login.live.com Open in urlscan Pro
40.126.24.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cutt.us/CS-GO-ExtrimHack
Effective URL:
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2...
Submission: On January 30 via manual (January 30th 2023, 3:39:47 pm UTC) from TR — Scanned from US

Summary HTTP 62 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 10 domains to perform 62 HTTP transactions. The main IP is 40.126.24.148, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.live.com. The Cisco Umbrella rank of the primary domain is 93.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 2nd 2023. Valid for: a year.

This is the only time login.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	69.61.26.122 69.61.26.122	141518 (SUBHOST-A...) (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd)
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.24.148 40.126.24.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
8	192.229.211.199 192.229.211.199	15133 (EDGECAST) (EDGECAST)
9	2600:141b:500... 2600:141b:5000::17df:9d89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:141b:900... 2600:141b:9000:796::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:141b:900... 2600:141b:9000:7a5::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2600:141b:900... 2600:141b:9000:79f::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:141b:900... 2600:141b:9000:691::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
62	17

2 69.61.26.122 (Atlanta, United States) 1 redirects

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)

cutt.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.13 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.24.148 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.211.199 (United States)

ASN15133 (EDGECAST, US)

logincdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:141b:5000::17df:9d89 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

modernb.akamai.odsp.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:141b:9000:796::4b36 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1-powerpoint-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1-onenote-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:9000:7a5::4b36 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:141b:9000:79f::1c24 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:141b:9000:691::1c24 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c2-word-edit-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	office.net modernb.akamai.odsp.cdn.office.net — Cisco Umbrella Rank: 15689 c1-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4413 c1-officeapps-15.cdn.office.net — Cisco Umbrella Rank: 19034 c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4763 c2-word-edit-15.cdn.office.net — Cisco Umbrella Rank: 55656 c2-officeapps-15.cdn.office.net — Cisco Umbrella Rank: 152020 c1h-excel-15.cdn.office.net — Cisco Umbrella Rank: 2597 c1-powerpoint-15.cdn.office.net c1-onenote-15.cdn.office.net	779 KB
8	msauth.net logincdn.msauth.net — Cisco Umbrella Rank: 3646	203 KB
7	googlesyndication.com 877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	40 KB
3	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 1810 login.live.com — Cisco Umbrella Rank: 93	15 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	132 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	cutt.us 1 redirects cutt.us — Cisco Umbrella Rank: 519781	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	27 KB
62	10

	Domain	Requested by
9	modernb.akamai.odsp.cdn.office.net	onedrive.live.com
8	logincdn.msauth.net	login.live.com logincdn.msauth.net
6	c2-word-edit-15.cdn.office.net	onedrive.live.com
5	c1h-excel-15.cdn.office.net	onedrive.live.com
4	c1h-word-view-15.cdn.office.net	onedrive.live.com
3	c1-onenote-15.cdn.office.net	onedrive.live.com
3	c1-officeapps-15.cdn.office.net	onedrive.live.com
3	c1-word-view-15.cdn.office.net	onedrive.live.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	onedrive.live.com	1 redirects logincdn.msauth.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cutt.us	1 redirects
1	c1-powerpoint-15.cdn.office.net	onedrive.live.com
1	c2-officeapps-15.cdn.office.net	onedrive.live.com
1	www.google.com	tpc.googlesyndication.com
1	login.live.com	cutt.us
1	877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	cutt.us
1	www.googletagservices.com	cutt.us
62	22

This site contains links to these domains. Also see Links.

Domain
signup.live.com

Subject Issuer	Validity	Valid
www.cutt.us R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-01-02` - `2024-01-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2022-08-23` - `2023-08-18`	a year	crt.sh
onedrive.com Microsoft Azure TLS Issuing CA 05	`2022-11-09` - `2023-11-04`	a year	crt.sh
wildcard.akamai.odsp.cdn.office.net DigiCert SHA2 Secure Server CA	`2022-07-29` - `2023-07-29`	a year	crt.sh
*.cdn.office.net Microsoft Azure TLS Issuing CA 06	`2023-01-11` - `2024-01-06`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky
Frame ID: C94DA9E5773877BBB98B9D66ED225B4C
Requests: 20 HTTP requests in this frame

Frame: https://877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A69A74F178393F73835F8BED72EB1B77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 109398FE22FFD0002EB5A1CC8584B619
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8770190EFC99713D4AA78B13FAC0AAB3
Requests: 2 HTTP requests in this frame

Frame: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Frame ID: F3D4FEAE05C069A04690A839061B6EC1
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OneDrive

Page URL History Show full URLs

http://cutt.us/CS-GO-ExtrimHack HTTP 301
https://cutt.us/CS-GO-ExtrimHack Page URL
https://onedrive.live.com/download?cid=2F463858259B227D&resid=2F463858259B227D%21119&authkey=ABGVEDNX9... HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SH... Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

62
Requests

100 %
HTTPS

76 %
IPv6

10
Domains

22
Subdomains

17
IPs

1
Countries

1262 kB
Transfer

1473 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.live.com/?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&id=250206&cbcxt=sky&cbcxt=sky&contextid=50F30A3A06955F65&bk=1675093184&uiflavor=web&lic=1&mkt=EN-US&lc=1033&uaid=7f7e1e10e3194c7880faded0a2760201
Title: Create one!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cutt.us/CS-GO-ExtrimHack HTTP 301
https://cutt.us/CS-GO-ExtrimHack Page URL
https://onedrive.live.com/download?cid=2F463858259B227D&resid=2F463858259B227D%21119&authkey=ABGVEDNX9ToriaQ HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cutt.us/CS-GO-ExtrimHack HTTP 301
https://cutt.us/CS-GO-ExtrimHack

