sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
52.111.243.44200 OK 12 kB URL User Request GET HTTP/2 sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (18091), with CRLF, LF line terminators
Hash f721562a794115cb6f8c87a7709b8d17
d3bdf631dcfd01541e75b99d7fe824f0e078e829
737e4d03709329cb788138efb223b81d47887d9da60f99eda7bbcf552dd19f44
Analyzer Verdict Alert OpenPhish phishing Office365
GET /sltDyzIk1fZzuCQM?ref=Link HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: AuthSess=36304a11-ea4f-41e1-8eb9-0aba66cc4eb5; domain=sway.cloud.microsoft; path=/; samesite=none; secure; HttpOnly
AADNonce=a5eaddd7-e008-4243-9fac-a08a843d4e9d.638507858866517839; domain=cloud.microsoft; path=/; samesite=none; secure; HttpOnly
x-correlationid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-usersessionid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-officefe: SwayFrontEnd_IN_2
x-officeversion: 16.0.17624.40100
x-officecluster: eus-001.www.sway.com
x-partitioning-enabled: true
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: 33d04cf1-86e4-48cd-aa2d-f6e1f03ad26b
x-trackingid: e69fbf58-dc64-4275-a81f-14a55f5e749a
x-frame-options: SAMEORIGIN
x-key: aNN6sUzJzrUMLBtE0XqSLQelADk2du9XX5Bf0vnzDws=,638507858864799080
x-robots-tag: noindex, nofollow
x-ua-compatible: IE=edge
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 17:24:46 GMT
content-length: 11819
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/161762440100_Content/Preload.css
95.101.96.137200 OK 12 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/Preload.css
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 103e03370e3023306cd2f3e4d2b8512d
dadc7d138734d2b42f978e0cd0d0383f4dd0ffd4
0f30fad32c0debda2ae7fb2816b34d4ec7da737e8fb48aaba1f3f07c21fd40a2
GET /161762440100_Content/Preload.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 11753
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
95.101.96.137200 OK 13 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, Non-ISO extended-ASCII text, with very long lines (2360), with CRLF line terminators
Hash fd14998badf27d4f974ca33841c97397
d951a5fc5d3a3075e8986dba845d956a9831423e
2306ca934e2c1a52219d8a608c130f2bcdb7d859303f4ca5806cd48db0c9ae6f
GET /Content/CommonDiagnostics-Sway-1.0.0.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 13381
Cache-Control: public, max-age=57836
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
95.101.96.137200 OK 18 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32214), with CRLF line terminators
Hash 29e67338030f5091caa7f4290c2bc417
3bcdba4e5f642367cd5a42b7ecdac8ba02a01fad
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
GET /Content/jquery-ui-1.11.4-custom.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 17891
Cache-Control: public, max-age=57835
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
95.101.96.137200 OK 30 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32236), with CRLF line terminators
Hash 338472d280d64be84d11980dd512176a
95de9f83181ac211f54bf97fd010624513a90459
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
GET /Content/jquery-2.2.4-custom-1.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 29703
Cache-Control: public, max-age=57834
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/en-us/Resources.js
95.101.96.137200 OK 39 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/en-us/Resources.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65491), with no line terminators
Hash a4dbabe661737162129e9e4bb621da1c
38be9cfafb4a4be9dc5fe9b615ca7bc22cf90e1f
b5b21c586d572568821d08b71fdbd06605d321706f6dc864e930dedf08c22bfa
GET /161762440100_Content/en-us/Resources.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 39147
Cache-Control: public, max-age=65217
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
95.101.96.137200 OK 3.2 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (7649), with CRLF line terminators
Hash f299dc10bcddd2e7808b978b3de18936
d8273fb0282bfa670f554e45f8ae7b1f73ec8071
