urlscan.io logo urlscan.io
SecurityTrails logo

sway.cloud.microsoft Open in urlscan Pro
2603:1026:2405:1::25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ldgrwu.lol/
Effective URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Submission: On March 12 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 37 HTTP transactions. The main IP is 2603:1026:2405:1::25, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sway.cloud.microsoft. The Cisco Umbrella rank of the primary domain is 37916.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on December 12th 2023. Valid for: a year.
This is the only time sway.cloud.microsoft was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 137.175.115.33 54600 (PEG-SV)
5 2603:1026:240... 8075 (MICROSOFT...)
29 2a02:26f0:280... 20940 (AKAMAI-ASN1)
2 2a02:26f0:280... 20940 (AKAMAI-ASN1)
37 5
Apex Domain
Subdomains		 Transfer
31 sway-cdn.com
weu-www.sway-cdn.com — Cisco Umbrella Rank: 685018
www.sway-cdn.com — Cisco Umbrella Rank: 68988
24 MB
5 cloud.microsoft
sway.cloud.microsoft — Cisco Umbrella Rank: 37916
36 KB
1 ldgrwu.lol
ldgrwu.lol
350 B
37 3
Domain Requested by
29 weu-www.sway-cdn.com sway.cloud.microsoft
weu-www.sway-cdn.com
5 sway.cloud.microsoft ldgrwu.lol
sway.cloud.microsoft
weu-www.sway-cdn.com
2 www.sway-cdn.com sway.cloud.microsoft
1 ldgrwu.lol
37 4

This site contains links to these domains. Also see Links.

Domain
www.office.com
Subject Issuer Validity Valid
sway.office.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-12-12 -
2024-12-06		 a year crt.sh
www.sway-cdn.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-08-10 -
2024-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Frame ID: 96C56F969A2129F01652E127DC89828B
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

专业平台提现咨询

Page URL History Show full URLs

  1. http://ldgrwu.lol/ Page URL
  2. https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

37
Requests

97 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

25028 kB
Transfer

29111 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ldgrwu.lol/ Page URL
  2. https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ldgrwu.lol/ 		116 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ldgrwu.lol/
Protocol
HTTP/1.1
Server
137.175.115.33 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
mta1.yhboots.info
Software
nginx /
Resource Hash
5ce7e31e310f0b8a6cf10bc31da4ce39a38d8e4831b16e2120db220ec0ab2ab1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Mar 2024 17:43:32 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Primary Request y4i9p3XWR0BuiTT4
sway.cloud.microsoft/ 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Requested by
Host: ldgrwu.lol
URL: http://ldgrwu.lol/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
6c4433ea654b2b533d71afffc44829656c15ef76909eec57828de922499c91a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://ldgrwu.lol/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
11984
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 17:43:31 GMT
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-correlationid
d9feeb96-4dea-4636-b105-503225559bf8
x-frame-options
SAMEORIGIN
x-html-minification-powered-by
WebMarkupMin
x-key
qJIYHs8L6kmcY8wVO1h2ovVJ9RUwr7d3QzzSl6Scpio=,638458622128313614
x-officecluster
weu-000.www.sway.com
x-officefe
SwayFrontEnd_IN_2
x-officeversion
16.0.17419.40103
x-partitioning-enabled
true
x-powered-by
ARR/3.0
x-requestid
e04f0f35-3549-4907-9d0c-a3e27c693ba3
x-robots-tag
noindex, nofollow
x-trackingid
37084245-53d9-4f5e-a667-b7bc8b2a571b
x-ua-compatible
IE=edge
x-usersessionid
d9feeb96-4dea-4636-b105-503225559bf8
Preload.css
weu-www.sway-cdn.com/161741940103_Content/ 		84 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/Preload.css
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
text/css
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
11735
jquery-2.2.4-custom-1.js
weu-www.sway-cdn.com/Content/ 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
29703
jquery-ui-1.11.4-custom.js
weu-www.sway-cdn.com/Content/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
17891
modernizr-3.3.1-custom.js
weu-www.sway-cdn.com/Content/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
3210
Preload.js
weu-www.sway-cdn.com/161741940103_Content/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
4168
tdb.js
weu-www.sway-cdn.com/161741940103_Content/ 		141 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/tdb.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
32326
CommonDiagnostics-Sway-1.0.0.js
weu-www.sway-cdn.com/Content/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
13381
Common.js
weu-www.sway-cdn.com/161741940103_Content/ 		1 MB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/Common.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
1cba54d6b38dadc0e51533220c5b279d7626d7b594d01ad512377923e89b769c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
202693
Resources.js
weu-www.sway-cdn.com/161741940103_Content/de/ 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/de/Resources.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
41c92a375cd12ef4a8319f22f7777d5664de6f0e0001801471fec2370d5ced3b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43067
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
44514
StoryPage.js
weu-www.sway-cdn.com/161741940103_Content/ 		1 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/StoryPage.js
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
6b4d0d07f8a0aafd09dfa3806bada144aab09704390d8c57a9a8d76f516dd349
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
262122
get
sway.cloud.microsoft/s/y4i9p3XWR0BuiTT4/ 		120 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sway.cloud.microsoft/s/y4i9p3XWR0BuiTT4/get?currentClientVersion=201
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c4c8965642de09d68a5a844f98511487a7e339737ce9002a9cc89747f7f22c43
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-WebClientVersion
201
X-UserSessionId
d9feeb96-4dea-4636-b105-503225559bf8
accept-language
de-DE,de;q=0.9
X-Key
qJIYHs8L6kmcY8wVO1h2ovVJ9RUwr7d3QzzSl6Scpio=,638458622128313614
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
X-LookupId
y4i9p3XWR0BuiTT4
Referer
https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
X-StoryId
BpzEdDZeGL0C4URsODij

