onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Submission: On July 27 via manual (July 27th 2020, 9:18:17 am UTC) from ZA

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 8 domains to perform 56 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 25th 2019. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a01:111:f100... 2a01:111:f100:9001::1761:9470	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a02:26f0:10c... 2a02:26f0:10c:386::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:10c... 2a02:26f0:10c:39e::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.233.232 104.111.233.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.109.88.96 52.109.88.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2620:1ec:21::23 2620:1ec:21::23	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	168.62.57.154 168.62.57.154	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.10.69.19 23.10.69.19	16625 (AKAMAI-AS) (AKAMAI-AS)
56	13

3 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a01:111:f100:9001::1761:9470 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:10c:386::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:10c:39e::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.232 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-232.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.109.88.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

content.lifecycle.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::23 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

config.edge.skype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 168.62.57.154 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.10.69.19 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-69-19.deploy.static.akamaitechnologies.com

contentstorage.osi.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	live.com 1 redirects onedrive.live.com word-view.officeapps.live.com c.live.com	302 KB
18	office.net c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net content.lifecycle.office.net contentstorage.osi.office.net	760 KB
8	akamaihd.net spoprod-a.akamaihd.net	395 KB
5	microsoft.com browser.pipe.aria.microsoft.com browser.events.data.microsoft.com	2 KB
1	bing.com 1 redirects c.bing.com	744 B
1	skype.com config.edge.skype.com	797 B
1	office.com messaging.office.com	3 KB
1	live.net js.live.net	16 KB
56	8

	Domain	Requested by
18	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net
8	c1-officeapps-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net
8	c1-word-view-15.cdn.office.net	word-view.officeapps.live.com c1-officeapps-15.cdn.office.net c1-word-view-15.cdn.office.net
8	spoprod-a.akamaihd.net	onedrive.live.com
4	browser.pipe.aria.microsoft.com	c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net contentstorage.osi.office.net
3	onedrive.live.com	onedrive.live.com
2	c.live.com	1 redirects
1	browser.events.data.microsoft.com	content.lifecycle.office.net
1	contentstorage.osi.office.net	c1-officeapps-15.cdn.office.net
1	c.bing.com	1 redirects
1	config.edge.skype.com	content.lifecycle.office.net
1	content.lifecycle.office.net	c1-word-view-15.cdn.office.net
1	messaging.office.com	c1-officeapps-15.cdn.office.net
1	js.live.net	c1-word-view-15.cdn.office.net
56	14

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 2	`2019-06-25` - `2021-06-25`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
officeapps.live.com Microsoft IT TLS CA 1	`2020-02-18` - `2022-02-18`	2 years	crt.sh
*.cdn.office.net Microsoft IT TLS CA 5	`2020-04-15` - `2022-04-15`	2 years	crt.sh
p.sfx.ms Microsoft IT TLS CA 2	`2020-02-04` - `2022-02-04`	2 years	crt.sh
messaging.office.com Microsoft IT TLS CA 4	`2019-05-28` - `2021-05-28`	2 years	crt.sh
content.lifecycle.office.net GlobalSign Organization Validation CA - SHA256 - G3	`2019-10-08` - `2021-10-08`	2 years	crt.sh
edge.skype.com Microsoft IT TLS CA 4	`2019-10-31` - `2021-10-31`	2 years	crt.sh
c.msn.com Microsoft IT TLS CA 2	`2020-04-23` - `2022-04-23`	2 years	crt.sh
*.events.data.microsoft.com Microsoft IT TLS CA 1	`2020-05-07` - `2022-05-07`	2 years	crt.sh
*.osi.office.net Microsoft IT TLS CA 5	`2020-03-03` - `2022-03-03`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Frame ID: 246437CF98908E48EA2C6538C5691630
Requests: 13 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 0E84DFB0E2E733FCCC73389002186799
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

56
Requests

100 %
HTTPS

46 %
IPv6

8
Domains

14
Subdomains

13
IPs

4
Countries

1512 kB
Transfer

4939 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://c.live.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1615%26IR%3D1%26EX%3D0%26L.h%3D549%26L.sjs%3D641%26L.ttg%3D549%26C.st%3D1595841478643%26N.domIn%3D556%26N.dns%3D25%26N.tcp%3D19%26N.req%3D437%26N.resp%3D6%26N.navType%3D0%26N.redirectCount%3D0&r=0.02558488964883554 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1615%26IR%3D1%26EX%3D0%26L.h%3D549%26L.sjs%3D641%26L.ttg%3D549%26C.st%3D1595841478643%26N.domIn%3D556%26N.dns%3D25%26N.tcp%3D19%26N.req%3D437%26N.resp%3D6%26N.navType%3D0%26N.redirectCount%3D0&r=0.02558488964883554&CtsSyncId=12B605086679491ABC6BDD146053CD91&RedC=c.live.com&MXFR=1540CCA90EA9656F1DC7C3BD0AA96160 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1615%26IR%3D1%26EX%3D0%26L.h%3D549%26L.sjs%3D641%26L.ttg%3D549%26C.st%3D1595841478643%26N.domIn%3D556%26N.dns%3D25%26N.tcp%3D19%26N.req%3D437%26N.resp%3D6%26N.navType%3D0%26N.redirectCount%3D0&r=0.02558488964883554&CtsSyncId=12B605086679491ABC6BDD146053CD91&MUID=09F7FCC2D4966BEA02ADF3D6D5446A33