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
GET /Content/modernizr-3.3.1-custom.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 3210
Cache-Control: public, max-age=57835
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/Common.js
95.101.96.137200 OK 203 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/Common.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 203 kB (202745 bytes)
Hash aaa0980252987a922eeba0361b1ebb6c
94bb79af19c8e32dbbc477705417ed8b440b20f4
d317583407d823e8b6d81fb522f7b0044fe17a8fa4375d33550365826ef398a0
GET /161762440100_Content/Common.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 202745
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/StoryPage.js
95.101.96.137200 OK 262 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/StoryPage.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 262 kB (262122 bytes)
Hash 8f0f2fb85f30e911d8be44078f392344
85167056f8c51e155e4a89ed3b28e5e58b02791f
6b4d0d07f8a0aafd09dfa3806bada144aab09704390d8c57a9a8d76f516dd349
GET /161762440100_Content/StoryPage.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 262122
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/Preload.js
95.101.96.137200 OK 4.2 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/Preload.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18297), with no line terminators
Hash f070ffc5c8bde496d241e5ef6ea85ae9
9b574040fafb228cabc86c6afdb1ed87b140a3af
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
GET /161762440100_Content/Preload.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 4168
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/tdb.js
95.101.96.137200 OK 32 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/tdb.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash eae96e25b7ea4f06dc2b686160f661a9
6b0daeb5c08657a9bf96d79ed859985f3da6da52
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
GET /161762440100_Content/tdb.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 32326
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:47 GMT
Connection: keep-alive
sway.cloud.microsoft/s/sltDyzIk1fZzuCQM/get?currentClientVersion=201
52.111.243.44200 OK 22 kB URL POST HTTP/2 sway.cloud.microsoft/s/sltDyzIk1fZzuCQM/get?currentClientVersion=201
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash 1edf7547b53d5f51607179dd2de37579
96c1df937ab186ab0cf5a1267d4152eec3932d2a
70b0f67a0bbd3319d60407c952594ead9b9753dc1e96fcc37d0c7177cc4359a0
Analyzer Verdict Alert OpenPhish phishing Office365
POST /s/sltDyzIk1fZzuCQM/get?currentClientVersion=201 HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-StoryId: wO8xp4DHSCujzkJ2Xbqk
X-LookupId: sltDyzIk1fZzuCQM
X-WebClientVersion: 201
X-UserSessionId: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
X-Key: aNN6sUzJzrUMLBtE0XqSLQelADk2du9XX5Bf0vnzDws=,638507858864799080
Content-Length: 164
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Cookie: AuthSess=36304a11-ea4f-41e1-8eb9-0aba66cc4eb5; AADNonce=a5eaddd7-e008-4243-9fac-a08a843d4e9d.638507858866517839
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json
content-encoding: gzip
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: b5601a5d-a6a5-4583-b94f-6348d59fe625
x-usersessionid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-officefe: SwayFrontEnd_IN_25
x-officeversion: 16.0.17624.40100
x-officecluster: eus-003.www.sway.com
x-partitioning-enabled: true
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: wO8xp4DHSCujzkJ2Xbqk
x-lookupid: sltDyzIk1fZzuCQM
x-requestid: 6cffe80a-6e12-4cf0-a5a8-992eb62e082c
x-trackingid: 3b30a065-0e7c-4878-8ddd-f14d8cfca80b
x-frame-options: SAMEORIGIN
x-server-time-elapsed: 187
x-payload-size: 22966
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 17:24:46 GMT
content-length: 22225
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/Content/segoeui.woff
95.101.96.137200 OK 76 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/segoeui.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 75464, version 0.0