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Mar 2024 17:43:32 GMT
x-requestid
0075f15a-cfc5-4340-b7b6-ee59f4ad93ab
x-officeversion
16.0.17419.40103
x-powered-by
ARR/3.0
x-officefe
SwayFrontEnd_IN_5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-partitioning-enabled
true
content-length
22677
x-storyid
BpzEdDZeGL0C4URsODij
x-payload-size
23416
pragma
no-cache
x-trackingid
8221453f-843d-4c30-9769-704bcff5b412
x-correlationid
270a6abe-f509-4412-834b-f242579b7392
x-officecluster
weu-000.www.sway.com
x-usersessionid
d9feeb96-4dea-4636-b105-503225559bf8
x-frame-options
SAMEORIGIN
content-type
application/json
x-lookupid
y4i9p3XWR0BuiTT4
cache-control
no-cache, no-store, must-revalidate
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
timing-allow-origin
*
x-server-time-elapsed
46
expires
-1
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/gif
segoeui.woff
weu-www.sway-cdn.com/Content/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/segoeui.woff
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
75464
Common.css
weu-www.sway-cdn.com/161741940103_Content/ 		247 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/Common.css
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
text/css
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
27698
Home.css
weu-www.sway-cdn.com/161741940103_Content/ 		365 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/Home.css
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
text/css
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
31952
StoryPage.css
weu-www.sway-cdn.com/161741940103_Content/ 		826 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/StoryPage.css
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e724c84db2673674e9b9b57e0e30339c2878b641bf88fcc33915707b68e5d0c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
text/css
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
79108
story_cluster.css
weu-www.sway-cdn.com/161741940103_Content/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/story_cluster.css
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
text/css
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41780
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
930
common_raw.js
weu-www.sway-cdn.com/161741940103_Content/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/common_raw.js
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41781
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
6432
Hammer-2.0.4.js
weu-www.sway-cdn.com/Content/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/Hammer-2.0.4.js
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41781
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
6449
swayicon.woff
weu-www.sway-cdn.com/161741940103_Content/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/swayicon.woff
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
22140
worlds
sway.cloud.microsoft/sway/v1.0/y4i9p3XWR0BuiTT4/ 		457 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sway.cloud.microsoft/sway/v1.0/y4i9p3XWR0BuiTT4/worlds?_=1710265413209
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5a33a472e3ffaaa8be923ea8ac7e2ef8d3ea230407ea30fa86c3627b6959ecfa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-WebClientVersion
201
X-UserSessionId
d9feeb96-4dea-4636-b105-503225559bf8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-LookupId
y4i9p3XWR0BuiTT4
Accept
*/*
Referer
https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
X-Requested-With
XMLHttpRequest
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
X-StoryId
BpzEdDZeGL0C4URsODij