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 60 KB
21 KB 476ms
432ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

060adfe26ee70aaf84c2276a6f9a4f7ba8930cd3ad1ff5bf84ea47b6e5be1180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:giNK9A0y2Ig=:FsfzmTH7iEpHc130ZDGSGOvsvWJiV5MB/nxJdzVVY4E=:F; domain=.live.com; path=/ xid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&&RD00155D99BE59&251; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Mon, 27-Jul-2020 07:37:58 GMT; path=/ wla42=; domain=live.com; expires=Mon, 03-Aug-2020 09:17:59 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D99BE59
x-odwebserver: eastus0-odwebpl
x-msedge-ref: Ref A: 45A3795DDC194A1CB5F02CCF99139EEB Ref B: FRAEDGE1220 Ref C: 2020-07-27T09:17:58Z
date: Mon, 27 Jul 2020 09:17:58 GMT

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 40ms
7ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
status: 200
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134460
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 46ms
13ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
status: 200
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134253
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 123 KB
93 KB 54ms
21ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//wlx_fonts-c7993ded.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
status: 200
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5410A12E4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f3dbb10f-301e-011c-1ed8-eb8390000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18154334
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 94 KB
96 KB 137ms
108ms Document
text/html 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9d8261c22594ab29891dab9eeda5f59c0719e0fd8bf4c046f21c8b1d0dcc5b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: word-view.officeapps.live.com
:scheme: https
:path: /wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=P:giNK9A0y2Ig=:FsfzmTH7iEpHc130ZDGSGOvsvWJiV5MB/nxJdzVVY4E=:F; xid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&&RD00155D99BE59&251; xidseq=1; wla42=
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Tue, 27-Oct-2020 09:17:59 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure NL3-ARRAffinity=3cb153c71a1bdf97b45a84e3e4d1ba83d406f197c15c5657b98ea3b27b593c3a;Path=/;Domain=word-view.officeapps.live.com; samesite=none; secure
x-correlationid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: AoTHOv+cHi/y34eyB2/35xphaG6N96vWHsPsg6E+SP9G7F3NUM8Vh4zvgiOApd5vlWIbQzTfaBFhGWkg46ZqnwQAAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTYwMDc5Njk5NCwiaXNTdWJkb21haW4iOnRydWV9
x-officefe: AM4PEPF00004873
x-officeversion: 16.0.13120.41004
x-officecluster: NL3
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.blob.core.windows.net content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src * https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
x-officefd: AM4PEPF0000464B
date: Mon, 27 Jul 2020 09:17:58 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 8ms
8ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
status: 200
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134281
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 9ms
9ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
status: 200
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134298
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 8ms
8ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
status: 200
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134343
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 14ms
14ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
status: 200
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134319
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 15ms
15ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:17:59 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
status: 200
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18134341
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/hFD86A61BD505E070_resources/1033/ Frame 0E84 220 KB
40 KB 37ms
9ms Stylesheet
text/css 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hFD86A61BD505E070_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

fd86a61bd505e070238cbf63f1b05838b20c607726e1b06639fa9c96963f871d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"a5a4be4ebe5ed61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13114.41007
X-OfficeFE: AM4PEPF00004840
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity_control
Content-Length: 39920
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control
Last-Modified: Mon, 20 Jul 2020 17:50:51 GMT
X-OFFICEFD: AM4PEPF0000461F
X-MSEdge-Ref: Ref A: A2B4817CF4474FF08B8237EB37891F19 Ref B: AMS04EDGE0410 Ref C: 2020-07-20T17:50:51Z
X-UserSessionId: 03e91144-a1ad-44b3-ba43-c3f3b341ec45
Date: Mon, 27 Jul 2020 09:17:59 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 03e91144-a1ad-44b3-ba43-c3f3b341ec45
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/ Frame 0E84 105 KB
24 KB 38ms
10ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

85115acdc1b70c4a47daa1da31011b67bde417cbb718c5b3c73a914b82781bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "f84cddaad45bd61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13114.41007
X-OfficeFE: DB5PEPF0000418F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 23506
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Fri, 17 Jul 2020 00:53:21 GMT
X-OFFICEFD: DB5PEPF00004097
X-MSEdge-Ref: Ref A: 0EE2085BBD10475EA3A09B9908D9E534 Ref B: AMS04EDGE0420 Ref C: 2020-07-18T14:50:57Z
X-UserSessionId: 5ce96474-0bc7-406e-9a0c-5d6b090e40ff
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5ce96474-0bc7-406e-9a0c-5d6b090e40ff
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-officeapps-15.cdn.office.net/wv/s/hBBB78282A34BC47C_App_Scripts/1033/ Frame 0E84 83 KB
21 KB 37ms
11ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/hBBB78282A34BC47C_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