Hash 5fa620c9eefcd9c86b00199b3733d6e8
8ba2626e252e2f39b3a063810dadee2b55e0643b
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
GET /Content/segoeui.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 75464
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/Common.css
95.101.96.137200 OK 28 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/Common.css
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d85d6ed927f23145dcf8b67bd4dba111
a497c4f87145c8568dbef0cb7832d05b14f7110b
4d2758d65f0be67c8bab930d2fd3576270b2522d5d60cca4fefa40d5fbcebb81
GET /161762440100_Content/Common.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 27721
Cache-Control: public, max-age=58008
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/Home.css
95.101.96.137200 OK 32 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/Home.css
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 676b87d5ad95754d468e2e8fe7fda78b
3e273867aab00db4fcf29baefc5c528e1ad53926
d411078332480e8ea193296de3ce3161553ea90cc593d5ce0ac8ddca6506652c
GET /161762440100_Content/Home.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 31989
Cache-Control: public, max-age=58007
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/story_cluster.css
95.101.96.137200 OK 930 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/story_cluster.css
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (3298), with no line terminators
Hash b05af20933a5c55d8228372b62cff439
8c7d1b8f149a66f4c82266c284aa12e2ca384cc1
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
GET /161762440100_Content/story_cluster.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 930
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/StoryPage.css
95.101.96.137200 OK 79 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/StoryPage.css
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c9d603858710d7e1dcd9158bad98b4b8
26e47ef27aedef469021b3cba19b5de6dc250ff9
8f3e1c114c15fbf1f4f239ada9aebdfc616ac27236b7290ef11d969e0653494b
GET /161762440100_Content/StoryPage.css HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 79203
Cache-Control: public, max-age=57843
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/favicon-16x16.png
95.101.96.137200 OK 449 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/favicon-16x16.png
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash bbbd88901b3703b227f1158d7d6cdf3d
71fbff0b5d1deeb299fd663362b226b35f7e939e
28c98c3e57b496d377df3cbd176d7f0874705bba69a9d9fe60509cc89435c317
GET /161762440100_Content/favicon-16x16.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: dc78b9e8-5431-4095-916b-93a2bdc3d14b
X-UserSessionId: dc78b9e8-5431-4095-916b-93a2bdc3d14b
X-OfficeFE: SwayFrontEnd_IN_6
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 1877bd32-646e-4d36-a8f1-c5e50cc4b014
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 66f41719-9509-450e-9334-05e0e097ca83
X-TrackingId: 20d71f6b-266b-4cda-b54f-fcf3cb38f8e7
X-Powered-By: ARR/3.0
Content-Length: 449
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/favicon-192x192.png
95.101.96.137200 OK 5.7 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/favicon-192x192.png
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Hash 9e295099860619954254f1507bb85ec0
8a4442b11d577c36d25761d4474c67292ccadf9c
ceddc01c593a39581cfaaabf6d6e2611ec8280cd15bbe63df32ce6820ccccc4d
GET /161762440100_Content/favicon-192x192.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 618215dc-c685-4a32-98a3-7a5f93fda713
X-UserSessionId: 618215dc-c685-4a32-98a3-7a5f93fda713
X-OfficeFE: SwayFrontEnd_IN_10
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 9a894da4-7ffa-4c24-a673-a09efb14ea44
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 2f7793b2-2706-4a9c-a114-d769111747e9
X-TrackingId: 100fb7c5-b7a4-47d0-854b-76d3ac7b4617
X-Powered-By: ARR/3.0
Content-Length: 5651
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/Content/Hammer-2.0.4.js
95.101.96.137200 OK 6.4 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/Hammer-2.0.4.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (18177), with CRLF line terminators
