urlscan.io logo urlscan.io
SecurityTrails logo

sway.office.com Open in urlscan Pro
52.109.12.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cerebusforensics.com/yealink/exploit.html
Effective URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Submission: On October 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 52.109.12.50, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is sway.office.com.
TLS certificate: Issued by Microsoft IT TLS CA 5 on July 10th 2018. Valid for: 2 years.
This is the only time sway.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 197.242.144.8 37611 (Afrihost)
9 52.109.12.50 8075 (MICROSOFT...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 2.19.38.211 20940 (AKAMAI-ASN1)
1 2.16.186.40 20940 (AKAMAI-ASN1)
1 2.19.34.64 20940 (AKAMAI-ASN1)
23 7
1    197.242.144.8 (South Africa)

ASN37611 (Afrihost, ZA)
PTR: pebbles.aserv.co.za
cerebusforensics.com
9    52.109.12.50 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
sway.office.com
3    2a02:26f0:6c00:286::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
uhf.microsoft.com
7    2.19.38.211 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-211.deploy.static.akamaitechnologies.com
wus-www.sway-cdn.com
1    2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
spoprod-a.akamaihd.net
1    2.19.34.64 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-64.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
Domain Requested by
9 sway.office.com wus-www.sway-cdn.com
sway.office.com
7 wus-www.sway-cdn.com sway.office.com
wus-www.sway-cdn.com
3 uhf.microsoft.com sway.office.com
1 static2.sharepointonline.com sway.office.com
1 spoprod-a.akamaihd.net sway.office.com
1 cerebusforensics.com
23 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
sway.office.com
Microsoft IT TLS CA 5		 2018-07-10 -
2020-07-10		 2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5		 2019-04-30 -
2021-04-30		 2 years crt.sh
www.sway-cdn.com
Microsoft IT TLS CA 5		 2018-03-05 -
2020-03-04		 2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
*.sharepointonline.com
Microsoft IT TLS CA 4		 2019-09-06 -
2021-09-06		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Frame ID: 6ED66862A9A031AA2B7FEDC640F46605
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cerebusforensics.com/yealink/exploit.html Page URL
  2. https://sway.office.com/3pCb559LYVuT0eig?ref=Link Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

91 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

725 kB
Transfer

1818 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cerebusforensics.com/yealink/exploit.html Page URL
  2. https://sway.office.com/3pCb559LYVuT0eig?ref=Link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
exploit.html
cerebusforensics.com/yealink/ 		253 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cerebusforensics.com/yealink/exploit.html
Protocol
HTTP/1.1
Server
197.242.144.8 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
pebbles.aserv.co.za
Software
Apache /
Resource Hash
f7a13a28111d0c291aeb0df9879bca93661232a86ce07f79a441d38dd58c2230

Request headers

Host
cerebusforensics.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 21:52:28 GMT
Server
Apache
Last-Modified
Sun, 04 Aug 2019 11:07:51 GMT
Accept-Ranges
bytes
Content-Length
253
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Primary Request 3pCb559LYVuT0eig
sway.office.com/ 		34 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c9389479be73cbf4ca6c1c7c0512602936338fa0935c9417688d5ccc26483226
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
sway.office.com
:scheme
https
:path
/3pCb559LYVuT0eig?ref=Link
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://cerebusforensics.com/yealink/exploit.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://cerebusforensics.com/yealink/exploit.html