bbb78282a34bc47c682f59e19c6b6c6e19f76fad5350fae4f3888f363e09eb3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"2be2a8b6235ad61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13110.41003
X-OfficeFE: DB5PEPF0000418F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 20105
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 14 Jul 2020 21:14:08 GMT
X-OFFICEFD: DB5PEPF00004345
X-MSEdge-Ref: Ref A: 1B6C43305D404FD083301E73FFAE76BD Ref B: AMS04EDGE0810 Ref C: 2020-07-14T21:14:08Z
X-UserSessionId: e8e8abb8-5cb5-4023-a656-76d7633e209f
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e8e8abb8-5cb5-4023-a656-76d7633e209f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame 0E84 6 KB
2 KB 35ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "1d1c40d0ed5bd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13114.41007
X-OfficeFE: AM4PEPF0000486F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jcy=afd_excelslice
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_excelslice
Last-Modified: Fri, 17 Jul 2020 03:53:21 GMT
X-OFFICEFD: AM4PEPF00004627
X-MSEdge-Ref: Ref A: F6A7A2EE98334C6BAC9B9B76E22C054E Ref B: AM3EDGE0920 Ref C: 2020-07-19T19:01:40Z
X-UserSessionId: 61ac7a2f-daea-4ee4-a632-829c7cfbd02e
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 61ac7a2f-daea-4ee4-a632-829c7cfbd02e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h1479B52BACE821FC_App_Scripts/1033/ Frame 0E84 19 KB
4 KB 36ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h1479B52BACE821FC_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1479b52bace821fc604e7ded0f67b139808c4fe3fc21623c3cbe420e092ecc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "36bd98dec05bd61:0"
X-OFFICEFD: DB5PEPF0000409A
X-OfficeVersion: 16.0.13114.41007
X-OfficeFE: DB5PEPF0000415C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3310
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Thu, 16 Jul 2020 22:31:38 GMT
X-OfficeCluster: IE3
X-CCR: true
X-UserSessionId: f92abca7-9453-4a45-b5ad-4ee048f2d461
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f92abca7-9453-4a45-b5ad-4ee048f2d461
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewer.js Show response
c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/ Frame 0E84 1 MB
286 KB 34ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1003dd9c0b33e71537f686d86a63e5190dce0d4653f7770957f1e89b336133be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "41b29d88f5fd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF0000486E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 292203
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 18:44:58 GMT
X-OFFICEFD: AM4PEPF00004655
X-MSEdge-Ref: Ref A: 54BEB5900BC14EB09323F8DD2719EC7B Ref B: AM3EDGE0519 Ref C: 2020-07-21T19:44:17Z
X-UserSessionId: e41713ce-4ed3-45de-b5e1-63337292c524
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e41713ce-4ed3-45de-b5e1-63337292c524
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
242 B 17ms
16ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":1,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 85aa6bbe-b546-4f99-b6a6-3e3c601ddfa1
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:58 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
68 B 17ms
17ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":58,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/hFD86A61BD505E070_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: bcef58b6-b941-4499-b0f4-4cf34e4c6ca1
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:58 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 0E84 51 KB
51 KB 609ms
609ms Image
image/jpeg 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ&v=00000000-0000-0000-0000-000000000802&usid=01875a9d-9a55-4179-96d7-c459f5aa8c07&splashscreen=1&build=16.0.13120.41004&PdfMode=1&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b20dd8f151d76e48d53969ac8a3d7845599c530144185ad42bbba65b68b477ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 52140
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ00000000-0000-0000-0000-000000000802p1.img"
server: Microsoft-IIS/10.0
x-correlationid: d79a5211-d4d7-49cd-ab93-603650543095
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
timing-allow-origin: *
expires: Tue, 27 Jul 2021 09:18:00 GMT

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
93 B 19ms
19ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: f86355e3-f950-4f53-bb12-e527ba0ebebc
x-officecluster: NL3
x-usersessionid: f86355e3-f950-4f53-bb12-e527ba0ebebc
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
114 B 17ms
17ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 5142d0d3-fbce-4f1a-ae68-c462c912ee8e
x-officecluster: NL3
x-usersessionid: 5142d0d3-fbce-4f1a-ae68-c462c912ee8e
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
93 B 19ms
19ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: d42c104d-af74-431a-b74e-114eae70b719
x-officecluster: NL3
x-usersessionid: d42c104d-af74-431a-b74e-114eae70b719
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
93 B 19ms
19ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 7aa11183-953c-468e-b429-1e828edfe42d
x-officecluster: NL3
x-usersessionid: 7aa11183-953c-468e-b429-1e828edfe42d
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
68 B 18ms
18ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":351,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: dd9a79de-06b9-474a-bf87-eba27b4e040e
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H/1.1 200
OK segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/hFD86A61BD505E070_resources/1033/ Frame 0E84 22 KB
23 KB 9ms
9ms Font
font/x-woff 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hFD86A61BD505E070_resources/1033/segoeui.woff