Hash d22d7500ab7c72da9195c571002c2495
528c2d1d834916f8a4c47191cb20d16d2f6a53d3
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
GET /Content/Hammer-2.0.4.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 6449
Cache-Control: public, max-age=57839
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/common_raw.js
95.101.96.137200 OK 6.4 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/common_raw.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (23668), with no line terminators
Hash 16596d4249f021d9b71bb5caddb7cc3b
7d3f469ccef320e01ecd9c601e80ef5192326869
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
GET /161762440100_Content/common_raw.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 6432
Cache-Control: public, max-age=57844
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus-www.sway-cdn.com/161762440100_Content/swayicon.woff
95.101.96.137200 OK 22 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/swayicon.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 22140, version 1.0
Hash 7d6194a2c2e90678fee013960ea9eca7
98fa90ec84cafcf1e0ff194664e8b4c4d99c056e
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
GET /161762440100_Content/swayicon.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 22140
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/story.png
95.101.96.137200 OK 11 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/story.png
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 310 x 319, 8-bit/color RGBA, non-interlaced
Hash b0d76c4804189526dcef946d94ca58a9
ce86c3623f53e4b39d9cd33cc924afc45e91f94f
d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434
GET /161762440100_Content/story.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 5013bf18-8aa4-4b44-a33d-7116cff9e0ad
X-UserSessionId: 5013bf18-8aa4-4b44-a33d-7116cff9e0ad
X-OfficeFE: SwayFrontEnd_IN_16
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 2c024712-93cb-4c78-bea4-e98458a456f1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: f42e35bd-5c6e-4c61-bac9-648369590873
X-TrackingId: 78227df3-41bb-4e05-a4e0-9d57785c2201
X-Powered-By: ARR/3.0
Content-Length: 10721
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/whitespinner.32x32.gif
95.101.96.137200 OK 1.3 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/whitespinner.32x32.gif
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 32 x 32
Hash 71fe5aa913d40cb6e596c795eb2a0bdc
7b9925cee0045982261680d4ecef525b29efc314
11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415
GET /161762440100_Content/whitespinner.32x32.gif HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: fedacb9e-0cf9-4a78-b5cc-a28a062e677c
X-UserSessionId: fedacb9e-0cf9-4a78-b5cc-a28a062e677c
X-OfficeFE: SwayFrontEnd_IN_8
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: c365ffe9-6c05-4d1f-a9ba-29a96bf08a3b
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: e5c6ccf3-1cc8-4d82-b40d-284a84a847ff
X-TrackingId: 519208eb-e969-4733-b85e-517fa8ac6ee9
X-Powered-By: ARR/3.0
Content-Length: 1278
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/traveling_dots1color_shorter_white.gif
95.101.96.137200 OK 6.8 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/traveling_dots1color_shorter_white.gif
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 439 x 8
Hash 2bf75fed35af53b95f6265c32ae6fa86
20f92aed3ad96c505f7a21ccae780d8cee27f252
2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf
GET /161762440100_Content/traveling_dots1color_shorter_white.gif HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 0110b8d8-128b-4df0-91f7-d9a34aa701d6
X-UserSessionId: 0110b8d8-128b-4df0-91f7-d9a34aa701d6
X-OfficeFE: SwayFrontEnd_IN_11
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 8aea28b5-d66c-4fef-a212-7203668fe2ba
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 171bb62a-688d-4725-b9b2-d2f0037b7d07
X-TrackingId: 4a408220-b7d0-47b0-9e34-ee168f652fa8
X-Powered-By: ARR/3.0
