE: SwayFrontEnd_IN_5
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-002.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 7e77b06c-add3-439a-a6f9-d6d1731a72c8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: b43f5ec5-7021-4770-a8f3-739ded2f424d
X-TrackingId: 44604947-80da-411f-87ae-2ee36f598b49
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 19999
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/LayoutExpoWorld.png
104.66.127.98200 OK 368 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/LayoutExpoWorld.png
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 152 x 86, 8-bit/color RGBA, non-interlaced
Hash 87b28a44ccbe27790b5dcebeab4808d8
9d80bfeb2b0e1060ea5ef01413f134456883a89a
d0e53af89bc2f1079669b0dbee0e2e2c2fd7f5be5bf2db44a23f22553767e4d7
GET /161770340101_Content/LayoutExpoWorld.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 3e86ffa0-c26c-4fa0-a8c7-34bc02927b8b
X-UserSessionId: 3e86ffa0-c26c-4fa0-a8c7-34bc02927b8b
X-OfficeFE: SwayFrontEnd_IN_10
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: aa1a55c7-b18d-4097-aeb3-a038e36fc176
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 3c2c98a6-42c8-4895-972b-53a726673806
X-TrackingId: 8f4379bd-ea16-4ef1-9a91-5c6728d864df
X-Powered-By: ARR/3.0
Content-Length: 368
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/g3PjCgBlIIECRZ?quality=1174&allowAnimation=false
104.66.127.98200 OK 59 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/g3PjCgBlIIECRZ?quality=1174&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1174x233, components 3
Hash c2acc607794a933ea1f336e98e5b7f5e
88f82380b0dcfa416136d148bbbfa6d5f6ce908f
5932d1ed5df0ee4682cebccead65473026f7391a312b5f1551e74c0ea2c8b599
GET /s/BPP24n0KTDvIFWKf/images/g3PjCgBlIIECRZ?quality=1174&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 6e7509ed-fab5-494f-acce-942f0240b5f4
X-UserSessionId: 6e7509ed-fab5-494f-acce-942f0240b5f4
X-OfficeFE: SwayFrontEnd_IN_45
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 058dc9bf-4a55-42cc-8d1b-fa5b91b05a6f
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 06faf381-4c23-4061-970e-a135bdad3934
X-TrackingId: 56c12b13-e504-4853-98ea-61f9f8fb5f52
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 59118
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
sway.cloud.microsoft/sway/v1.0/BPP24n0KTDvIFWKf/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0
52.111.243.44202 Accepted 2 B URL POST HTTP/2 sway.cloud.microsoft/sway/v1.0/BPP24n0KTDvIFWKf/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer Verdict Alert OpenPhish phishing Office365
POST /sway/v1.0/BPP24n0KTDvIFWKf/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0 HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Content-Type: application/json; charset=utf-8
X-StoryId: hc858PwTUHBGH5tcSNBE
X-LookupId: BPP24n0KTDvIFWKf
X-WebClientVersion: 201
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
X-UserSessionId: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
X-Key: DCRUzsVzNtaW63iQV4pS4IsgsxIdwatTIh6tXHGhmqc=,638507704007020951
X-Requested-With: XMLHttpRequest
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=aaf2c3a8-b3cd-4049-8ef5-6c7c16a5e759; AADNonce=5cff6355-e2d3-4c47-93f1-a02c5c4e9f74.638507704007802140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 202 Accepted
cache-control: private
content-type: application/json
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: f8237f29-bbaf-4f1f-9f0d-f04977bbb51c
x-usersessionid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-officefe: SwayFrontEnd_IN_47
x-officeversion: 16.0.17624.40100
x-officecluster: eus-001.www.sway.com
x-partitioning-enabled: true
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: hc858PwTUHBGH5tcSNBE
x-lookupid: BPP24n0KTDvIFWKf
x-requestid: 447b5a3f-036f-465f-bac3-39de3e687c12
x-trackingid: 41663435-cc09-4007-99f8-93f157295122
x-frame-options: SAMEORIGIN
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 13:06:43 GMT
content-length: 2
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/vbD6XD3mkjpm-X?quality=554&allowAnimation=false
104.66.127.98200 OK 46 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/vbD6XD3mkjpm-X?quality=554&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 554x291, components 3
Hash 7ddcf34b39c1e4151e0ee09f9e046184
a7fe5be830c62832ad5145956cbe41a39f91d8d4
ace832388d16f2dc28a9f8c5337c0b8c5a41caafbc88da7b23d2ac56640937af