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://c1-word-view-15.cdn.office.net/wv/s/hFD86A61BD505E070_resources/1033/WordViewer.css
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"dc77068225fd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF000053C6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015,1jcz=afd_onenoteslice_control
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_onenoteslice_control
Last-Modified: Tue, 21 Jul 2020 05:47:23 GMT
X-OFFICEFD: AM4PEPF00004652
X-MSEdge-Ref: Ref A: DFD55555DA1E4562AC6F2D0E1AE2450A Ref B: AM3EDGE0605 Ref C: 2020-07-21T05:47:23Z
X-UserSessionId: 0005993f-979a-4639-b1b8-03948b6cb123
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 0005993f-979a-4639-b1b8-03948b6cb123
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 356 B
598 B 87ms
86ms XHR
text/xml 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ&type=png&o15=1&ui=en-US&PdfMode=1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4c162eaddeca263bd8dc845fd58012728b8c63767df12b60bcc027e4f73ff6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
X-OfficeVersion: 16.0.13120.41004
X-Key: IEAfYEbIzjZJ58kjdxg/WPakpxzVR50eWqSZJ+UJ1U4=,637314382793098755
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 354
server: Microsoft-IIS/10.0
x-correlationid: 32d30090-ed6f-4b72-a6f5-39c0c3a2ae31
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *
expires: Tue, 27 Jul 2021 09:17:59 GMT

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/ Frame 0E84 40 KB
7 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"35954e3b8f5fd61:0"
X-OfficeCluster: IE3
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: DB5PEPF00004150
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 18:46:23 GMT
X-OFFICEFD: DB5PEPF000040AA
X-MSEdge-Ref: Ref A: C5A22AC7DCFC4B44A57424A82BCEFFC9 Ref B: AMS04EDGE0211 Ref C: 2020-07-21T18:46:23Z
X-UserSessionId: 84314a32-035e-4403-bd8d-897635b68fed
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 84314a32-035e-4403-bd8d-897635b68fed
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/wv/s/161312041004_resources/1033/ Frame 0E84 6 KB
7 KB 35ms
9ms Image
image/png 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_resources/1033/wapsw.png?b=1601312041004

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"3ad9beb65fd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF0000486E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 23:29:13 GMT
X-OFFICEFD: AM4PEPF00004644
X-MSEdge-Ref: Ref A: DEA4C85226684831AE678DC40A9995AF Ref B: AM3EDGE0709 Ref C: 2020-07-21T23:29:13Z
X-UserSessionId: 4e7f090b-9692-4961-b22f-469d822d9472
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 4e7f090b-9692-4961-b22f-469d822d9472
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/161312041004_resources/1033/ Frame 0E84 34 KB
35 KB 10ms
9ms Image
image/png 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161312041004_resources/1033/wv.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"fc18f19e905fd61:0"
X-OFFICEFD: AM4PEPF00004627
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF0000539B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 35196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 18:56:20 GMT
X-OfficeCluster: NL3
X-MSEdge-Ref: Ref A: 3B5FE976AC554DF886D5C0DB2338B0B8 Ref B: AM3EDGE0420 Ref C: 2020-07-21T18:56:20Z
X-UserSessionId: 17e64b0a-a6e2-4bc8-9e45-41f5d8c2bea5
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 17e64b0a-a6e2-4bc8-9e45-41f5d8c2bea5
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
126 B 17ms
17ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":576,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 71131140-4a6f-4e1a-81e2-415094426b43
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H/1.1 200
OK WordViewer.dll1.js Show response
c1-word-view-15.cdn.office.net/wv/s/161312041004_App_Scripts/ Frame 0E84 480 KB
101 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161312041004_App_Scripts/WordViewer.dll1.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cdfc0e55cc1d22765ff5ce4170b6b71499a59c4560816ca04d54743e5cc6f285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c7c2823b8f5fd61:0"
X-OfficeCluster: NL3
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF0000539D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 102724
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 18:46:23 GMT
X-OFFICEFD: AM4PEPF00004637
X-MSEdge-Ref: Ref A: 0038DEF8F3E64A0BAA532F6C8B2DDE2B Ref B: AMS04EDGE0907 Ref C: 2020-07-21T18:46:23Z
X-UserSessionId: 76b7abc4-eca6-4910-b288-b542362ccf03
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 76b7abc4-eca6-4910-b288-b542362ccf03
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/ Frame 0E84 412 KB
81 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f5bf3593cb078d92e8cae50677e23c41437d844507dfad54a5d1cbdeab6d4a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"356dd7a68e5fd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF000053A8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jcz=afd_onenoteslice_control
Content-Length: 82449
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_onenoteslice_control
Last-Modified: Tue, 21 Jul 2020 18:42:14 GMT
X-OFFICEFD: AM4PEPF0000461E
X-MSEdge-Ref: Ref A: 90B952828F56476FA3A4BF953C571C4F Ref B: AM3EDGE0417 Ref C: 2020-07-21T18:42:14Z
X-UserSessionId: 93259397-742d-4124-9700-4ece9e228cd1
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 93259397-742d-4124-9700-4ece9e228cd1
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/wv/s/161312041004_resources/1033/ Frame 0E84 695 B
2 KB 9ms
9ms Image
image/gif 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_resources/1033/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"46ef9a9f905fd61:0"
X-OFFICEFD: AM4PEPF00004650
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF000053AE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity_control
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control
Last-Modified: Tue, 21 Jul 2020 18:56:21 GMT
X-OfficeCluster: NL3
X-MSEdge-Ref: Ref A: 211A4E181B8747F280D5F4F83604F385 Ref B: AMS04EDGE0515 Ref C: 2020-07-21T18:56:21Z
X-UserSessionId: 330a3b4d-6c55-4baf-ad08-6c18b8639e22
Date: Mon, 27 Jul 2020 09:17:59 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 330a3b4d-6c55-4baf-ad08-6c18b8639e22
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 0E84 51 KB
51 KB 283ms
283ms Image
image/jpeg 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=01875a9d-9a55-4179-96d7-c459f5aa8c07&build=16.0.13120.41004&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ&waccluster=NL3&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b20dd8f151d76e48d53969ac8a3d7845599c530144185ad42bbba65b68b477ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 52140
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ00000000-0000-0000-0000-000000000802p1.img"
server: Microsoft-IIS/10.0
x-correlationid: e924d456-fd85-42cf-b329-a4b675a400fe
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
timing-allow-origin: *
expires: Tue, 27 Jul 2021 09:18:00 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 2 KB
1 KB 297ms
297ms XHR
text/xml 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=01875a9d-9a55-4179-96d7-c459f5aa8c07&build=16.0.13120.41004&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ&waccluster=NL3&PdfMode=1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1d922e7320fe1ea5f6d3c626b72bb9ce120a5a5386146838c2c8672f4e4599f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
X-OfficeVersion: 16.0.13120.41004
X-Key: IEAfYEbIzjZJ58kjdxg/WPakpxzVR50eWqSZJ+UJ1U4=,637314382793098755
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 938
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
server: Microsoft-IIS/10.0
x-correlationid: 92b9dab0-f40f-493c-9ffb-9656c4e9827d
x-officecluster: NL3
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *
expires: Tue, 27 Jul 2021 09:18:00 GMT