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

CS-GO-ExtrimHack Show response
cutt.us/
Redirect Chain

http://cutt.us/CS-GO-ExtrimHack
https://cutt.us/CS-GO-ExtrimHack

3 KB
2 KB

212ms
58ms

Document
text/html

69.61.26.122
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to

Full URL

https://cutt.us/CS-GO-ExtrimHack

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.61.26.122 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),

Reverse DNS

Software

Hotcores.com /

Resource Hash

e99aa81183b89b4902e236a41004be04ff6a2fe9b04933862f1eecc3b72f2255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Date: Mon, 30 Jan 2023 15:35:08 GMT
I-AM: Beta
Pragma: no-cache
Server: Hotcores.com
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 30 Jan 2023 15:35:08 GMT
Location: https://cutt.us/CS-GO-ExtrimHack
Server: Hotcores.com

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 231ms
88ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cutt.us
URL: https://cutt.us/CS-GO-ExtrimHack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad2021e6836411640f0d73db550b69c263f606cd10ce0a567aa6502a13ce07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27590
x-xss-protection: 0
server: sffe
etag: "1467 / 317 of 1000 / last-modified: 1675080581"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 Jan 2023 15:39:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 229ms
88ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Requested by

Host: cutt.us
URL: https://cutt.us/CS-GO-ExtrimHack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e85f3252a1d1b9ce48cf0f402f37b227eb16b05254bdbda3aa24151cec6f611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44010
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 15:39:42 GMT

GET
H2 200 pubads_impl_2023012301.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
131 KB 214ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071978

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133281
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 09:36:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Jan 2024 21:53:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 29 B
574 B 231ms
84ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0
expires: Mon, 30 Jan 2023 15:39:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 203ms
64ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 14:07:54 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5508
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 16:07:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 78ms
78ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1363583302&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FCS-GO-ExtrimHack&ul=en-us&de=UTF-8&dt=CS-GO-ExtrimHack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1931802671&gjid=1197292490&cid=1183667149.1675093183&tid=UA-31510493-1&_gid=881364389.1675093183&_r=1&_slc=1&gtm=2ou1p0&z=368943893

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutt.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 15:39:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutt.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 225ms
85ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutt.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 665 B
847 B 106ms
105ms XHR
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444932289848137&correlator=3857742762339072&eid=31071832%2C31071978%2C31071326&output=ldjh&gdfp_req=1&vrg=2023012301&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=1933368604&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675093183085&lmt=1675093183&dlt=1675093182339&idt=715&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutt.us%2FCS-GO-ExtrimHack&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1183667149.1675093183&ga_sid=1675093183&ga_hid=1363583302&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63882d2adf8fa2dcacb61d061b35987aecf029a429a118b7616d0ccd2f52b3ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutt.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A69A 6 KB
3 KB 264ms
78ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 15:39:43 GMT
expires: Tue, 30 Jan 2024 15:39:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

Primary Request login.srf Show response
login.live.com/
Redirect Chain

https://onedrive.live.com/download?cid=2F463858259B227D&resid=2F463858259B227D%21119&authkey=ABGVEDNX9ToriaQ
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F46385825...

28 KB
13 KB

343ms
84ms

Document
text/html

40.126.24.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky

Requested by

Host: cutt.us
URL: https://cutt.us/CS-GO-ExtrimHack

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.24.148 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27c7015ca20ecd1f545a18beb17e53000037aa8abf4dd60bcd5f5c944d37d393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutt.us/CS-GO-ExtrimHack
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Content-Encoding: gzip
Content-Length: 10791
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Jan 2023 15:39:44 GMT
Expires: Mon, 30 Jan 2023 15:38:44 GMT
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02PFB583BFB41 V: 0
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
x-ms-request-id: ca2dcde5-6f33-483e-becc-c4ced2206029
x-ms-route-info: R3_BL2

Redirect headers

cache-control: no-cache, no-store
content-length: 0
content-type: text/html
date: Mon, 30 Jan 2023 15:39:44 GMT
expires: -1
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky
pragma: no-cache
strict-transport-security: max-age=31536000
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: B3B3C1F1BDE44BAE9DA35B05B7FDAC60 Ref B: MIAEDGE1716 Ref C: 2023-01-30T15:39:43Z
x-msnserver: RD00155D3F53AD
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 240ms
95ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11226
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 244ms
97ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 15:39:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1093 13 KB
5 KB 66ms
65ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 51876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 01:15:07 GMT
expires: Tue, 30 Jan 2024 01:15:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 8770 783 B
1 KB 223ms
86ms Document
text/html 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PQqToB4lFgbyiScPxGkoEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutt.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-PQqToB4lFgbyiScPxGkoEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 15:39:44 GMT
expires: Mon, 30 Jan 2023 15:39:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qJHh-aUWlcs1sYgB_nvEplbJ1uLycgbr3tEtSMk_R_c.js
pagead2.googlesyndication.com/bg/ Frame 1093 36 KB
14 KB 193ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qJHh-aUWlcs1sYgB_nvEplbJ1uLycgbr3tEtSMk_R_c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 20:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 587400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jan 2024 20:29:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8770 0
0 122ms
122ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012301&jk=444932289848137&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1093 0
10 B 66ms
65ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_FaVBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 Converged_v21033_rgar1csHGvkg9KmRssrhFQ2.css
logincdn.msauth.net/16.000/ 108 KB
20 KB 224ms
36ms Stylesheet
text/css 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net/16.000/Converged_v21033_rgar1csHGvkg9KmRssrhFQ2.css
Requested by: Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9BB5) /
Resource Hash: c349d716f6d8401c8befe008df511ed44505d081124effcb9637212a488f564c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:44 GMT
content-encoding: gzip
content-md5: mBZrMCleIClhGaQElaJg5g==
age: 1700840
x-cache: HIT
content-length: 20144
x-ms-lease-status: unlocked
last-modified: Sat, 10 Dec 2022 06:18:50 GMT
server: ECAcc (mic/9BB5)
etag: 0x8DADA76674B9EA0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8a65619a-101e-0007-1d48-25c649000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLoginPaginatedStrings.en_ZjCeeb6D_CjtdtMsifjFDw2.js Show response
logincdn.msauth.net/16.000/content/js/ 35 KB
10 KB 138ms
37ms Script
application/x-javascript 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net/16.000/content/js/ConvergedLoginPaginatedStrings.en_ZjCeeb6D_CjtdtMsifjFDw2.js
Requested by: Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9A90) /
Resource Hash: 8278082738b9a34e0216cdb55e35f943d5dc9e0c0ec95ca04f605446d8e6b333