GET /s/BPP24n0KTDvIFWKf/images/vbD6XD3mkjpm-X?quality=554&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 591bc354-07fb-4877-89bd-09c82a0743b9
X-UserSessionId: 591bc354-07fb-4877-89bd-09c82a0743b9
X-OfficeFE: SwayFrontEnd_IN_46
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-003.www.sway.com
X-Partitioning-Enabled: true
anonuserid: e33093ce-f556-4761-b388-bb39627c53cd
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 042985b3-47f0-4a4f-858c-385d0be7a125
X-TrackingId: a5be7be8-ae1c-4c52-b6e3-429054a6005d
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 45704
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/5AvDalgM-QwHki?quality=780&allowAnimation=false
104.66.127.98200 OK 105 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/5AvDalgM-QwHki?quality=780&allowAnimation=false
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 542x780, components 3
Size 105 kB (104682 bytes)
Hash 88fa88d45ab996882fed1276048819c4
060801062f3214590354bf01c825767119cc5677
aad34df1e037245ebfd717ec9f5adf27b4d3ba5f092e99cb6891a9d497c49f81
GET /s/BPP24n0KTDvIFWKf/images/5AvDalgM-QwHki?quality=780&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 5bb63b7c-6c8a-4808-9b4e-3b7ff106d6e1
X-UserSessionId: 5bb63b7c-6c8a-4808-9b4e-3b7ff106d6e1
X-OfficeFE: SwayFrontEnd_IN_32
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: a23424f0-5777-498e-a98d-4f344e04b25b
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 7862b447-616c-4c08-8552-6eb2745f1d57
X-TrackingId: 0eab2fe0-136a-4c63-a196-8d19c432ed68
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 104682
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/swayiconsl.woff
104.66.127.98200 OK 18 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/swayiconsl.woff
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 17928, version 1.0
Hash 79fe1f8b05fee28587b8f88540aea467
77465646d7c48b25debbe396810d515bc4ef34ef
3ba8db3c78db3dc15cb4a8c2523b5fbe189cf4ba8a24b07a810616ef4946b279
GET /161770340101_Content/swayiconsl.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 17928
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/OOAkcmFn9keCir?quality=678&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
104.66.127.98200 OK 52 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/OOAkcmFn9keCir?quality=678&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 678x522, components 3
Hash b08f14775849e18112f966d9bf68462f
c97906b1da3d61d538b91a946254e3337786d5bb
e1aa3810a9fbe7988ba3a65a107c64e37e66ccf9c4ba34d598455ddb902c37fe
GET /s/BPP24n0KTDvIFWKf/images/OOAkcmFn9keCir?quality=678&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2 HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 713d7c4b-7299-4945-8a7a-df0d786754ac
X-UserSessionId: 713d7c4b-7299-4945-8a7a-df0d786754ac
X-OfficeFE: SwayFrontEnd_IN_41
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: d2209290-3525-44c3-8d7b-28ed824f89e3
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: a1378b66-35de-4df5-a0a8-b2dbc51f1615
X-TrackingId: 5b3155d0-1add-479d-88df-74f85eae8be6
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 52189
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/Fx0nLcevb6H_69?quality=1584&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
104.66.127.98200 OK 180 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/Fx0nLcevb6H_69?quality=1584&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1584x396, components 3
Size 180 kB (180064 bytes)
Hash d5671a845b498e5f4365c1b2c22453f9
9bf7eb99ca2e9305184f196485092e4125884e16
53d08fce9a5e5c84625aac6a42ae885950472d0bbd147b84ed47bd01890c71fa
GET /s/BPP24n0KTDvIFWKf/images/Fx0nLcevb6H_69?quality=1584&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2 HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 395ea369-73de-453f-8b2d-379ffd1bcef1
X-UserSessionId: 395ea369-73de-453f-8b2d-379ffd1bcef1
X-OfficeFE: SwayFrontEnd_IN_41
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 9ba9bb31-968e-47c1-b6ba-f70a937b5d33
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 34ab3b3a-b6aa-4e40-a18b-0f7f65af00d9
X-TrackingId: 8ccdcd05-6eeb-47cf-8fd7-88818ba01321
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 180064
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/4hDE7q4JFPXcdi?quality=513&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
104.66.127.98200 OK 38 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/4hDE7q4JFPXcdi?quality=513&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 513x266, components 3