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 0E84 42 KB
16 KB 51ms
8ms Script
application/javascript 104.111.233.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.233.232 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-232.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Date: Mon, 27 Jul 2020 09:18:00 GMT
X-MSNServer: RD0003FF241969
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=53459, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H/1.1 200
OK officebrowserfeedback.css
c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/ Frame 0E84 17 KB
3 KB 10ms
10ms Stylesheet
text/css 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8d87b42098ad09798e268dc212d5679b0b9bf0414b33246f78364eaec0eef9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"2eee829d8f5fd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF00004874
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 2585
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 18:49:08 GMT
X-OFFICEFD: AM4PEPF00004645
X-MSEdge-Ref: Ref A: 4A501795A943459DAA1ADC8C95B52D8B Ref B: AMS04EDGE0710 Ref C: 2020-07-21T18:49:08Z
X-UserSessionId: 67bbaa01-9d7e-4d3a-8482-e7d6f2ae65cf
Date: Mon, 27 Jul 2020 09:18:00 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 67bbaa01-9d7e-4d3a-8482-e7d6f2ae65cf
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedbackstrings.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/Intl/en/ Frame 0E84 5 KB
2 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4fc9f94a11aa5b233c884d4fac3640e30bb34c61a732588c413d604b0cc9d42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a17d1453975fd61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: AM4PEPF00004874
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1206
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 19:44:19 GMT
X-OFFICEFD: AM4PEPF0000464A
X-MSEdge-Ref: Ref A: E3B86B384BE245B2BF79DDEB56915966 Ref B: AMS04EDGE0914 Ref C: 2020-07-21T19:44:19Z
X-UserSessionId: f34e2ee5-a28c-4ca6-9725-7e6a6ee0db49
Date: Mon, 27 Jul 2020 09:18:00 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f34e2ee5-a28c-4ca6-9725-7e6a6ee0db49
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 CampaignMetadataAggregator Show response
messaging.office.com/lifecycle/ Frame 0E84 13 KB
3 KB 149ms
149ms Fetch
application/json 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.13120.41004&campaignParams=hasStorage%3Dtrue%26pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26AppHostName%3DOneDriveWOPI%26AppMode%3DPDF-EMBED_VIEW%26Datacenter%3DNL3%26UpsellMode%3DShowNothing%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3BFloodgateFlight3Treatment%3BFloodgateFlight5Treatment%3BFloodgateFlight8Treatment%3BFloodgateFlight9Treatment%3BFloodgateFlight10Control%26&contentType=CampaignContent&puid=&OFC_FLIGHTS=wac-floodgateflight3-treatment%3Bwac-floodgateflight5-treatment%3Bwac-floodgateflight8-treatment%3Bwac-floodgateflight9-treatment%3Bwac-floodgateflight10-control%3B

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

878ec9c29deded3f0db4d064793cc66de54fe585300d84bb3062645804eb02be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 8256ef77-144e-4c46-b1bc-f0dedbd2605c
x-usersessionid: ae2b7169-90d2-4c77-48bc-0618c707a089
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: weu-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-powered-by: ASP.NET
x-officefe: OmexMessagingStorefront_IN_13
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
vary: Accept-Encoding
content-length: 2586
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: 692e2382-0f45-4838-9564-1da75e87dd14
server
x-usersessionid: ae2b7169-90d2-4c77-48bc-0618c707a089
date: Mon, 27 Jul 2020 09:18:00 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private, no-store
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_13
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
x-officeversion: 20.4.10623.11825