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
AuthSess=a52e8a25-f945-4982-b7c4-1989d594601b; domain=sway.office.com; path=/; secure; HttpOnly AADNonce=323e6ace-41ab-4579-a703-d3b4b0ec49af.637066867560707707; domain=office.com; path=/; secure; HttpOnly cookieblocked=; path=/; secure
x-correlationid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-officefe
SwayFrontEnd_IN_0
x-officeversion
19.1.6009.6826
x-officecluster
wus-001.www.sway.com
anonuserid
7c8fef72-36fa-431e-9e81-4eba196c7555
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains; preload
timing-allow-origin
*
x-requestid
6a86805e-af4f-4779-9ec7-ec83edd8fcbd
x-trackingid
5f77ea94-3703-4a9b-803a-176fef425a59
x-frame-options
SAMEORIGIN
x-key
unwdAgWE3FOoeqFYpdiB/r3zVAgWFwot7QxiHmpG00c=,637066867559301426
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ARR/3.0
date
Mon, 14 Oct 2019 21:52:35 GMT
content-length
6053
mscc-0.4.1.min.js
uhf.microsoft.com/mscc/statics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.1.min.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 14 Oct 2019 21:52:36 GMT
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 17:42:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
XpofSqMdSqYPb4maLkXO+A==
status
200
etag
0x8D61744BD6EA9B6
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5049127a-701e-0074-2afe-4995de000000
x-ms-version
2009-09-19
content-length
1588
mscc-0.4.1.min.css
uhf.microsoft.com/mscc/statics/ 		1 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.1.min.css
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 14 Oct 2019 21:52:36 GMT
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 17:42:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
2MKxgMQLzH/8vixotX2Pog==
status
200
etag
0x8D61744C3ED0073
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
89ac9d83-001e-0059-6ffe-49161e000000
x-ms-version
2009-09-19
content-length
627
splitMain-prod.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/splitMain-prod.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
aa642237f00d81abc3eac8bf8145b6e9e25a3298c0d3f4d73bc3cf368c18cc6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=34768
Date
Mon, 14 Oct 2019 21:52:36 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1433
vendors~main.chunk.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		796 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/vendors~main.chunk.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
ca49a3e3c3094d926fb74ea601ee82d69224933fd536b0ecb727edaefc23845b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=34768
Date
Mon, 14 Oct 2019 21:52:36 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
201038
main.chunk.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		127 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/main.chunk.js
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
338e12807a05ad192ecf862d6456995b6c3f0b811df62165f7c34548cc518a47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=34768
Date
Mon, 14 Oct 2019 21:52:36 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
32179
vendors~Sway~Consumption.chunk.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		124 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/vendors~Sway~Consumption.chunk.js
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/splitMain-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
8c5015ff8e93f8782cb38d2e525c8220b1294fdd3f157f60a642b454deb28ec3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
34206
ETag
"0d8c292f57dd51:0"
Last-Modified
Tue, 08 Oct 2019 16:29:36 GMT
Date
Mon, 14 Oct 2019 21:52:37 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
Timing-Allow-Origin
*
Sway~Consumption.chunk.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		197 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/Sway~Consumption.chunk.js
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/splitMain-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
ee841291a54d27ae430952ccfc8cf694f54a21ba3d0cd7ac4d2d74d36fc613bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
41178
ETag
"0d8c292f57dd51:0"
Last-Modified
Tue, 08 Oct 2019 16:29:36 GMT
Date
Mon, 14 Oct 2019 21:52:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
Timing-Allow-Origin
*
_log
uhf.microsoft.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhf.microsoft.com/_log?o=mscc&s=store&m=show&nv=aspnet-2.0.6&sv=0.1.2
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Oct 2019 21:52:36 GMT
status
204
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Mon, 14 Oct 2019 21:52:36 GMT
vendors~Sway~DocumentNavigation.chunk.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/vendors~Sway~DocumentNavigation.chunk.js
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/splitMain-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
dfb4a6c859f78fc5f47318015a3862fb1907a59345bdfd431c9d11dbabaa42fd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6168
ETag
"0d8c292f57dd51:0"
Last-Modified
Tue, 08 Oct 2019 16:29:36 GMT
Date
Mon, 14 Oct 2019 21:52:37 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
Timing-Allow-Origin
*
Sway~DocumentNavigation.chunk.js
wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/Sway~DocumentNavigation.chunk.js
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/splitMain-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-211.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
bb81845ff46eea729c37baa30aec3e1112a3e00e0839298f1c64e672b3cd0407
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ARR/3.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
5444
ETag
"0d8c292f57dd51:0"
Last-Modified
Tue, 08 Oct 2019 16:29:36 GMT
Date
Mon, 14 Oct 2019 21:52:37 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
Timing-Allow-Origin
*
T2!rMCW6nmAwL11Zko!UXzrbhcwsfk-zA
sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/model/v1.21/ 		46 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/model/v1.21/T2!rMCW6nmAwL11Zko!UXzrbhcwsfk-zA
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/main.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
bc681f303f70ed788bf15b945a92df37fba34fae1f145bb2fef82629115d3241
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-key
undefined
Sec-Fetch-Mode
cors
content-type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
a45479ce-d56a-4426-b2a0-7a6a6dd936f4
x-officeversion
19.1.6009.6826
x-officefe
SwayFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
5640
pragma
no-cache
x-trackingid
d416fc4c-9daa-47fe-ae99-a2483fe7e16e
x-correlationid
e766b948-a133-43b3-beaf-3af848b147dd
x-officecluster
wus-000.www.sway.com
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-powered-by
ARR/3.0
date
Mon, 14 Oct 2019 21:52:37 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
anonuserid
aa26632a-30b7-43e6-a9fe-697891e3a2dc
timing-allow-origin
*
expires
-1
T2!r0F7uuJTDViRCO8!JhPwvVWGB6Fnqs
sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/model/v1.21/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/model/v1.21/T2!r0F7uuJTDViRCO8!JhPwvVWGB6Fnqs
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/main.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
4fdc401fa9c3998a6aeb5e1ee7f5dc7e0af00285800645169022b4a2e8c04620
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-key
undefined
Sec-Fetch-Mode
cors
content-type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
3a97c98d-5f15-4e27-b5b9-3dfbc8809670
x-officeversion
19.1.6009.6826
x-officefe
SwayFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
2596
pragma
no-cache
x-trackingid
36eaab52-73be-4526-9d05-79ed004be0cc
x-correlationid
5e26a14d-99b2-42b4-b97d-f9377e736831
x-officecluster
wus-000.www.sway.com
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-powered-by
ARR/3.0
date
Mon, 14 Oct 2019 21:52:37 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
anonuserid
b0cde9b3-5bf8-4d28-a5a5-f01da4160c9a
timing-allow-origin
*
expires
-1
ModernMT.woff
sway.office.com/Content/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/Content/ModernMT.woff
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
fcbd729033bcfb895f97b76d14300604cedfffebda9f067fd98696a7cf7fc81a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
x-content-type-options
nosniff
content-type
application/font-woff
last-modified
Tue, 08 Oct 2019 16:29:36 GMT
x-powered-by
ARR/3.0
status
200
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
access-control-allow-origin
*
cache-control
public
date
Mon, 14 Oct 2019 21:52:37 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
56984
etag
"0d8c292f57dd51:0"
times.woff
sway.office.com/Content/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/Content/times.woff
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
199c4a56dc05dc42344a9a8ec71c63b042ff5d041c1c6e0b924626a00b0214b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
x-content-type-options
nosniff
content-type
application/font-woff
last-modified
Tue, 08 Oct 2019 16:29:36 GMT
x-powered-by
ARR/3.0
status
200
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
access-control-allow-origin
*
cache-control
public
date
Mon, 14 Oct 2019 21:52:37 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
128318
etag
"0d8c292f57dd51:0"
fabric-icons-a13498cf.woff
spoprod-a.akamaihd.net/files/fabric/assets/icons/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabric-icons-a13498cf.woff
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
54fb85fe9299322c336fa3fe8d11f6fb6f2052f222536a14f810b7c55f9c959e