Content-Length: 6828
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
sway.cloud.microsoft/sway/v1.0/sltDyzIk1fZzuCQM/worlds?_=1715189087506
52.111.243.44200 OK 193 B URL GET HTTP/2 sway.cloud.microsoft/sway/v1.0/sltDyzIk1fZzuCQM/worlds?_=1715189087506
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash 3e3b4ff57860d66390c19f158f2bf790
2ac7ee6a5697a5ee303be48d8fb97399d02a363a
60be31c3673e4e587cd06fcbef09d629766487a71eaf33b2d331011c6458ad1c
Analyzer Verdict Alert OpenPhish phishing Office365
GET /sway/v1.0/sltDyzIk1fZzuCQM/worlds?_=1715189087506 HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
X-StoryId: wO8xp4DHSCujzkJ2Xbqk
X-LookupId: sltDyzIk1fZzuCQM
X-WebClientVersion: 201
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
X-UserSessionId: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: AuthSess=36304a11-ea4f-41e1-8eb9-0aba66cc4eb5; AADNonce=a5eaddd7-e008-4243-9fac-a08a843d4e9d.638507858866517839; CDNFailureCount=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: application/json
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: CDNFailureCount=0; expires=Mon, 08-May-2023 17:24:48 GMT; path=/; secure
x-correlationid: e89bd1d0-74aa-441d-93af-f4e0db997549
x-usersessionid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-officefe: SwayFrontEnd_IN_13
x-officeversion: 16.0.17624.40100
x-officecluster: weu-000.www.sway.com
x-partitioning-enabled: true
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: wO8xp4DHSCujzkJ2Xbqk
x-lookupid: sltDyzIk1fZzuCQM
x-requestid: c5c2ee1a-6c61-40e5-98fa-91ba83a6d747
x-trackingid: 79bd88c1-735b-4c88-9902-5d6af99f8345
x-frame-options: SAMEORIGIN
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 17:24:47 GMT
content-length: 193
X-Firefox-Spdy: h2
www.sway-cdn.com/Content/ArialNova-BoldItalic.woff
95.101.96.137200 OK 91 kB URL GET HTTP/1.1 www.sway-cdn.com/Content/ArialNova-BoldItalic.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 91424, version 0.0
Hash ec84e505502188a121292d83d3d77a38
72cbab4f027c2f4d8b248418f76cb1d25987b748
17c15ec0082d5a53df5623a08033dba4d49d6b2707a819d3023eb076f3d86b2d
GET /Content/ArialNova-BoldItalic.woff HTTP/1.1
Host: www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 91424
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
www.sway-cdn.com/Content/ArialNova.woff
95.101.96.137200 OK 95 kB URL GET HTTP/1.1 www.sway-cdn.com/Content/ArialNova.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 95108, version 0.0
Hash 2fc1e86e6c3059cc3f4da8b18e2de069
c4ae03ad45aa2b0cc3089a5d2e49f934f8903308
4e841925f9a79e4070abef2b10516191eb3b5884d92eba5cb1c5807892d99a53
GET /Content/ArialNova.woff HTTP/1.1
Host: www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Fri, 03 May 2024 04:03:14 GMT
Accept-Ranges: bytes
ETag: "0adcd2e9dda1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 95108
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
www.sway-cdn.com/Content/ArialNova-Bold.woff
95.101.96.137200 OK 95 kB URL GET HTTP/1.1 www.sway-cdn.com/Content/ArialNova-Bold.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 94732, version 0.0
Hash 4b4443560f834ef3f5bf08abd2219f88
28128bc2fc2d9343839c34db7adcd1a0448b55ef
3531c91eb5e76aa3cc7050597616503f2fcb747ab8fbac52fedced005e2885ba
GET /Content/ArialNova-Bold.woff HTTP/1.1
Host: www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 94732
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/swayiconsb.woff
95.101.96.137200 OK 24 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/swayiconsb.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 23704, version 1.0
Hash 7dded8e00e4e1fa6b8301ba58fdb96f1
a5cc4c84ed041ef71d6a989b34b841942234ba2b
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
GET /161762440100_Content/swayiconsb.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 23704
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:48 GMT
Connection: keep-alive
sway.cloud.microsoft/RemoteUls.ashx
52.111.243.44200 OK 0 B URL POST HTTP/2 sway.cloud.microsoft/RemoteUls.ashx