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Mar 2024 17:43:32 GMT
x-requestid
3c495065-cf6e-4810-8e98-4c9cb0527b90
x-officeversion
16.0.17419.40103
x-powered-by
ARR/3.0
x-officefe
SwayFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-partitioning-enabled
true
content-length
204
x-storyid
BpzEdDZeGL0C4URsODij
x-trackingid
a361380e-110d-4644-9017-e4f8fbe81c3f
x-correlationid
5155586d-b562-4b77-88c5-a2ce295d0c2b
x-officecluster
weu-000.www.sway.com
x-usersessionid
d9feeb96-4dea-4636-b105-503225559bf8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
x-lookupid
y4i9p3XWR0BuiTT4
cache-control
private
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
timing-allow-origin
*
msyh.woff
www.sway-cdn.com/Content/ 		14 MB
14 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sway-cdn.com/Content/msyh.woff
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:187::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
8420324b6090bc642b268c3ed241c120a4af96cfde0d9e3d1e6c92a13493e191
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
ETag
"03c4d5e7e63da1:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14503848
X-Partitioning-Enabled
true
msyhbd.woff
www.sway-cdn.com/Content/ 		10 MB
10 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sway-cdn.com/Content/msyhbd.woff
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:187::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3310de9c065f15cf5dffb4abe5e1254bcc23a176edc81caeec293c94d8195911
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
ETag
"03c4d5e7e63da1:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9974184
X-Partitioning-Enabled
true
analytics
sway.cloud.microsoft/sway/v1.0/y4i9p3XWR0BuiTT4/ 		2 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sway.cloud.microsoft/sway/v1.0/y4i9p3XWR0BuiTT4/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-WebClientVersion
201
X-UserSessionId
d9feeb96-4dea-4636-b105-503225559bf8
accept-language
de-DE,de;q=0.9
X-Key
qJIYHs8L6kmcY8wVO1h2ovVJ9RUwr7d3QzzSl6Scpio=,638458622128313614
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json; charset=utf-8
X-LookupId
y4i9p3XWR0BuiTT4
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
X-Requested-With
XMLHttpRequest
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
X-StoryId
BpzEdDZeGL0C4URsODij

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
date
Tue, 12 Mar 2024 17:43:32 GMT
x-content-type-options
nosniff
x-requestid
89543859-3762-434e-a832-3ba136b44a93
x-officeversion
16.0.17419.40103
x-powered-by
ARR/3.0
x-officefe
SwayFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-partitioning-enabled
true
content-length
2
x-storyid
BpzEdDZeGL0C4URsODij
x-trackingid
0be8c4ae-631b-4e7e-b901-fee1e66a2b45
x-correlationid
a7b80a0d-013c-481f-80dd-37c6cda05f06
x-officecluster
weu-000.www.sway.com
x-usersessionid
d9feeb96-4dea-4636-b105-503225559bf8
x-frame-options
SAMEORIGIN
content-type
application/json
x-lookupid
y4i9p3XWR0BuiTT4
cache-control
private
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
timing-allow-origin
*
Background_SubtleFreckles.png
weu-www.sway-cdn.com/161741940103_Content/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/Background_SubtleFreckles.png
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
6486084784ae2797fcbc831e07bde313dab2a8c51261a9843b1de1cd34e18283
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
995cdbc9-e580-47ae-9915-c4497072927c
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_11
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
84999
X-TrackingId
875fb4f6-1832-40fd-9cee-ac9ea095ade9
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
1a387c0c-b3c5-49ed-bcc1-c7f84fb29adb
X-UserSessionId
1a387c0c-b3c5-49ed-bcc1-c7f84fb29adb
X-OfficeCluster
weu-001.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
c3c589ac-02b2-4751-a05b-726cb0f64d8d
Timing-Allow-Origin
*
swayiconsb.woff
weu-www.sway-cdn.com/161741940103_Content/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/swayiconsb.woff
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
23704
story.png
weu-www.sway-cdn.com/161741940103_Content/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/story.png
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
f3fb150c-2641-4841-8b22-6c56036de162
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_22
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
10721
X-TrackingId
6b2ac4b5-a369-4773-abf7-7ed55530dd30
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
34acc967-f4a2-480d-9c7f-ea8de3b07448
X-UserSessionId
34acc967-f4a2-480d-9c7f-ea8de3b07448
X-OfficeCluster
weu-001.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
012e5133-01c0-4aec-8bad-637a08a19a1d
Timing-Allow-Origin
*
traveling_dots1color_shorter_white.gif
weu-www.sway-cdn.com/161741940103_Content/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/traveling_dots1color_shorter_white.gif
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
bc71ae1f-1939-4931-89b3-e2d6b1347b47
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_15
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
6828
X-TrackingId
f01ebab8-eaa7-4a6e-858f-0e830b0c5a3d
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
41739499-bf4a-408a-89d5-a0b77b6b2753
X-UserSessionId
41739499-bf4a-408a-89d5-a0b77b6b2753
X-OfficeCluster
weu-000.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/gif
Accept-Ranges
bytes
anonuserid
604fef75-928a-4379-a4b6-0dabdbb7d02f
Timing-Allow-Origin
*
whitespinner.32x32.gif
weu-www.sway-cdn.com/161741940103_Content/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/whitespinner.32x32.gif
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
2ba1ef63-7e73-4094-aa62-b160675ac15b
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_20
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
1278
X-TrackingId
854ff111-bb70-4f40-9e9b-908e868c2ea7
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
49058b9e-d323-4f7f-a1bf-97b94e1c87b2
X-UserSessionId
49058b9e-d323-4f7f-a1bf-97b94e1c87b2
X-OfficeCluster
weu-000.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/gif
Accept-Ranges
bytes
anonuserid
bdd39782-184b-42ce-9d34-d14de1c2ade8
Timing-Allow-Origin
*
RemoteUls.ashx
sway.cloud.microsoft/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sway.cloud.microsoft/RemoteUls.ashx
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