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 14 Oct 2019 21:52:37 GMT
last-modified
Wed, 23 Jan 2019 22:53:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6818599321FCB
status
200
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
fcca20ce-d01e-00d5-0e9b-b4550f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=8620402
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
6784
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: sway.office.com
URL: https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.34.64 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-64.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 14 Oct 2019 21:52:37 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
status
200
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
9390ca86-a01e-00b7-5556-9d12d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=6061578
x-ms-version
2009-09-19
content-length
36344
navigation
sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/ 		1 KB
774 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/navigation
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/main.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
7ddc85dd3017d8e35e5d86d198933e5ab53c8e3f94f7c59b15349eea8fe79140
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-key
undefined
Sec-Fetch-Mode
cors
content-type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
49c32454-97ea-4240-8efc-a0dc990c13c4
x-officeversion
19.1.6009.6826
x-officefe
SwayFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
609
pragma
no-cache
x-trackingid
337c7036-4ea2-4504-8735-917724cdf7e3
x-correlationid
0d8ae8fd-11be-4f8d-bc6c-3682728ecc00
x-officecluster
wus-001.www.sway.com
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-powered-by
ARR/3.0
date
Mon, 14 Oct 2019 21:52:37 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
anonuserid
563a7051-4d70-4f1d-91d4-9627ed7b2c88
timing-allow-origin
*
expires
-1
timesbd.woff
sway.office.com/Content/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/Content/timesbd.woff
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/Sway~Consumption.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5f8b5e50e1d6ced8497c36fd14bea91a655c62c40169a036187aea998479a517
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
Origin
https://sway.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
x-content-type-options
nosniff
content-type
application/font-woff
last-modified
Tue, 08 Oct 2019 16:29:36 GMT
x-powered-by
ARR/3.0
status
200
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
access-control-allow-origin
*
cache-control
public
date
Mon, 14 Oct 2019 21:52:37 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
120072
etag
"0d8c292f57dd51:0"
T2!r7tw_Ytt3hlmzYX!ng49po1p50IIIL
sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/model/v1.21/ 		51 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sway.office.com/api/v1.0/document/3pCb559LYVuT0eig/model/v1.21/T2!r7tw_Ytt3hlmzYX!ng49po1p50IIIL
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/main.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
ebeb6cc1235ea4625455595669396dda9c831ee25dfb7c5feaa8d3ca3bcab830
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-key
undefined
Sec-Fetch-Mode
cors
content-type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
be6a61b0-a60d-46f5-b8ea-6463665d5213
x-officeversion
19.1.6009.6826
x-officefe
SwayFrontEnd_IN_2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
6022
pragma
no-cache
x-trackingid
b2676972-aef9-4e70-972e-9783b242ce83
x-correlationid
31693e9c-4e57-4af8-a734-66a8727c915a
x-officecluster
wus-000.www.sway.com
x-usersessionid
4b1b5fc8-a1e9-4a13-a7a9-9e6a671eb1f8
x-powered-by
ARR/3.0
date
Mon, 14 Oct 2019 21:52:37 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
anonuserid
bd53c5b6-9a9e-4e7b-8b42-86761470fb01
timing-allow-origin
*
expires
-1
AvyuF3HsNhLY9w
sway.office.com/s/3pCb559LYVuT0eig/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sway.office.com/s/3pCb559LYVuT0eig/images/AvyuF3HsNhLY9w?quality=640&filterEffectsFormula=Grayscale=0,Contrast=1.15
Requested by
Host: wus-www.sway-cdn.com
URL: https://wus-www.sway-cdn.com/19160096826_Content/webclient/js/en-US/Sway~Consumption.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.12.50 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
86f0bd5d4d5c81572b2dcbf0c5ed7adca1d180b072a322f2b7663a2213f7101f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://sway.office.com/3pCb559LYVuT0eig?ref=Link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains; preload
x-content-type-options
nosniff
x-requestid
a0260b22-7186-4562-984b-0dd39ec59dac
x-officeversion
19.1.6009.6826
x-officefe
SwayFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
40507
x-trackingid
103ebdf3-d181-4ca7-9aaa-78aa165e7557
x-correlationid
ec1054bb-fbfc-4b41-b7a3-18d1edc5ebc5
x-officecluster
wus-001.www.sway.com
x-usersessionid
ec1054bb-fbfc-4b41-b7a3-18d1edc5ebc5
x-powered-by
ARR/3.0
date
Mon, 14 Oct 2019 21:52:37 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
anonuserid
998ff8ee-5a91-480b-b8dc-48396da810b2
timing-allow-origin
*
RemoteUls.ashx
sway.office.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sway.office.com
URL
https://sway.office.com/RemoteUls.ashx