Request headers

Referer: https://login.live.com/
Origin: https://login.live.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: s7NoJHSXfsI9IE3TkO7WyA==
age: 1700841
x-cache: HIT
content-length: 9408
x-ms-lease-status: unlocked
last-modified: Tue, 20 Dec 2022 06:23:57 GMT
server: ECAcc (mic/9A90)
etag: 0x8DAE252C6ED3976
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 80a905e4-f01e-0033-2549-25ec9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_ZB5BRrg__nEkvpa872G1vw2.js Show response
logincdn.msauth.net/shared/1.0/content/js/ 386 KB
109 KB 36ms
36ms Script
application/x-javascript 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZB5BRrg__nEkvpa872G1vw2.js
Requested by: Host: login.live.com
URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675093184&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D2F463858259B227D%26resid%3D2F463858259B227D%2521119%26authkey%3DABGVEDNX9ToriaQ&lc=1033&id=250206&cbcxt=sky&cbcxt=sky
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9B36) /
Resource Hash: 34a17ff70e652e2df556f52b86d2202b9cad3a932189442f15c13a353e939367

Request headers

Referer: https://login.live.com/
Origin: https://login.live.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: dCbe5LD3np9RffbddFByRw==
age: 1701930
x-cache: HIT
content-length: 111383
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 22:52:40 GMT
server: ECAcc (mic/9B36)
etag: 0x8DADFB83C35C9BB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0498003b-f01e-009e-3946-255806000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 oneDs_641b1cf809bdc17b42ab.js Show response
logincdn.msauth.net/shared/1.0/content/js/ 186 KB
60 KB 34ms
34ms Script
application/x-javascript 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Requested by: Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZB5BRrg__nEkvpa872G1vw2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9B55) /
Resource Hash: 9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: Rajh8JKNmzx4FHNJDjlS4A==
age: 6889308
x-cache: HIT
content-length: 61054
x-ms-lease-status: unlocked
last-modified: Thu, 27 Oct 2022 14:32:39 GMT
server: ECAcc (mic/9B55)
etag: 0x8DAB82819B35153
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 85c10c28-a01e-001a-0418-f64bef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 preload Show response
onedrive.live.com/ Frame F3D4 6 KB
1 KB 87ms
87ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Requested by

Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZB5BRrg__nEkvpa872G1vw2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c270160e073902c403121ceaadc3d87691180a57d85ccc2bf9ce559ab7d9342e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=14400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 15:39:45 GMT
expires: Mon, 30 Jan 2023 19:39:45 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 63A7926AAA854CD0A107D893CC2675B4 Ref B: MIAEDGE1716 Ref C: 2023-01-30T15:39:45Z
x-msnserver: RD00155D74BC99
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msauth.net/shared/1.0/content/images/backgrounds/ 2 KB
892 B 34ms
34ms Image
image/svg+xml 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9B9A) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 15298281
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:42 GMT
server: ECAcc (mic/9B9A)
etag: 0x8D7B00724D9E930
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 490a9e8f-401e-0083-3f9d-a9d5a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
logincdn.msauth.net/shared/1.0/content/images/ 4 KB
2 KB 37ms
36ms Image
image/svg+xml 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9BD7) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
age: 19082830
x-cache: HIT
content-length: 1435
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (mic/9BD7)
etag: 0x8D79ED29CF0C29A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6e750620-101e-008b-5132-87f28f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
logincdn.msauth.net/shared/1.0/content/images/ 2 KB
758 B 36ms
36ms Image
image/svg+xml 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msauth.net/shared/1.0/content/images/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9AE7) /
Resource Hash: a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: 6dTbAT1RVL9d6geobv3IJg==
age: 15512573
x-cache: HIT
content-length: 606
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:48 GMT
server: ECAcc (mic/9AE7)
etag: 0x8D79ED29BA5E089
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 475e3e9b-401e-0028-1dab-a787fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 plt.resx-plt.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/en-us/ Frame F3D4 0
16 KB 440ms
83ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/en-us/plt.resx-plt.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: FdZ+31bWVTqRg2rl7idASw==
content-length: 16036
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:32:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DAFE4B4A3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1e591742-901e-000b-4e27-2cf5a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590592
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 plt.react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/ Frame F3D4 0
40 KB 515ms
159ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/plt.react.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: JkZzQUb+YiuzYsl/N90l+Q==
content-length: 40244
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:32:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DB4244237
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5a473aa3-201e-002e-7e27-2c52ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590725
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 plt.office-ui-fabric-react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/ Frame F3D4 0
16 KB 430ms
77ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/plt.office-ui-fabric-react.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: SV1yF58wK2MIvlenhxTIUg==
content-length: 16205
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:32:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DB4D26A13
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 152e33e3-701e-001c-1e27-2c529b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590545
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 plt.odsp-common.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/ Frame F3D4 0
65 KB 443ms
90ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/plt.odsp-common.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: 418chKJADDLfCEojNNunqw==
content-length: 65650
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:31:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DAED320B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 59850550-701e-003c-4027-2c2709000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590630
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 plt.items-view.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/ Frame F3D4 0
2 KB 497ms
144ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/plt.items-view.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: tBiIGIla8KQc8sRPr7Rxxg==
content-length: 1685
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:32:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DB518DE9B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6e266c58-101e-0025-5f27-2ca987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590722
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 odconedrive.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/ Frame F3D4 0
279 KB 565ms
212ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/odconedrive.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: 1oKA5MqpGrzhrFOZNQ3GEQ==
content-length: 284363
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:31:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DADE98100
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 842f2642-101e-0048-6327-2c13f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590608
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 deferred.resx-deferred.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/en-us/ Frame F3D4 0
8 KB 223ms
222ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/en-us/deferred.resx-deferred.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:46 GMT
content-encoding: gzip
content-md5: naVgMJk/ejNEXKfqoglnfg==
content-length: 7382
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:33:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DDA1DC4F9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e003dab6-e01e-0066-7127-2cda5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590612
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 ondemand.resx-ondemand.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/en-us/ Frame F3D4 0
62 KB 212ms
211ms Other
application/javascript 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/nextwebpack.manifest/en-us/ondemand.resx-ondemand.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:46 GMT
content-encoding: gzip
content-md5: 9Il7ER+L5/ZZYrxO+Tbpzg==
content-length: 62950
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 09:32:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAF86DB2DD251F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 151b664e-501e-000b-2327-2cfb90000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30590611
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 404 odsp-media-05f35324.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/https://modernb.akamai.odsp.cdn.office.net/files/sp-client/ Frame F3D4 0
0 225ms
224ms Other
application/xml 2600:141b:5000::17df:9d89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/https://modernb.akamai.odsp.cdn.office.net/files/sp-client/odsp-media-05f35324.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17df:9d89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:39:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: a5650e09-701e-001a-4dc1-34143e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 215