Hash 1d4c8a8ae3fa307f324dfdc407ff25e3
18b90a2053659cd9f67caa62c246cd25b1f21ff0
5ef11aff345bdfdfb4ecae7d6e660ac6317dd032e476baf529920332b39c0bac
GET /s/BPP24n0KTDvIFWKf/images/4hDE7q4JFPXcdi?quality=513&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2 HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 96b39e69-bf96-416a-ba3e-972f93ccf7c8
X-UserSessionId: 96b39e69-bf96-416a-ba3e-972f93ccf7c8
X-OfficeFE: SwayFrontEnd_IN_45
X-OfficeVersion: 16.0.17703.40101
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 37b7c456-8edd-4088-b383-f34bb8d8fb18
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 192766aa-099a-476c-9e56-0da894215321
X-TrackingId: e1e13c82-93c8-471a-930d-cec6628290b8
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 38241
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/FEQZm7B80EMXAD?quality=480&allowAnimation=true
104.66.127.98200 OK 33 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/FEQZm7B80EMXAD?quality=480&allowAnimation=true
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 480x270, components 3
Hash 135fc5dfb86e8755bda1b5b6c716ecb1
7e23e3e4147997e156b9350e78890b5927c521da
1669a348421100df576cfd2f64f483a713aaccab1207c4f0e5e56d24d0ad211d
GET /s/BPP24n0KTDvIFWKf/images/FEQZm7B80EMXAD?quality=480&allowAnimation=true HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 8d73efc2-3abe-4efc-a51c-be6a67d47c68
X-UserSessionId: 8d73efc2-3abe-4efc-a51c-be6a67d47c68
X-OfficeFE: SwayFrontEnd_IN_39
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 5422c005-b187-4d4c-a14a-490bcf115472
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 44109638-ef29-469a-b39e-35785cf59bdf
X-TrackingId: bd4096c7-bd13-4950-b592-6ee1ae8a420d
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 32732
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/f794N_Nnf9p8PU?quality=506&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
104.66.127.98200 OK 18 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/f794N_Nnf9p8PU?quality=506&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 506x203, components 3
Hash 56d0eca936b88fe8e7485114e02f3f45
6cec244110e1f416b73d243710a0159871f9fa7b
91d2dd5cfec1ad9fa967148e19b8feb1b121a19949e4394d2feeaea46c20d256
GET /s/BPP24n0KTDvIFWKf/images/f794N_Nnf9p8PU?quality=506&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2 HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: a1aee776-666d-490c-a299-ae5a157d17dd
X-UserSessionId: a1aee776-666d-490c-a299-ae5a157d17dd
X-OfficeFE: SwayFrontEnd_IN_13
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: b1c8da60-cd81-443a-b95f-897c85eb0c5c
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 961e1394-2b18-4d41-b9f1-4fa33ba859b0
X-TrackingId: f0dc95d8-a3f9-41ff-9703-9b1f20412b9c
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 18149
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/segoeuisl.woff
104.66.127.98200 OK 30 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/segoeuisl.woff
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 29464, version 1.0
Hash 6a419545705dee19082e8e62105488df
72a5d33a47932ed6cf2d196c8d8222204e4a71fd
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
GET /Content/segoeuisl.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 29464
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 13:06:43 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/KXqaXu47AQ0_Ry?quality=451&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
104.66.127.98200 OK 24 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/KXqaXu47AQ0_Ry?quality=451&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 451x222, components 3
Hash 3e0eb0d2a22a5b0fa5f7d097d0711193
7c9f85267623a7b66bcc5c7a9b62f76d26efe2d5
80f8bbb482b1314fbbbb844684acbe136d19588140feb9c358a30eedee625a62
GET /s/BPP24n0KTDvIFWKf/images/KXqaXu47AQ0_Ry?quality=451&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2 HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: a426e477-8027-4288-8ee6-89337c68bda3
X-UserSessionId: a426e477-8027-4288-8ee6-89337c68bda3
X-OfficeFE: SwayFrontEnd_IN_36
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-002.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 269bd1d0-5aa2-420a-b3fc-ecdd14687afb
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 10d46924-944c-4468-83ca-68c04c09acf7
X-TrackingId: cd9f1f20-243a-4c48-8679-8a87382278b7
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 23492