X-WebClientVersion
201
X-UserSessionId
d9feeb96-4dea-4636-b105-503225559bf8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json
X-LookupId
y4i9p3XWR0BuiTT4
Referer
https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
X-StoryId
BpzEdDZeGL0C4URsODij

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
date
Tue, 12 Mar 2024 17:43:32 GMT
x-content-type-options
nosniff, nosniff
x-requestid
9beb52fd-9267-49fc-b4d1-cdc3edcd3489
x-officeversion
16.0.17419.40103
x-powered-by
ARR/3.0
x-officefe
SwayFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
x-partitioning-enabled
true
content-length
0
x-storyid
BpzEdDZeGL0C4URsODij
x-trackingid
bd4acdc0-648e-4c2c-8e08-f6b04b1df721
x-correlationid
261874de-d166-4e6b-8cb0-f637b408922e
x-officecluster
weu-001.www.sway.com
x-usersessionid
d9feeb96-4dea-4636-b105-503225559bf8
x-download-options
noopen
content-type
text/plain
x-lookupid
y4i9p3XWR0BuiTT4
cache-control
private
anonuserid
1ef74633-a34e-4e78-92a1-1a9af845b405
timing-allow-origin
*
XHJ3DIuOGRGX4B
weu-www.sway-cdn.com/s/y4i9p3XWR0BuiTT4/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/s/y4i9p3XWR0BuiTT4/images/XHJ3DIuOGRGX4B?quality=400&allowAnimation=true
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
b88b49f8a35f94205bf5412d1787e267a8efa91dbc1f082a76ac07fe7a6a305d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
53ce7871-2401-4977-b408-691c0bb2ef49
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
17722
X-TrackingId
6c7ab9b0-6b3e-414b-bdce-653cd092774a
X-CorrelationId
f5814f20-0ba5-4fd7-8831-5598728a1ae5
X-OfficeCluster
weu-001.www.sway.com
X-UserSessionId
f5814f20-0ba5-4fd7-8831-5598728a1ae5
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=3600
anonuserid
1dc3c25e-a5c6-4354-8f63-b89627b25111
Timing-Allow-Origin
*
LayoutVerticalWorld.png
weu-www.sway-cdn.com/161741940103_Content/ 		384 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/LayoutVerticalWorld.png
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
ddd565809b26a720fc695f80fb88d61b8985a35c11a5d15926b6b2ded99823df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
d3345eb3-8f49-4dba-94ac-90f8e58a12e0
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_35
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
384
X-TrackingId
c1062ced-a4db-4676-90c0-cbf74c6f5c17
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
3ae38965-d7ad-4555-8411-979267688103
X-UserSessionId
3ae38965-d7ad-4555-8411-979267688103
X-OfficeCluster
weu-000.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
0a9deb64-2d0d-4227-b3f4-59955e1ce833
Timing-Allow-Origin
*
LayoutPanoramaWorld.png
weu-www.sway-cdn.com/161741940103_Content/ 		387 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/LayoutPanoramaWorld.png
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
0eccaf7f0137b30c89aa77248f35c2b17e0f455ee46ae9fd1edb805f45816934
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
5e28d3ec-0247-48da-b078-be50d6d55d99
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_25
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
387
X-TrackingId
a09ff60f-15eb-4387-a26e-c44ea227d318
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
eaf41645-65b3-4dce-85e8-a30d8cc89b1d
X-UserSessionId
eaf41645-65b3-4dce-85e8-a30d8cc89b1d
X-OfficeCluster
weu-001.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
cbeb86ba-63e7-4503-acf2-28c7ca453abc
Timing-Allow-Origin
*
LayoutExpoWorld.png
weu-www.sway-cdn.com/161741940103_Content/ 		368 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/LayoutExpoWorld.png
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
d0e53af89bc2f1079669b0dbee0e2e2c2fd7f5be5bf2db44a23f22553767e4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
X-RequestId
9a0b68ec-9e42-437e-8558-9510bfb97341
X-OfficeVersion
16.0.17419.40103
X-Powered-By
ARR/3.0
X-OfficeFE
SwayFrontEnd_IN_33
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-Partitioning-Enabled
true
Content-Length
368
X-TrackingId
1fb176db-ea89-4c08-8bef-5e75d0376104
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
X-CorrelationId
6605b864-4be3-45f5-a47e-237c15640bb3
X-UserSessionId
6605b864-4be3-45f5-a47e-237c15640bb3
X-OfficeCluster
weu-001.www.sway.com
ETag
"03c4d5e7e63da1:0"
Content-Type
image/png
Accept-Ranges
bytes
anonuserid
c544ec4a-ec25-4f48-8562-55ef3627d1c3
Timing-Allow-Origin
*
segoeuisl.woff
weu-www.sway-cdn.com/Content/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/Content/segoeuisl.woff
Requested by
Host: sway.cloud.microsoft
URL: https://sway.cloud.microsoft/y4i9p3XWR0BuiTT4?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sway.cloud.microsoft/
Origin
https://sway.cloud.microsoft
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Date
Tue, 12 Mar 2024 17:43:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Feb 2024 21:55:36 GMT
ETag
"03c4d5e7e63da1:0"
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
29464
OfficeBrowserFeedback.js
weu-www.sway-cdn.com/161741940103_Content/feedback/ 		158 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weu-www.sway-cdn.com/161741940103_Content/feedback/OfficeBrowserFeedback.js
Requested by
Host: weu-www.sway-cdn.com
URL: https://weu-www.sway-cdn.com/161741940103_Content/Preload.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:189::26ad Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sway.cloud.microsoft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 12 Mar 2024 17:43:35 GMT
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=41781
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Partitioning-Enabled
true
Content-Length
45168