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| mscc string| __webClientScriptPath object| webpackJsonp function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault number| __mobxInstanceCount object| __packages__ object| __globalSettings__ object| __stylesheet__ number| __currentId__ object| __themeState__ object| Sys object| Diag boolean| __hasInitializeFocusRects__ boolean| __hasInitializedDir__ object| __events__

3 Cookies

Domain/Path Name / Value
sway.office.com/ Name: cookieblocked
Value:
.office.com/ Name: AADNonce
Value: d4a8aa80-4050-4015-8327-e81674aba97c.637066867579935822
.sway.office.com/ Name: AuthSess
Value: dcf94f54-d15c-4e41-8b94-04a8a9227cd3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cerebusforensics.com
spoprod-a.akamaihd.net
static2.sharepointonline.com
sway.office.com
uhf.microsoft.com
wus-www.sway-cdn.com
sway.office.com
197.242.144.8
2.16.186.40
2.19.34.64
2.19.38.211
2a02:26f0:6c00:286::2b57
52.109.12.50
199c4a56dc05dc42344a9a8ec71c63b042ff5d041c1c6e0b924626a00b0214b5
338e12807a05ad192ecf862d6456995b6c3f0b811df62165f7c34548cc518a47
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
4fdc401fa9c3998a6aeb5e1ee7f5dc7e0af00285800645169022b4a2e8c04620
54fb85fe9299322c336fa3fe8d11f6fb6f2052f222536a14f810b7c55f9c959e
5f8b5e50e1d6ced8497c36fd14bea91a655c62c40169a036187aea998479a517
7ddc85dd3017d8e35e5d86d198933e5ab53c8e3f94f7c59b15349eea8fe79140
86f0bd5d4d5c81572b2dcbf0c5ed7adca1d180b072a322f2b7663a2213f7101f
8c5015ff8e93f8782cb38d2e525c8220b1294fdd3f157f60a642b454deb28ec3
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
aa642237f00d81abc3eac8bf8145b6e9e25a3298c0d3f4d73bc3cf368c18cc6d
bb81845ff46eea729c37baa30aec3e1112a3e00e0839298f1c64e672b3cd0407
bc681f303f70ed788bf15b945a92df37fba34fae1f145bb2fef82629115d3241
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
c9389479be73cbf4ca6c1c7c0512602936338fa0935c9417688d5ccc26483226
ca49a3e3c3094d926fb74ea601ee82d69224933fd536b0ecb727edaefc23845b
dfb4a6c859f78fc5f47318015a3862fb1907a59345bdfd431c9d11dbabaa42fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeb6cc1235ea4625455595669396dda9c831ee25dfb7c5feaa8d3ca3bcab830
ee841291a54d27ae430952ccfc8cf694f54a21ba3d0cd7ac4d2d74d36fc613bf
f7a13a28111d0c291aeb0df9879bca93661232a86ce07f79a441d38dd58c2230
fcbd729033bcfb895f97b76d14300604cedfffebda9f067fd98696a7cf7fc81a