GET
H2 200 dime.js Show response
content.lifecycle.office.net/dime/v1/ Frame 0E84 153 KB
49 KB 49ms
7ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://content.lifecycle.office.net/dime/v1/dime.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8A) /
Resource Hash: 75e3520f552f3e921be58265f1ffe4ff1321e94d9dcbb2525d3c376c0f9ec0a8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:18:00 GMT
content-encoding: gzip
content-md5: QAh9nWjPU5R3sGH3hN7xsg==
age: 1885
x-cache: HIT
status: 200
content-length: 49831
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jul 2020 21:22:40 GMT
server: ECAcc (frc/8F8A)
etag: 0x8D82DBC331EDD31
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: c8e383e1-401e-0054-16f2-631ca3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=3600
x-ms-version: 2009-09-19
expires: Mon, 27 Jul 2020 10:18:00 GMT

GET
H2 200 1.0.0.0 Show response
config.edge.skype.com/config/v1/Dime/ Frame 0E84 1 KB
797 B 148ms
128ms Fetch
application/json 2620:1ec:21::23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://config.edge.skype.com/config/v1/Dime/1.0.0.0?PartnerId=OfficeOnlineWord&Version=1.6.0.5208985&ClientId=658b9662-44e2-4b70-9cca-25fe685825c8&Browser=other

Requested by

Host: content.lifecycle.office.net
URL: https://content.lifecycle.office.net/dime/v1/dime.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::23 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d0cd74d985b7576bd8fe44b17cb48ff618f98fb6cb44c73a9e074efdf90ea766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 011E07F67C644D1889B5B37261629571 Ref B: FRAEDGE1420 Ref C: 2020-07-27T09:18:00Z
status: 200
etag: "PeeWrk7U+eGUcrfdWTlQpOsThsmmgVRFgjTGpiNWMkc="
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: ETag, Date
cache-control: no-cache,max-age=3600
date: Mon, 27 Jul 2020 09:17:59 GMT
content-length: 430
expires: Mon, 27 Jul 2020 10:18:00 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
68 B 16ms
16ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":892,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 7d6610a2-1983-41cf-b0eb-7f552d5b19ed
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://onedrive.live.com

Response headers

Content-Type: font/woff;charset=utf-8

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
140 B 17ms
17ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr_L19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm-LJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM-Oi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
X-OfficeVersion: 16.0.13120.41004
X-Key: IEAfYEbIzjZJ58kjdxg/WPakpxzVR50eWqSZJ+UJ1U4=,637314382793098755
X-bULS-SuppressionETag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1597655879036
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
x-buls-suppressionetag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 67cb0d64-62b2-4b37-99bf-1b9002b8e14a
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
301 B

29ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1615%26IR%3D1%26EX%3D0%26L.h%3D549%26L.sjs%3D641%26L.ttg%3D549%26C.st%3D1595841478643%26N.domIn%3D556%26N.dns%3D25%26N.tcp%3D19%26N.req%3D437%26N.resp%3D6%26N.navType%3D0%26N.redirectCount%3D0&r=0.02558488964883554&CtsSyncId=12B605086679491ABC6BDD146053CD91&MUID=09F7FCC2D4966BEA02ADF3D6D5446A33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 09:17:59 GMT
etag: "9b2fd78e4b1ed61:0"
last-modified: Wed, 29 Apr 2020 17:28:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 200
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 27 Jul 2020 09:17:59 GMT
x-msedge-ref: Ref A: 63EA7C2EE7BD4C14A2BF9D06B1F87BFA Ref B: FRAEDGE1211 Ref C: 2020-07-27T09:18:00Z
x-powered-by: ASP.NET
status: 302
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=ad9c28cf-8782-4ccc-bdc7-d9d649679249&reqid=00161c7611d&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99BE59%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1615%26IR%3D1%26EX%3D0%26L.h%3D549%26L.sjs%3D641%26L.ttg%3D549%26C.st%3D1595841478643%26N.domIn%3D556%26N.dns%3D25%26N.tcp%3D19%26N.req%3D437%26N.resp%3D6%26N.navType%3D0%26N.redirectCount%3D0&r=0.02558488964883554&CtsSyncId=12B605086679491ABC6BDD146053CD91&MUID=09F7FCC2D4966BEA02ADF3D6D5446A33
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK otelFull.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161312041004_App_Scripts/ Frame 0E84 173 KB
40 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161312041004_App_Scripts/otelFull.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

d0b3b75305a9b6be429ef4162615461d3d072cb8cbf410159bf3c87aad3a6259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a2be3b8f5fd61:0"
X-OfficeCluster: IE3
X-OfficeVersion: 16.0.13117.41003
X-OfficeFE: DB5PEPF00004166
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 39614
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 21 Jul 2020 18:46:24 GMT
X-OFFICEFD: DB5PEPF0000409C
X-MSEdge-Ref: Ref A: 83C166C14824482F8FB83F4273892C6F Ref B: AMS04EDGE0907 Ref C: 2020-07-21T18:46:24Z
X-UserSessionId: 44e628bc-bf46-4779-9851-211b9536b298
Date: Mon, 27 Jul 2020 09:18:00 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 44e628bc-bf46-4779-9851-211b9536b298
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
127 B 18ms
18ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h1003DD9C0B33E715_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 524db5c3-d2b3-4207-bf7a-7a1c48fca63e
x-officecluster: NL3
x-usersessionid: 524db5c3-d2b3-4207-bf7a-7a1c48fca63e
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.pipe.aria.microsoft.com/ Frame 0E84 4 B
333 B 383ms
94ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/ping
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161312041004_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 09:18:00 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 officewebsurfaces.core.min.js Show response
contentstorage.osi.office.net/dynamiccanvas/programmablesurfaces/prod/ Frame 0E84 115 KB
34 KB 297ms
173ms Script
application/x-javascript 23.10.69.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://contentstorage.osi.office.net/dynamiccanvas/programmablesurfaces/prod/officewebsurfaces.core.min.js
Requested by: Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.10.69.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-69-19.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ec90d1e68e000935b723d468f4e4a67470d6d9d3a729bf9743ddaabfd409da03