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PageExecutionBegin undefined| cookieExists function| getCookie function| tryParseInt function| onContentError function| onContentLoad object| errorsDuringLoad object| CommonSettings object| StoryPageSettings boolean| IsProductionEnvironment undefined| swayConsumptionFirstModel boolean| UnitTestMode boolean| NoRunOnLoad object| PreloadUrls string| CurrentPage object| OfficeBrowserFeedback function| $ function| jQuery object| Modernizr object| StoryApp function| __extends object| TDB object| ArrayExtensions object| Obj object| StringExtensions object| DictionaryExtensions function| DisposableHolder function| Disposable object| EnumParser object| PlatformPolyFill object| platform function| Size object| KeyCodeType object| KeyCodes object| Sys object| Diag function| fidoCallback function| capturePerformanceMetric object| CommonBindings object| ControlAttributes function| SharingDisabledDialog object| HistoryManager object| StoryLimitType object| LimitMessageType function| LimitData function| LimitDataCounter object| RemoveViewedStories object| StoryPerformance function| ConditionalExecute object| AppType object| Aria object| Delete object| EmbedHostType object| FontIcons object| FontLoadTest object| FontIconsMapping function| FirstModel object| StoryBrandingMode object| StoryJoinResult object| UserType object| VisualLinkMode object| ActionLogger object| ClientAction function| FileObject function| Flags object| ResourceManager object| State function| CancellationSource function| Cookie object| PageType function| ObjectOM function| CompartmentComponent function| DisposableObjectOM function| Point object| EdgeSegment function| BaseRect function| Rect object| RemoveEditor function| Color object| FlightList object| Glyphs function| HashMap object| Icons object| FREDialogPage1ImageLarge object| FREDialogPage1ImageSmall object| UX object| CookieConsent function| AuthoringDisabledDialog function| BRSDialog function| ErrorDialog function| NyiDialog function| SurveyDialog function| OneNoteSurveyDialog function| WatchableSwitchesTransport object| DocumentIngestion object| FeatureDetection function| FlightClientSettings object| IdGenerator object| ImageUtils object| Containers object| CommonMain undefined| PerformanceMetrics boolean| IsPerformanceModeOn object| StoryAudience object| StoryLog object| StoryLogUtilities object| StoryManager object| MonitoredScope function| StoryReference object| StoryViewMode function| Task function| DeferredTask function| TaskPool object| DropShadow object| TextShadow function| AudioStreamingInfoRequest function| AudioStreamingInfoResponse object| ChangeLinkErrorCode function| ChangeLinkErrorResponse function| ChangeLinkRequest function| ChangeLinkResponse function| CreateAndJoinRequest function| CreateAndJoinResponse function| EnabledLanguagesResponse function| DynamicStyleInfo function| EmbeddedOneDriveInfo function| EmbeddedStoryInfo function| EmbeddedOneDriveInfoRequest function| LogStackTraceResponse function| LogStackTraceRequest object| MakeOutlineResponseType object| MakeOutlineErrorType function| MakeOutlineResponse function| FacebookConnectUrlResponse function| ImageCropsResponse function| ImageCropRequest function| ImageCropsRequest function| O365ShellServiceResponse object| OneDriveEmbedType function| StoryTileBase function| StoryTile function| ThumbnailResponse function| VideoStreamingInfoRequest function| VideoStreamingInfoResponse function| AnalyticsStoryTile function| ViewedStoryTile function| ViewOptionOverrides object| FileUploader object| Resources function| __assign object| StoryPageMain object| MathUtils object| Platform object| AnimationKernel object| CssAnimation object| SharingUiInit string| PageServedBy boolean| pageReady string| pageID function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader function| DismissPopupBanner function| GetRootDomain function| CreateCookie function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| GetRedirectUrlFromFederationProvider function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| OnErrorPageLoaded function| SetWarmupFrameUrl function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml string| g_rootDomain undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive boolean| g_persistentDialog object| g_hrdTimeout object| g_defaultSignInTimeout undefined| g_preferredIdpForDefaultSignIn undefined| g_orgIdReturnUrl undefined| g_msaReturnUrl undefined| g_appId boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| Hammer