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:44 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/GD47RRZ-ur68Lq?quality=421&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
104.66.127.98200 OK 18 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/BPP24n0KTDvIFWKf/images/GD47RRZ-ur68Lq?quality=421&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 421x203, components 3
Hash 0dcdcc4a5ddc2d8f6395acf0020654de
40603385928bc20ef9c9453f038055a820aca8a0
eeb3f45cee3ad501491dc72bdd71c75fd0cbf25c895dbf37d3ae9d3d95177de7
GET /s/BPP24n0KTDvIFWKf/images/GD47RRZ-ur68Lq?quality=421&allowAnimation=true&filterEffectsFormula=Contrast=1.3,Saturate=1.2 HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: febd1ed4-819d-4c93-b55d-44a8c52e923e
X-UserSessionId: febd1ed4-819d-4c93-b55d-44a8c52e923e
X-OfficeFE: SwayFrontEnd_IN_13
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-001.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 9c676dc0-170a-4c06-8949-bc32434779c9
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 9ce2d99e-c0d8-402c-8a87-d9d4e40dc4b5
X-TrackingId: ff7533d3-2411-4c2c-893a-d6415b2e7dcb
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 17596
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 13:06:44 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161770340101_Content/feedback/OfficeBrowserFeedback.js
104.66.127.98200 OK 45 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/feedback/OfficeBrowserFeedback.js
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32416)
Hash 9f5dba23bbfb4e0d50ac9aa6ce998d1a
0f027b6b4fd323c708592dcde052774ca7fd5fd6
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
GET /161770340101_Content/feedback/OfficeBrowserFeedback.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 45168
Cache-Control: public, max-age=52505
Date: Wed, 08 May 2024 13:06:44 GMT
Connection: keep-alive
Vary: Accept-Encoding
sway.cloud.microsoft/RemoteUls.ashx
52.111.243.44200 OK 0 B URL POST HTTP/2 sway.cloud.microsoft/RemoteUls.ashx
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Office365
POST /RemoteUls.ashx HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Content-Type: application/json
X-UserSessionId: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
X-StoryId: hc858PwTUHBGH5tcSNBE
X-LookupId: BPP24n0KTDvIFWKf
X-WebClientVersion: 201
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
Content-Length: 18609
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=aaf2c3a8-b3cd-4049-8ef5-6c7c16a5e759; AADNonce=5cff6355-e2d3-4c47-93f1-a02c5c4e9f74.638507704007802140; CalloutShownCount={"VerticalNavigation":1}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 18a9d1df-3448-4f8b-873e-a21ac3ed7f5f
x-usersessionid: 9a8a52a7-5e55-4c99-8be2-63d30a850e74
x-officefe: SwayFrontEnd_IN_61
x-officeversion: 16.0.17624.40100
x-officecluster: weu-001.www.sway.com
x-partitioning-enabled: true
anonuserid: 46ac668d-f5b2-4652-a934-b2cb1d4fe09f
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: hc858PwTUHBGH5tcSNBE
x-lookupid: BPP24n0KTDvIFWKf
x-requestid: 5dfc4881-351a-421d-abc1-83d20765e504
x-trackingid: 253bec97-51be-4d34-b322-f338736e054b
x-buls-suppressionetag: N/A
x-buls-suppressedtags:
x-content-type-options: nosniff, nosniff
x-download-options: noopen
content-disposition: attachment
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 13:07:06 GMT
content-length: 0
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/161770340101_Content/favicon-16x16.png
104.66.127.98404 Not Found 0 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161770340101_Content/favicon-16x16.png
IP 104.66.127.98:443
Requested by https://sway.cloud.microsoft/BPP24n0KTDvIFWKf?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /161770340101_Content/favicon-16x16.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 346314
Content-Type: text/html; charset=utf-8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: e9351ffd-cefb-4f0d-a927-342d18679842
X-UserSessionId: e9351ffd-cefb-4f0d-a927-342d18679842
X-OfficeFE: SwayFrontEnd_IN_44
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-002.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 189821a5-234a-4209-9c77-005a9c0d68c0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: b26d3aa9-6b02-4964-90af-79240f07e2f7
X-TrackingId: a1ed81ad-abbf-4d0e-a687-40027bcc539b
X-Powered-By: ARR/3.0
Cache-Control: private, max-age=86400
Date: Wed, 08 May 2024 13:06:42 GMT
Connection: keep-alive