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 09:18:00 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 17:53:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: AnwReELQbOHZRX5DYwxZsg==
etag: 0x8D8019DA938EB0E
vary: Origin, Accept-Encoding
content-type: application/x-javascript
status: 200
x-ms-request-id: b5a08a73-301e-00db-46f6-637304000000
access-control-allow-credentials: true
x-ms-version: 2009-09-19
content-length: 33950

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 0
209 B 18ms
17ms XHR
text/plain 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13120.41004&waccluster=NL3

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr_L19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm-LJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM-Oi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
X-OfficeVersion: 16.0.13120.41004
X-Key: IEAfYEbIzjZJ58kjdxg/WPakpxzVR50eWqSZJ+UJ1U4=,637314382793098755
X-bULS-SuppressionETag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1597655879036
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
x-buls-suppressionetag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
content-disposition: attachment
content-length: 0
server: Microsoft-IIS/10.0
x-correlationid: 4257cdc7-8f9c-4319-924b-7b6ab57a201c
x-officefd: AM4PEPF0000464B
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:17:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0E84 1 KB
1 KB 18ms
18ms XHR
text/html 2a01:111:f100:9001::1761:9470
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&access_token=4wFI1pRzzIG807EP8Hu8PZ3jkMlLEyCKjf0FxiLr%5FL19zIObXo14KLjXtDdZTkcbfUiEN634NN9ULQKGm%2DLJydHXx3AyIyXAGOFLC22XtctEqTcrp9jM%2DOi3LVU2yPDibCa2ixcKpW46TZDyiFMpcwlg&access_token_ttl=1597655879036&z=aMTNGN0U4OUMyMzU0NTFDNiEzOTUuNQ&uilang=en-US

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/h85115ACDC1B70C4A_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:111:f100:9001::1761:9470 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

eb4a7f026a1b5bdf51fe6f4d6079982354ff51b63e62ed77a75ce088b5cd8664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 01875a9d-9a55-4179-96d7-c459f5aa8c07
X-OfficeVersion: 16.0.13120.41004
X-Key: IEAfYEbIzjZJ58kjdxg/WPakpxzVR50eWqSZJ+UJ1U4=,637314382793098755
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=BMGowRs+SUK+jC5DKltnVQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F13F7E89C235451C6%21395&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF0000464B
x-officeversion: 16.0.13120.41004
x-officefe: AM4PEPF00004873
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-length: 999
server: Microsoft-IIS/10.0
pragma: no-cache
x-correlationid: a86df51d-df5d-4326-948d-28015a710c0c
x-officecluster: NL3
x-usersessionid: 01875a9d-9a55-4179-96d7-c459f5aa8c07
date: Mon, 27 Jul 2020 09:18:00 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 0E84 0
396 B 96ms
95ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161312041004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 09:18:01 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 41
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0E84 112 B
931 B 447ms
156ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.3.4&apikey=70ed233fa6a34865898dfc05cb334775-d0c23781-8b3d-4ae5-a58e-c62c606659a4-7051&upload-time=1595841482177&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by: Host: content.lifecycle.office.net
URL: https://content.lifecycle.office.net/dime/v1/dime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 43dedf295cb9bffddd6ce6e63c2ba88cc23cd56b5a0c1ff7574a16cf737a697d

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 27 Jul 2020 09:18:02 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 393
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 112

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 0E84 0
396 B 184ms
183ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.6&x-apikey=e064ef4d9cdb454d9eddb2f7f7a94c83-89a6d9df-7218-4efd-bcd4-16ea059deea2-7672,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045,79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407&client-time-epoch-millis=1595841482315&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161312041004_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 09:18:02 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 46
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 0E84 0
396 B 113ms
113ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.6&x-apikey=cf7a002ba9374401bace61695550f784-d6d47427-ea71-43a3-ac3d-e25a6b4df199-6870&client-time-epoch-millis=1595841482670&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: contentstorage.osi.office.net
URL: https://contentstorage.osi.office.net/dynamiccanvas/programmablesurfaces/prod/officewebsurfaces.core.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 09:18:02 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 49
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 Plt.mvc
onedrive.live.com/Handlers/ 42 B
518 B 114ms
113ms Image
image/gif 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 9599BFA3F039415A997E71B4DABC875B Ref B: FRAEDGE1220 Ref C: 2020-07-27T09:18:05Z
x-odwebserver: eastus0-odwebpl
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: private, max-age=31536000
date: Mon, 27 Jul 2020 09:18:05 GMT
x-msnserver: RD00155D995AF6
expires: Tue, 27 Jul 2021 09:18:05 GMT