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Office365
POST /RemoteUls.ashx HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Content-Type: application/json
X-UserSessionId: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
X-StoryId: wO8xp4DHSCujzkJ2Xbqk
X-LookupId: sltDyzIk1fZzuCQM
X-WebClientVersion: 201
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
Content-Length: 9407
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=36304a11-ea4f-41e1-8eb9-0aba66cc4eb5; AADNonce=a5eaddd7-e008-4243-9fac-a08a843d4e9d.638507858866517839; CalloutShownCount={"VerticalNavigation":1}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 20faa24e-82bc-4a22-babc-d7bb04580eb6
x-usersessionid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-officefe: SwayFrontEnd_IN_13
x-officeversion: 16.0.17624.40100
x-officecluster: weu-000.www.sway.com
x-partitioning-enabled: true
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: wO8xp4DHSCujzkJ2Xbqk
x-lookupid: sltDyzIk1fZzuCQM
x-requestid: 557f8610-4450-4f59-a1ce-ffbe3c2b676a
x-trackingid: 0c170831-ef73-4d18-8857-7e2ead883742
x-buls-suppressionetag: N/A
x-buls-suppressedtags:
x-content-type-options: nosniff, nosniff
x-download-options: noopen
content-disposition: attachment
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 17:24:48 GMT
content-length: 0
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/161762440100_Content/LayoutVerticalWorld.png
95.101.96.137200 OK 384 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/LayoutVerticalWorld.png
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 152 x 86, 8-bit/color RGBA, non-interlaced
Hash 82da14b5120deab904793f8c04f28f45
211936a6e1bccc5ff72ae814f463e1697b373141
ddd565809b26a720fc695f80fb88d61b8985a35c11a5d15926b6b2ded99823df
GET /161762440100_Content/LayoutVerticalWorld.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 80e01bfb-01ab-4914-be8f-88872e781868
X-UserSessionId: 80e01bfb-01ab-4914-be8f-88872e781868
X-OfficeFE: SwayFrontEnd_IN_15
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: e238f99f-a77c-4bf4-985d-18f94c984238
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 396045e0-7da9-452f-9243-678886109dc0
X-TrackingId: e5f610e8-b7c9-45ad-8840-0b199b45ebd9
X-Powered-By: ARR/3.0
Content-Length: 384
Date: Wed, 08 May 2024 17:24:49 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/LayoutExpoWorld.png
95.101.96.137200 OK 368 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/LayoutExpoWorld.png
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 152 x 86, 8-bit/color RGBA, non-interlaced
Hash 87b28a44ccbe27790b5dcebeab4808d8
9d80bfeb2b0e1060ea5ef01413f134456883a89a
d0e53af89bc2f1079669b0dbee0e2e2c2fd7f5be5bf2db44a23f22553767e4d7
GET /161762440100_Content/LayoutExpoWorld.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: a5a0bf15-0ba6-4f01-8b5c-33a055e7d9f0
X-UserSessionId: a5a0bf15-0ba6-4f01-8b5c-33a055e7d9f0
X-OfficeFE: SwayFrontEnd_IN_2
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: a4376a47-b472-4b5f-9e6e-c0485b832354
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 34158683-0ad1-409a-a134-141af5151305
X-TrackingId: c13a557d-172a-48da-b384-941bc793df4b
X-Powered-By: ARR/3.0
Content-Length: 368
Date: Wed, 08 May 2024 17:24:49 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/LayoutPanoramaWorld.png
95.101.96.137200 OK 387 B URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/LayoutPanoramaWorld.png
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type PNG image data, 152 x 86, 8-bit/color RGBA, non-interlaced
Hash 11c0728c70771f303aec32fedd7c9fbc
4c8756cf903e48838e5c6d4f81869de549e9675b
0eccaf7f0137b30c89aa77248f35c2b17e0f455ee46ae9fd1edb805f45816934
GET /161762440100_Content/LayoutPanoramaWorld.png HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 137b4938-bb69-4196-bd78-1d996dd1d4cf
X-UserSessionId: 137b4938-bb69-4196-bd78-1d996dd1d4cf
X-OfficeFE: SwayFrontEnd_IN_3
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-000.www.sway.com
X-Partitioning-Enabled: true