GET
H/1.1 200
OK progress16.gif
c1-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1033/ Frame F3D4 0
2 KB 455ms
64ms Other
image/gif 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1033/progress16.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:45 GMT
X-OfficeVersion: 16.0.16118.41011
X-OfficeFE: BL6PEPF0000FA8F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 668
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sat, 21 Jan 2023 02:18:16 GMT
X-CorrelationId: 3ede168a-b0f3-42d8-9459-c2f6d242c4e3
X-UserSessionId: 3ede168a-b0f3-42d8-9459-c2f6d242c4e3
X-MSEdge-Ref: Ref A: D904D0CA95514714953C62FEE7C52E57 Ref B: BLUEDGE1413 Ref C: 2023-01-24T18:26:58Z
X-OfficeCluster: PUS8
ETag: "5122509f3e2dd91:0"
X-OFFICEFD: BL6PEPF0000FA8F
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/h4C76F832E1B589C9_resources/1033/ Frame F3D4 0
35 KB 461ms
70ms Other
image/png 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h4C76F832E1B589C9_resources/1033/wv.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:45 GMT
X-OfficeVersion: 16.0.16118.41011
X-OfficeFE: BL6PEPF000133E9
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 35196
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sat, 21 Jan 2023 05:08:30 GMT
X-CorrelationId: 4b81eb22-19ce-44a7-8510-189668fac28c
X-UserSessionId: 4b81eb22-19ce-44a7-8510-189668fac28c
X-MSEdge-Ref: Ref A: 6D9FC66979B04502BB0E8D03FBF6A199 Ref B: BL2EDGE2515 Ref C: 2023-01-22T23:51:31Z
X-OfficeCluster: PUS8
ETag: "ccdec67562dd91:0"
X-OFFICEFD: BL6PEPF000133E9
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK sharedheaderplaceholder-icons.woff
c1-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame F3D4 0
4 KB 456ms
65ms Other
font/x-woff 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:45 GMT
X-OfficeVersion: 16.0.16118.41011
X-OfficeFE: DM3PEPF00012E7E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2796
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 20 Jan 2023 08:47:20 GMT
X-CorrelationId: 31eb77e7-3692-47ce-bf00-5bc01c5bf3b5
X-UserSessionId: 31eb77e7-3692-47ce-bf00-5bc01c5bf3b5
X-MSEdge-Ref: Ref A: 56E081FB767C43D281F3845E11F40545 Ref B: BL2EDGE2416 Ref C: 2023-01-21T13:38:26Z
X-OfficeCluster: US3C
ETag: "90a4a4ceab2cd91:0"
X-OFFICEFD: DM3PEPF00012E7E
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1033/ Frame F3D4 0
2 KB 456ms
65ms Other
image/gif 2600:141b:9000:7a5::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1033/progress.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:7a5::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:45 GMT
X-OfficeVersion: 16.0.16109.41019
X-OfficeFE: BN3PEPF00002153
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
Content-Length: 695
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
Last-Modified: Wed, 18 Jan 2023 02:01:09 GMT
X-CorrelationId: a8cdc8c5-f731-44ec-8526-1f3d0ce84d39
X-UserSessionId: a8cdc8c5-f731-44ec-8526-1f3d0ce84d39
X-MSEdge-Ref: Ref A: DFA4D110380B45BA95E63E63A51E06F6 Ref B: BLUEDGE1821 Ref C: 2023-01-18T16:42:20Z
X-OfficeCluster: PUS3
ETag: "417393bbe02ad91:0"
X-OFFICEFD: BN3PEPF00002153
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1033/ Frame F3D4 0
1 KB 431ms
176ms Other
image/gif 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1033/progress16.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 15:39:46 GMT
x-officeversion: 16.0.16118.41011
x-officefe: BL6PEPF0000FA8F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 21 Jan 2023 02:18:16 GMT
x-correlationid: 3ede168a-b0f3-42d8-9459-c2f6d242c4e3
x-usersessionid: 3ede168a-b0f3-42d8-9459-c2f6d242c4e3
x-msedge-ref: Ref A: D904D0CA95514714953C62FEE7C52E57 Ref B: BLUEDGE1413 Ref C: 2023-01-24T18:26:58Z
x-officecluster: PUS8
etag: "5122509f3e2dd91:0"
x-officefd: BL6PEPF0000FA8F
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/h4C76F832E1B589C9_resources/1033/ Frame F3D4 0
35 KB 347ms
99ms Other
image/png 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h4C76F832E1B589C9_resources/1033/wv.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 15:39:46 GMT
x-officeversion: 16.0.16118.41011
x-officefe: BL6PEPF000133E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 21 Jan 2023 05:08:30 GMT
x-correlationid: 4b81eb22-19ce-44a7-8510-189668fac28c
x-usersessionid: 4b81eb22-19ce-44a7-8510-189668fac28c
x-msedge-ref: Ref A: 6D9FC66979B04502BB0E8D03FBF6A199 Ref B: BL2EDGE2515 Ref C: 2023-01-22T23:51:31Z
x-officecluster: PUS8
etag: "ccdec67562dd91:0"
x-officefd: BL6PEPF000133E9
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame F3D4 0
3 KB 330ms
97ms Other
font/x-woff 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 15:39:46 GMT
x-officeversion: 16.0.16118.41011
x-officefe: DM3PEPF00012E7E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2796
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 20 Jan 2023 08:47:20 GMT
x-correlationid: 31eb77e7-3692-47ce-bf00-5bc01c5bf3b5
x-usersessionid: 31eb77e7-3692-47ce-bf00-5bc01c5bf3b5
x-msedge-ref: Ref A: 56E081FB767C43D281F3845E11F40545 Ref B: BL2EDGE2416 Ref C: 2023-01-21T13:38:26Z
x-officecluster: US3C
etag: "90a4a4ceab2cd91:0"
x-officefd: DM3PEPF00012E7E
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1033/ Frame F3D4 0
1 KB 330ms
98ms Other
image/gif 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1033/progress.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 15:39:46 GMT
x-officeversion: 16.0.16109.41019
x-officefe: BN3PEPF00002153
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Wed, 18 Jan 2023 02:01:09 GMT
x-correlationid: a8cdc8c5-f731-44ec-8526-1f3d0ce84d39
x-usersessionid: a8cdc8c5-f731-44ec-8526-1f3d0ce84d39
x-msedge-ref: Ref A: DFA4D110380B45BA95E63E63A51E06F6 Ref B: BLUEDGE1821 Ref C: 2023-01-18T16:42:20Z
x-officecluster: PUS3
etag: "417393bbe02ad91:0"
x-officefd: BN3PEPF00002153
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK box43.png
c2-word-edit-15.cdn.office.net/we/s/h7AD89A907BFE4701_resources/1033/ Frame F3D4 0
3 KB 498ms
67ms Other
image/png 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-word-edit-15.cdn.office.net/we/s/h7AD89A907BFE4701_resources/1033/box43.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16125.41000
X-OfficeFE: BL6PEPF00011F2F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length: 1922
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_excelslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified: Thu, 26 Jan 2023 21:58:20 GMT
X-CorrelationId: 3774ab54-bc6b-4520-84b5-1476015adce9
X-UserSessionId: 3774ab54-bc6b-4520-84b5-1476015adce9
X-MSEdge-Ref: Ref A: 62058107308246B3BD5AF89A8E455EC1 Ref B: BL2EDGE1417 Ref C: 2023-01-27T02:47:20Z
X-OfficeCluster: SUS1
ETag: "c01ab74dd131d91:0"
X-OFFICEFD: BL6PEPF00011F2F
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box42.png
c2-word-edit-15.cdn.office.net/we/s/hABC0FA95B72F082C_resources/1033/ Frame F3D4 0
7 KB 455ms
64ms Other
image/png 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-word-edit-15.cdn.office.net/we/s/hABC0FA95B72F082C_resources/1033/box42.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16118.41011
X-OfficeFE: BL6PEPF0000EA1F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6336
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Thu, 19 Jan 2023 15:59:01 GMT
X-CorrelationId: 3fb072eb-9af7-47da-89a6-d233838de45d
X-UserSessionId: 3fb072eb-9af7-47da-89a6-d233838de45d
X-MSEdge-Ref: Ref A: DFD248ED63674354983664BE5C56927B Ref B: BLUEDGE1612 Ref C: 2023-01-20T14:37:14Z
X-OfficeCluster: SUS1
ETag: "524ecdf21e2cd91:0"
X-OFFICEFD: BL6PEPF0000EA1F
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c2-officeapps-15.cdn.office.net/we/s/hA3596C17DAD9A003_resources/1033/ Frame F3D4 0
2 KB 445ms
67ms Other
image/gif 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-officeapps-15.cdn.office.net/we/s/hA3596C17DAD9A003_resources/1033/progress.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16112.41017
X-OfficeFE: BL6PEPF00007020
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 18 Jan 2023 03:21:38 GMT
X-CorrelationId: f933a371-fbff-4e21-aff5-6f8922275915
X-UserSessionId: f933a371-fbff-4e21-aff5-6f8922275915
X-MSEdge-Ref: Ref A: 9CEE50A62EFA456FA49FD9C55276C254 Ref B: BL2EDGE1612 Ref C: 2023-01-19T03:55:50Z