3 Cookies

Domain/Path Name / Value
.sway.cloud.microsoft/ Name: AuthSess
Value: d920776e-4d2f-4ea4-a7b1-24ca5ccdd4d4
.cloud.microsoft/ Name: AADNonce
Value: 9d373462-e55f-40f5-b615-d524a54c6d83.638458622128782347
sway.cloud.microsoft/ Name: CalloutShownCount
Value: {"VerticalNavigation":1}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ldgrwu.lol
sway.cloud.microsoft
weu-www.sway-cdn.com
www.sway-cdn.com
137.175.115.33
2603:1026:2405:1::25
2a02:26f0:280:187::26ad
2a02:26f0:280:189::26ad
0eccaf7f0137b30c89aa77248f35c2b17e0f455ee46ae9fd1edb805f45816934
11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
1cba54d6b38dadc0e51533220c5b279d7626d7b594d01ad512377923e89b769c
2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
3310de9c065f15cf5dffb4abe5e1254bcc23a176edc81caeec293c94d8195911
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
41c92a375cd12ef4a8319f22f7777d5664de6f0e0001801471fec2370d5ced3b
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
5a33a472e3ffaaa8be923ea8ac7e2ef8d3ea230407ea30fa86c3627b6959ecfa
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
5ce7e31e310f0b8a6cf10bc31da4ce39a38d8e4831b16e2120db220ec0ab2ab1
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
6486084784ae2797fcbc831e07bde313dab2a8c51261a9843b1de1cd34e18283
6b4d0d07f8a0aafd09dfa3806bada144aab09704390d8c57a9a8d76f516dd349
6c4433ea654b2b533d71afffc44829656c15ef76909eec57828de922499c91a3
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
8420324b6090bc642b268c3ed241c120a4af96cfde0d9e3d1e6c92a13493e191
8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
b88b49f8a35f94205bf5412d1787e267a8efa91dbc1f082a76ac07fe7a6a305d
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
c4c8965642de09d68a5a844f98511487a7e339737ce9002a9cc89747f7f22c43
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
d0e53af89bc2f1079669b0dbee0e2e2c2fd7f5be5bf2db44a23f22553767e4d7
d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
ddd565809b26a720fc695f80fb88d61b8985a35c11a5d15926b6b2ded99823df
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e724c84db2673674e9b9b57e0e30339c2878b641bf88fcc33915707b68e5d0c8
e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6