anonuserid: fa4af8cb-668d-46d5-8c52-976ea0bb6e97
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 41a96f78-b22b-46de-85ee-db6e4157803d
X-TrackingId: 73de292d-1a51-4b84-8e15-a8f8f85a97f2
X-Powered-By: ARR/3.0
Content-Length: 387
Date: Wed, 08 May 2024 17:24:49 GMT
Connection: keep-alive
sway.cloud.microsoft/sway/v1.0/sltDyzIk1fZzuCQM/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0
52.111.243.44202 Accepted 2 B URL POST HTTP/2 sway.cloud.microsoft/sway/v1.0/sltDyzIk1fZzuCQM/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer Verdict Alert OpenPhish phishing Office365
POST /sway/v1.0/sltDyzIk1fZzuCQM/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0 HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Content-Type: application/json; charset=utf-8
X-StoryId: wO8xp4DHSCujzkJ2Xbqk
X-LookupId: sltDyzIk1fZzuCQM
X-WebClientVersion: 201
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
X-UserSessionId: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
X-Key: aNN6sUzJzrUMLBtE0XqSLQelADk2du9XX5Bf0vnzDws=,638507858864799080
X-Requested-With: XMLHttpRequest
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=36304a11-ea4f-41e1-8eb9-0aba66cc4eb5; AADNonce=a5eaddd7-e008-4243-9fac-a08a843d4e9d.638507858866517839
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 202 Accepted
cache-control: private
content-type: application/json
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: d90ea5ba-51c0-47c9-8ba4-38d81c05d74f
x-usersessionid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-officefe: SwayFrontEnd_IN_8
x-officeversion: 16.0.17703.40101
x-officecluster: eus-000.www.sway.com
x-partitioning-enabled: true
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: wO8xp4DHSCujzkJ2Xbqk
x-lookupid: sltDyzIk1fZzuCQM
x-requestid: 37b3256b-fd26-404f-9f6b-5054c02d7ea0
x-trackingid: 1b9f8378-5465-4719-a321-d28afc46d1a4
x-frame-options: SAMEORIGIN
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 17:24:48 GMT
content-length: 2
X-Firefox-Spdy: h2
eus-www.sway-cdn.com/Content/segoeui.woff
95.101.96.137200 OK 76 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/Content/segoeui.woff
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 75464, version 0.0
Hash 5fa620c9eefcd9c86b00199b3733d6e8
8ba2626e252e2f39b3a063810dadee2b55e0643b
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
GET /Content/segoeui.woff HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff
Accept-Ranges: bytes
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 75464
Cache-Control: public, max-age=86400
Date: Wed, 08 May 2024 17:24:49 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/sltDyzIk1fZzuCQM/images/sVarP9CHCNZuOq?quality=1200&allowAnimation=false
95.101.96.137200 OK 193 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/sltDyzIk1fZzuCQM/images/sVarP9CHCNZuOq?quality=1200&allowAnimation=false
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1200x899, components 3
Size 193 kB (192552 bytes)
Hash 52ebc64229b30af766ace185ca4c2573
ce5889e944334d020141a0037555619f9ad29fff
247e7274228d4daf2afc99903d4d5becda777b2856e9d4e483e67fa5dc1792be
GET /s/sltDyzIk1fZzuCQM/images/sVarP9CHCNZuOq?quality=1200&allowAnimation=false HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 9ba8bd69-ddba-484e-aa50-a9fe5a0c3816
X-UserSessionId: 9ba8bd69-ddba-484e-aa50-a9fe5a0c3816
X-OfficeFE: SwayFrontEnd_IN_30
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-002.www.sway.com
X-Partitioning-Enabled: true
anonuserid: b218f83a-1aa5-4a98-9dc1-28d30039d0b2
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: ce0fac0b-9ad0-4e06-9ffb-2e7610703d9a
X-TrackingId: 38d3290b-0080-499e-8fdd-92ad957966c0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 192552
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 17:24:49 GMT
Connection: keep-alive
eus-www.sway-cdn.com/s/sltDyzIk1fZzuCQM/images/sVarP9CHCNZuOq?quality=1200&allowAnimation=true
95.101.96.137200 OK 193 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/s/sltDyzIk1fZzuCQM/images/sVarP9CHCNZuOq?quality=1200&allowAnimation=true