X-OfficeCluster: SUS1
ETag: "7a3747faeb2ad91:0"
X-OFFICEFD: BL6PEPF00007020
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK sharedheaderplaceholder-icons.woff
c2-word-edit-15.cdn.office.net/we/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame F3D4 0
4 KB 418ms
65ms Other
font/x-woff 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-word-edit-15.cdn.office.net/we/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16118.41011
X-OfficeFE: BL6PEPF000076D3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2796
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Thu, 19 Jan 2023 17:17:07 GMT
X-CorrelationId: 85dbab2c-bfe5-4b42-a05b-f1984d9323fe
X-UserSessionId: 85dbab2c-bfe5-4b42-a05b-f1984d9323fe
X-MSEdge-Ref: Ref A: 3037D8959DBA4984B4D9B9A3F9F1AB6E Ref B: BL2EDGE1410 Ref C: 2023-01-19T23:29:06Z
X-OfficeCluster: SUS1
ETag: "9cb296db292cd91:0"
X-OFFICEFD: BL6PEPF000076D3
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK we.png
c2-word-edit-15.cdn.office.net/we/s/h7E3FDF7CEE1AA844_resources/1033/ Frame F3D4 0
71 KB 399ms
75ms Other
image/png 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-word-edit-15.cdn.office.net/we/s/h7E3FDF7CEE1AA844_resources/1033/we.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16118.41011
X-OfficeFE: BL6PEPF0000DDF7
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 71244
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Thu, 19 Jan 2023 16:38:28 GMT
X-CorrelationId: ea3e71b6-517b-4691-badc-9c1ebeae5354
X-UserSessionId: ea3e71b6-517b-4691-badc-9c1ebeae5354
X-MSEdge-Ref: Ref A: DEC0B29A8C24425DAE89812C568E6582 Ref B: BL2EDGE2008 Ref C: 2023-01-22T06:52:43Z
X-OfficeCluster: SUS1
ETag: "48ce9575242cd91:0"
X-OFFICEFD: BL6PEPF0000DDF7
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 404
Not Found oagal.png
c2-word-edit-15.cdn.office.net/we/s/161612541000_resources/1033/ Frame F3D4 0
0 406ms
195ms Other
text/html 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c2-word-edit-15.cdn.office.net/we/s/161612541000_resources/1033/oagal.png
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1 404
Not Found we_pl.png
c2-word-edit-15.cdn.office.net/we/s/161612541000_resources/1033/ Frame F3D4 0
0 338ms
228ms Other
text/html 2600:141b:9000:691::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c2-word-edit-15.cdn.office.net/we/s/161612541000_resources/1033/we_pl.png
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:691::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-excel-15.cdn.office.net/x/s/h0A8049C5627A132D__layouts/App_Scripts/fonts/ Frame F3D4 0
3 KB 181ms
65ms Other
font/x-woff 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0A8049C5627A132D__layouts/App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 15:39:46 GMT
x-officeversion: 16.0.16111.42306
x-officefe: BL6PEPF00009BC7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2796
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 16 Jan 2023 11:55:48 GMT
x-correlationid: 6967d4e3-4c5e-459b-acec-7dffb74e7282
x-usersessionid: 6967d4e3-4c5e-459b-acec-7dffb74e7282
x-msedge-ref: Ref A: F62BB0ECCFDC4C9F879B9D4817CB62C4 Ref B: BLUEDGE1611 Ref C: 2023-01-23T08:27:22Z
x-officecluster: PUS8
etag: "4fef1979a129d91:0"
x-officefd: BL6PEPF00009B01
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 404 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/ Frame F3D4 0
0 275ms
237ms Other
text/html 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/EwaCommon.png
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 404 EwaEdit_m2.png
c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/ Frame F3D4 0
0 215ms
189ms Other
text/html 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/EwaEdit_m2.png
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 404 EwaRibbonData_m2.png
c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/ Frame F3D4 0
0 175ms
174ms Other
text/html 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/EwaRibbonData_m2.png
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 404 EwaRibbonView_m2.png
c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/ Frame F3D4 0
0 172ms
172ms Other
text/html 2600:141b:9000:79f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/EwaRibbonView_m2.png
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:79f::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161611740514_resources/1033/ Frame F3D4 0
2 KB 65ms
65ms Other
image/gif 2600:141b:9000:7a5::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161611740514_resources/1033/progress.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:7a5::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16115.40515
X-Powered-By: ARR/3.0
X-OfficeFE: BL6PEPF00007423
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Thu, 19 Jan 2023 09:52:40 GMT
X-CorrelationId: 4292ad7b-fe92-4e5c-8d68-a0a862921c23, 4292ad7b-fe92-4e5c-8d68-a0a862921c23
X-UserSessionId: 4292ad7b-fe92-4e5c-8d68-a0a862921c23, 4292ad7b-fe92-4e5c-8d68-a0a862921c23
X-MSEdge-Ref: Ref A: 2AAB94BB9A2C489187C2AA0879CE9AC0 Ref B: BLUEDGE1606 Ref C: 2023-01-19T09:52:40Z
X-OfficeCluster: PUS4
ETag: W/"aa84ebc4eb2bd91:0"
X-OFFICEFD: BL6PEPF00007636
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/pods/s/161611740514_PptResources/1033/ Frame F3D4 0
15 KB 635ms
67ms Other
image/png 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/pods/s/161611740514_PptResources/1033/prt.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:47 GMT
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
X-OfficeVersion: 16.0.16116.40513
X-OfficeFE: BL6PEPF00009D11
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
x-ms-server-duration: 41.9094
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Thu, 19 Jan 2023 14:05:21 GMT
X-CorrelationId: 35eb2c9a-8d12-49f4-bcc5-254c2ac8d17d
X-UserSessionId: 35eb2c9a-8d12-49f4-bcc5-254c2ac8d17d
X-MSEdge-Ref: Ref A: B5BE9A5DB52648F791A93B4BDD474FD2 Ref B: BL2EDGE1307 Ref C: 2023-01-19T14:05:20Z
X-OfficeCluster: PUS8
ETag: W/"63514711f2cd91:0"
X-OFFICEFD: BL6PEPF00009D11
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PUS8"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: c19322c4-89e5-487c-8673-67bd6517bc66
Access-Control-Expose-Headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box43.png
c1-onenote-15.cdn.office.net/o/s/161610941019_resources/1033/ Frame F3D4 0
4 KB 618ms
66ms Other
image/png 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161610941019_resources/1033/box43.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:47 GMT
X-OfficeVersion: 16.0.16109.41019
X-OfficeFE: BN3PEPF00001F71
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 3124
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 18 Jan 2023 14:18:27 GMT
X-CorrelationId: 45b65cd7-8155-490b-81de-8bf7c6f804b0
X-UserSessionId: 45b65cd7-8155-490b-81de-8bf7c6f804b0
X-MSEdge-Ref: Ref A: B6CC33358B7546E1ADA400A1DCDB1ACB Ref B: BLUEDGE1907 Ref C: 2023-01-29T02:13:07Z
X-OfficeCluster: PUS3
ETag: "e6e8babb472bd91:0"
X-OFFICEFD: BN3PEPF00001F71
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1074756, immutable
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box42.png
c1-onenote-15.cdn.office.net/o/s/161610941019_resources/1033/ Frame F3D4 0
12 KB 566ms
65ms Other
image/png 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161610941019_resources/1033/box42.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:47 GMT
X-OfficeVersion: 16.0.16109.41019
X-OfficeFE: BL6PEPF00009C48
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 11558
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 18 Jan 2023 11:43:03 GMT
X-CorrelationId: d50dd54c-1ee1-407b-be50-52db18fcb12f
X-UserSessionId: d50dd54c-1ee1-407b-be50-52db18fcb12f
X-MSEdge-Ref: Ref A: 11FF6340E570404A824BA4979B1E092E Ref B: BL2EDGE2706 Ref C: 2023-01-20T14:56:04Z
X-OfficeCluster: PUS8
ETag: "5375d85322bd91:0"
X-OFFICEFD: BL6PEPF00009C48
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=343003, immutable
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/o/s/161610941019_resources/1033/ Frame F3D4 0
2 KB 65ms
65ms Other
image/gif 2600:141b:9000:7a5::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161610941019_resources/1033/progress.gif