POST
H2 404 log Show response
onedrive.live.com/ 77 KB
77 KB 121ms
120ms XHR
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/log

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4ea9508966df73327dec26aa7b1f1a4965964686a8aa81783fa1a878eb63539e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=13F7E89C235451C6&resid=13F7E89C235451C6%21395&authkey=AAZMQ9QvL60UfLc&em=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: RD00155D995E94
x-content-type-options: nosniff
x-msedge-ref: Ref A: 4BF5F1DED05F4E66B0895C222CFB2E0C Ref B: FRAEDGE1220 Ref C: 2020-07-27T09:18:09Z
x-odwebserver: eastus0-odwebpl
content-type: text/html; charset=utf-8
status: 404
cache-control: no-cache, no-store
date: Mon, 27 Jul 2020 09:18:09 GMT
content-length: 78504
expires: -1

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: NL3-ARRAffinity Value: 3cb153c71a1bdf97b45a84e3e4d1ba83d406f197c15c5657b98ea3b27b593c3a
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
word-view.officeapps.live.com/	1970-01-19 13:29:50	Name: DcLcid Value: ui=1033&data=1033
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-19 11:27:26	Name: wla42 Value:
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1969-12-31 23:59:59	Name: xid Value: ad9c28cf-8782-4ccc-bdc7-d9d649679249&&RD00155D99BE59&251
.live.com/	1969-12-31 23:59:59	Name: E Value: P:giNK9A0y2Ig=:FsfzmTH7iEpHc130ZDGSGOvsvWJiV5MB/nxJdzVVY4E=:F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-officeapps-15.cdn.office.net
c1-word-view-15.cdn.office.net
config.edge.skype.com
content.lifecycle.office.net
contentstorage.osi.office.net
js.live.net
messaging.office.com
onedrive.live.com
spoprod-a.akamaihd.net
word-view.officeapps.live.com
104.111.233.232
13.107.42.13
168.62.57.154
2.16.186.40
23.10.69.19
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:21::23
2620:1ec:c11::200
2a01:111:f100:9001::1761:9470
2a02:26f0:10c:386::4b36
2a02:26f0:10c:39e::4b36
52.109.88.96
52.142.114.2
060adfe26ee70aaf84c2276a6f9a4f7ba8930cd3ad1ff5bf84ea47b6e5be1180
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
1003dd9c0b33e71537f686d86a63e5190dce0d4653f7770957f1e89b336133be
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1479b52bace821fc604e7ded0f67b139808c4fe3fc21623c3cbe420e092ecc0e
1d922e7320fe1ea5f6d3c626b72bb9ce120a5a5386146838c2c8672f4e4599f2
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
43dedf295cb9bffddd6ce6e63c2ba88cc23cd56b5a0c1ff7574a16cf737a697d
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
4c162eaddeca263bd8dc845fd58012728b8c63767df12b60bcc027e4f73ff6cb
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4ea9508966df73327dec26aa7b1f1a4965964686a8aa81783fa1a878eb63539e
4fc9f94a11aa5b233c884d4fac3640e30bb34c61a732588c413d604b0cc9d42a
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75e3520f552f3e921be58265f1ffe4ff1321e94d9dcbb2525d3c376c0f9ec0a8
85115acdc1b70c4a47daa1da31011b67bde417cbb718c5b3c73a914b82781bfd
878ec9c29deded3f0db4d064793cc66de54fe585300d84bb3062645804eb02be
8d87b42098ad09798e268dc212d5679b0b9bf0414b33246f78364eaec0eef9d4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d8261c22594ab29891dab9eeda5f59c0719e0fd8bf4c046f21c8b1d0dcc5b03
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b20dd8f151d76e48d53969ac8a3d7845599c530144185ad42bbba65b68b477ec
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bbb78282a34bc47c682f59e19c6b6c6e19f76fad5350fae4f3888f363e09eb3d
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cdfc0e55cc1d22765ff5ce4170b6b71499a59c4560816ca04d54743e5cc6f285
d0b3b75305a9b6be429ef4162615461d3d072cb8cbf410159bf3c87aad3a6259
d0cd74d985b7576bd8fe44b17cb48ff618f98fb6cb44c73a9e074efdf90ea766
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4a7f026a1b5bdf51fe6f4d6079982354ff51b63e62ed77a75ce088b5cd8664
ec90d1e68e000935b723d468f4e4a67470d6d9d3a729bf9743ddaabfd409da03
f5bf3593cb078d92e8cae50677e23c41437d844507dfad54a5d1cbdeab6d4a23
fd86a61bd505e070238cbf63f1b05838b20c607726e1b06639fa9c96963f871d

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

56 Requests

100 %HTTPS

46 %IPv6

8 Domains

14 Subdomains

13 IPs

4 Countries

1512 kBTransfer

4939 kBSize

8 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

46 %
IPv6

8
Domains

14
Subdomains

13
IPs

4
Countries

1512 kB
Transfer

4939 kB
Size

8
Cookies

56 HTTP transactions
1 data transactions