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1200x899, components 3
Size 193 kB (192552 bytes)
Hash 52ebc64229b30af766ace185ca4c2573
ce5889e944334d020141a0037555619f9ad29fff
247e7274228d4daf2afc99903d4d5becda777b2856e9d4e483e67fa5dc1792be
GET /s/sltDyzIk1fZzuCQM/images/sVarP9CHCNZuOq?quality=1200&allowAnimation=true HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 68fd98c5-84c5-46ba-8895-80f8944e2f04
X-UserSessionId: 68fd98c5-84c5-46ba-8895-80f8944e2f04
X-OfficeFE: SwayFrontEnd_IN_31
X-OfficeVersion: 16.0.17624.40100
X-OfficeCluster: eus-002.www.sway.com
X-Partitioning-Enabled: true
anonuserid: 93b16d2d-992f-4a46-ad6e-c98b6972e9f1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
X-RequestId: 7621bc35-facf-4a87-9a3c-280bc4695df8
X-TrackingId: f88e27dd-2efb-411a-b183-a0d085d1e6dc
X-Frame-Options: SAMEORIGIN
X-Powered-By: ARR/3.0
Content-Length: 192552
Cache-Control: private, max-age=3600
Date: Wed, 08 May 2024 17:24:49 GMT
Connection: keep-alive
eus-www.sway-cdn.com/161762440100_Content/feedback/OfficeBrowserFeedback.js
95.101.96.137200 OK 45 kB URL GET HTTP/1.1 eus-www.sway-cdn.com/161762440100_Content/feedback/OfficeBrowserFeedback.js
IP 95.101.96.137:443
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectwww.sway-cdn.com
FingerprintE8:E0:26:75:8C:7E:58:DC:A0:76:65:3E:31:6D:68:B8:49:54:10:BB
ValidityThu, 10 Aug 2023 15:52:12 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32416)
Hash 9f5dba23bbfb4e0d50ac9aa6ce998d1a
0f027b6b4fd323c708592dcde052774ca7fd5fd6
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
GET /161762440100_Content/feedback/OfficeBrowserFeedback.js HTTP/1.1
Host: eus-www.sway-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sway.cloud.microsoft/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2024 06:18:14 GMT
Accept-Ranges: bytes
ETag: "0d74e30f96da1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Partitioning-Enabled: true
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-Powered-By: ARR/3.0
Content-Length: 45168
Cache-Control: public, max-age=57860
Date: Wed, 08 May 2024 17:24:50 GMT
Connection: keep-alive
sway.cloud.microsoft/RemoteUls.ashx
52.111.243.44200 OK 0 B URL POST HTTP/2 sway.cloud.microsoft/RemoteUls.ashx
IP 52.111.243.44:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Certificate IssuerMicrosoft Corporation
Subjectsway.office.com
Fingerprint75:74:77:7E:17:E2:25:6C:D4:B2:4F:28:03:28:37:62:57:1B:12:95
ValidityFri, 08 Mar 2024 14:14:49 GMT - Mon, 03 Mar 2025 14:14:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Office365
POST /RemoteUls.ashx HTTP/1.1
Host: sway.cloud.microsoft
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sway.cloud.microsoft/sltDyzIk1fZzuCQM?ref=Link
Content-Type: application/json
X-UserSessionId: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
X-StoryId: wO8xp4DHSCujzkJ2Xbqk
X-LookupId: sltDyzIk1fZzuCQM
X-WebClientVersion: 201
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
Content-Length: 17642
Origin: https://sway.cloud.microsoft
DNT: 1
Connection: keep-alive
Cookie: AuthSess=36304a11-ea4f-41e1-8eb9-0aba66cc4eb5; AADNonce=a5eaddd7-e008-4243-9fac-a08a843d4e9d.638507858866517839; CalloutShownCount={"VerticalNavigation":1}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 33037e64-4ce5-491e-be1e-9e04270fea26
x-usersessionid: 6f4e6f5d-72e5-433e-b408-7642dfe2f6a4
x-officefe: SwayFrontEnd_IN_3
x-officeversion: 16.0.17624.40100
x-officecluster: weu-001.www.sway.com
x-partitioning-enabled: true
anonuserid: bbb2bd05-236b-4a6a-aed2-54593b0ffab9
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-storyid: wO8xp4DHSCujzkJ2Xbqk
x-lookupid: sltDyzIk1fZzuCQM
x-requestid: da5fd345-164f-4efd-8621-31d50aec8cc8
x-trackingid: 7ac0e129-af48-4b76-ac07-001ffadbffac
x-buls-suppressionetag: N/A
x-buls-suppressedtags:
x-content-type-options: nosniff, nosniff
x-download-options: noopen
content-disposition: attachment
x-powered-by: ARR/3.0
date: Wed, 08 May 2024 17:25:11 GMT
content-length: 0
X-Firefox-Spdy: h2