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:7a5::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:46 GMT
X-OfficeVersion: 16.0.16109.41019
X-OfficeFE: BL6PEPF0000DA8D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 18 Jan 2023 10:54:55 GMT
X-CorrelationId: 367b823b-d3b1-45d9-8ac2-edc419006f4c
X-UserSessionId: 367b823b-d3b1-45d9-8ac2-edc419006f4c
X-MSEdge-Ref: Ref A: C4A6EC6CACE148C5A0E00F0F9B6C2388 Ref B: BLUEDGE1408 Ref C: 2023-01-18T14:14:52Z
X-OfficeCluster: PUS4
ETag: "fe3cce4c2b2bd91:0"
X-OFFICEFD: BL6PEPF00007AA2
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161610941019_resources/1033/ Frame F3D4 0
83 KB 500ms
70ms Other
image/png 2600:141b:9000:796::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161610941019_resources/1033/one.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000:796::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Jan 2023 15:39:47 GMT
X-OfficeVersion: 16.0.16109.41019
X-OfficeFE: BL6PEPF000073FF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 83900
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 18 Jan 2023 12:30:31 GMT
X-CorrelationId: 3c0c7c9c-915a-4e9d-afce-53d2555ee4e2
X-UserSessionId: 3c0c7c9c-915a-4e9d-afce-53d2555ee4e2
X-MSEdge-Ref: Ref A: E5CE36AB3CAF481E838E00956467EE76 Ref B: BLUEDGE1119 Ref C: 2023-01-26T08:42:56Z
X-OfficeCluster: PUS4
ETag: "cd458ba7382bd91:0"
X-OFFICEFD: BL6PEPF000073FF
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=838998, immutable
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
logincdn.msauth.net/shared/1.0/content/images/ 2 KB
772 B 34ms
34ms Image
image/svg+xml 192.229.211.199
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.211.199 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mic/9A96) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 15:39:45 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 16964501
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:25 GMT
server: ECAcc (mic/9A96)
etag: 0x8D8852A7FCCA219
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: acc8e6d1-801e-006a-5776-9a7634000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cutt.us/	1970-01-20 18:54:13	Name: _ga Value: GA1.2.1183667149.1675093183
.cutt.us/	1970-01-20 09:19:39	Name: _gid Value: GA1.2.881364389.1675093183
.cutt.us/	1970-01-20 09:18:13	Name: _gat_gtag_UA_31510493_1 Value: 1
.doubleclick.net/	1970-01-20 09:18:14	Name: test_cookie Value: CheckForPermission
.cutt.us/	1970-01-20 18:39:49	Name: __gads Value: ID=f3f72d880c428456:T=1675093183:S=ALNI_MZJ7vEVuPlnswEl2RmMttchBZVuSQ
.cutt.us/	1970-01-20 18:39:49	Name: __gpi Value: UID=000009991f3b4a0c:T=1675093183:RT=1675093183:S=ALNI_Maf1Tn4ANYxvTn4EO1OHAdGGclnUw
.live.com/	1969-12-31 23:59:59	Name: xid Value: ce948d4a-5441-4f5e-b68e-90cada2d8027&&RD00155D3F53AD&62
.live.com/	1970-01-20 09:28:17	Name: wla42 Value:
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 7f7e1e10e3194c7880faded0a2760201
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=250206&lt=1675093184&co=1
.login.live.com/	1970-01-20 18:39:49	Name: MSCC Value: 38.132.118.76-US
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DeWGaf2lyUpLdkKOxmnRB80jiYhaHYeoiRVzOReNBMt5NAVIGhMnnBPTDahSgv!CzvGx!JfKSvpsOznYQzXPfYdKb3RvVrx7vgZ!jEWB3GH0SgFXix!lKruKDeRdtJaS3MThClW!hWF40scxCPF!ZDdT8zVBzvphdEmSM7xxNVcy2Bv2yGnxg2ATMWOYylAhiwGiV7NAvhJ1nsVnZgcCS26DVY3KNpm0M1kZk69f2k4D1QcTAkvGtD0wmuIguwbn0hexDEI7Qcgc!Zetyp3slPUatvf!X!IGTapNhaZksJdIFbsB42CbrUhyNpAZ10Jru7Ym8pRWF8ZfwnAi9dkVpLT5cYxBKStXcrtofv2qnntVbCeoRL6yMHEwLO!6zHZyv9FGno61XJy5ZulKhjj2a4c0Bs*cgr3iVfiKIHl8oom30tY3ACUyWfeoISYQ$$
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-ca98b015-e303-467d-b02b-c342495f756c
.live.com/	1969-12-31 23:59:59	Name: E Value: P:qE+MNtgC24g=:WGv5jC6KmChAluNDF/mF68VXPXSKKd79DzsfUQF4Tw0=:F
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-13.004/https://modernb.akamai.odsp.cdn.office.net/files/sp-client/odsp-media-05f35324.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c2-word-edit-15.cdn.office.net/we/s/161612541000_resources/1033/oagal.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/EwaEdit_m2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c2-word-edit-15.cdn.office.net/we/s/161612541000_resources/1033/we_pl.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/EwaRibbonView_m2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/EwaRibbonData_m2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1h-excel-15.cdn.office.net/x/s/161612442307__layouts/App_Scripts/1033/EwaCommon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

877ad6dfa917e880e9fa9e96975e5dbb.safeframe.googlesyndication.com
adservice.google.com
c1-officeapps-15.cdn.office.net
c1-onenote-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
c1-word-view-15.cdn.office.net
c1h-excel-15.cdn.office.net
c1h-word-view-15.cdn.office.net
c2-officeapps-15.cdn.office.net
c2-word-edit-15.cdn.office.net
cutt.us
login.live.com
logincdn.msauth.net
modernb.akamai.odsp.cdn.office.net
onedrive.live.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.107.42.13
192.229.211.199
2600:141b:5000::17df:9d89
2600:141b:9000:691::1c24
2600:141b:9000:796::4b36
2600:141b:9000:79f::1c24
2600:141b:9000:7a5::4b36
2607:f8b0:4006:807::2004
2607:f8b0:4006:816::2008
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2002
40.126.24.148
69.61.26.122
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
27c7015ca20ecd1f545a18beb17e53000037aa8abf4dd60bcd5f5c944d37d393
34a17ff70e652e2df556f52b86d2202b9cad3a932189442f15c13a353e939367
3ad2021e6836411640f0d73db550b69c263f606cd10ce0a567aa6502a13ce07a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e85f3252a1d1b9ce48cf0f402f37b227eb16b05254bdbda3aa24151cec6f611
63882d2adf8fa2dcacb61d061b35987aecf029a429a118b7616d0ccd2f52b3ac
79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4
8278082738b9a34e0216cdb55e35f943d5dc9e0c0ec95ca04f605446d8e6b333
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
c270160e073902c403121ceaadc3d87691180a57d85ccc2bf9ce559ab7d9342e
c349d716f6d8401c8befe008df511ed44505d081124effcb9637212a488f564c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99aa81183b89b4902e236a41004be04ff6a2fe9b04933862f1eecc3b72f2255

login.live.com Open in urlscan Pro 40.126.24.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

76 %IPv6

10 Domains

22 Subdomains

17 IPs

1 Countries

1262 kBTransfer

1473 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.live.com Open in urlscan Pro
40.126.24.148 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

76 %
IPv6

10
Domains

22
Subdomains

17
IPs

1
Countries

1262 kB
Transfer

1473 kB
Size

15
Cookies

62 HTTP transactions
0 data transactions