onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Submission: On April 21 via manual (April 21st 2022, 12:50:55 pm UTC) from US — Scanned from CA

Summary HTTP 88 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 10 domains to perform 88 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2312.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	23.50.53.184 23.50.53.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	40.112.57.76 40.112.57.76	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1400:d:5... 2600:1400:d:593::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
34	2600:1400:d:5... 2600:1400:d:583::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.217.44.136 23.217.44.136	16625 (AKAMAI-AS) (AKAMAI-AS)
4	20.189.173.1 20.189.173.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1400:d:5... 2600:1400:d:5ac::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.71.185.148 104.71.185.148	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.6.39 52.109.6.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:49::40 2620:1ec:49::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	13.89.179.9 13.89.179.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.36.253.92 20.36.253.92	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.105.28.18 13.105.28.18	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.24.146 40.126.24.146	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
88	16

3 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.50.53.184 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-53-184.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.112.57.76 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:593::4b36 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:1400:d:583::1c24 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.217.44.136 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-44-136.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.189.173.1 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:5ac::4b36 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

shell.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.71.185.148 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-185-148.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.6.39 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:49::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.89.179.9 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.36.253.92 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.105.28.18 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.24.146 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	office.net c1-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4547 c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 5696 shell.cdn.office.net — Cisco Umbrella Rank: 1145	2 MB
26	live.com 2 redirects onedrive.live.com — Cisco Umbrella Rank: 2312 word-view.officeapps.live.com — Cisco Umbrella Rank: 8597 c.live.com — Cisco Umbrella Rank: 9160 storage.live.com — Cisco Umbrella Rank: 167 login.live.com — Cisco Umbrella Rank: 85	271 KB
10	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 3337	344 KB
8	microsoft.com browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 151 browser.events.data.microsoft.com — Cisco Umbrella Rank: 299	3 KB
3	sfx.ms p.sfx.ms — Cisco Umbrella Rank: 19159	12 KB
2	office.com messaging.office.com — Cisco Umbrella Rank: 714	2 KB
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 1958	68 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 234	1 KB
1	msftauth.net amcdn.msftauth.net — Cisco Umbrella Rank: 1374	10 KB
1	live.net js.live.net — Cisco Umbrella Rank: 5241	16 KB
88	10

	Domain	Requested by
34	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
19	word-view.officeapps.live.com	c1-word-view-15.cdn.office.net onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
10	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
4	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
4	browser.pipe.aria.microsoft.com	p.sfx.ms c1h-word-view-15.cdn.office.net
3	p.sfx.ms	onedrive.live.com spoprod-a.akamaihd.net
3	onedrive.live.com	onedrive.live.com
2	c.live.com	1 redirects
2	messaging.office.com	c1h-word-view-15.cdn.office.net
2	static2.sharepointonline.com
1	login.live.com
1	storage.live.com	1 redirects
1	c.bing.com	1 redirects
1	amcdn.msftauth.net	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	shell.cdn.office.net	c1h-word-view-15.cdn.office.net
1	c1-word-view-15.cdn.office.net	onedrive.live.com
88	17

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-03-02` - `2023-02-25`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
messaging.office.com Microsoft RSA TLS CA 02	`2022-03-02` - `2023-03-02`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 01	`2022-02-15` - `2023-02-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Frame ID: 43BC5D8D2C3512E92733D75565B4C0E6
Requests: 24 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
Frame ID: 7BAD970BC8BBB310160F510406558B0A
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NKLA.docx - Microsoft Word Online

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

97 %
HTTPS

35 %
IPv6

10
Domains

17
Subdomains

16
IPs

1
Countries

3137 kB
Transfer

14677 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://c.live.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4327%26IR%3D1%26EX%3D0%26L.h%3D1911%26L.bc%3D1924%26L.ac%3D1924%26L.f%3D1935%26L.sjs%3D4253%26L.ttg%3D3513%26C.st%3D1650545448839%26N.jsPlt%3D2873%26N.domIn%3D1935%26N.dns%3D124%26N.tcp%3D39%26N.req%3D1598%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.3080125256734487 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4327%26IR%3D1%26EX%3D0%26L.h%3D1911%26L.bc%3D1924%26L.ac%3D1924%26L.f%3D1935%26L.sjs%3D4253%26L.ttg%3D3513%26C.st%3D1650545448839%26N.jsPlt%3D2873%26N.domIn%3D1935%26N.dns%3D124%26N.tcp%3D39%26N.req%3D1598%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.3080125256734487&ctsa=mr&CtsSyncId=A1B430E026C94059A5EC2C4B2D0953E6&RedC=c.live.com&MXFR=11DED5215172605C17A6C4AC557264D4 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4327%26IR%3D1%26EX%3D0%26L.h%3D1911%26L.bc%3D1924%26L.ac%3D1924%26L.f%3D1935%26L.sjs%3D4253%26L.ttg%3D3513%26C.st%3D1650545448839%26N.jsPlt%3D2873%26N.domIn%3D1935%26N.dns%3D124%26N.tcp%3D39%26N.req%3D1598%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.3080125256734487&ctsa=mr&CtsSyncId=A1B430E026C94059A5EC2C4B2D0953E6&MUID=11DED5215172605C17A6C4AC557264D4

Request Chain 80

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1650545453264 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1650545453&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

88 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 104 KB
34 KB 1741ms
1578ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aac238c6ea869a1e5a5d3823fd953ea5a67c2da4cf9dea382a0b85582508eeb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Apr 2022 12:50:50 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 120C05C6BD89449AA497C56DB2F6B15C Ref B: YTO01EDGE0819 Ref C: 2022-04-21T12:50:49Z
x-msnserver: RD0004FFA70FA0
x-odwebserver: canadaeast0-odwebpl

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 136 KB
26 KB 104ms
25ms Stylesheet
text/css 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:50 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA030098088FC3
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b7df2848-a01e-0047-7286-355b73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781779
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 85 KB
16 KB 98ms
20ms Stylesheet
text/css 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:50 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA030096E6CA3D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 34306a55-701e-0004-2686-351331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781761
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 169 KB
30 KB 104ms
26ms Stylesheet
text/css 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:50 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009741FC0D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a46b7ea9-501e-011c-5c71-4e78f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30521905
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 91 KB
25 KB 53ms
52ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-CA&group=Office&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05fc8cc1fb1a50ff10607fa116f3ab4549b864a37581e347a72002ad26d33bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0004FFA70FA0
x-content-type-options: nosniff
x-msedge-ref: Ref A: 116FE84A06A240A1920000D3426C6F83 Ref B: YTO01EDGE0819 Ref C: 2022-04-21T12:50:50Z
x-odwebserver: canadaeast0-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Thu, 21 Apr 2022 12:50:50 GMT
content-encoding: gzip
expires: Fri, 21 Apr 2023 12:50:50 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 44ms
43ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-CA&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7dcf543de2492ed4293798253b866897ee552bf4e936cc33d5fb46fca491f19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD00155D5EAE7C
x-content-type-options: nosniff
x-msedge-ref: Ref A: 555CFF0E29984B34B1C79B38854F2366 Ref B: YTO01EDGE0819 Ref C: 2022-04-21T12:50:50Z
x-odwebserver: canadaeast0-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Thu, 21 Apr 2022 12:50:50 GMT
content-encoding: gzip
expires: Fri, 21 Apr 2023 12:50:50 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 132ms
27ms Script
application/javascript 40.112.57.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.112.57.76 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 12:50:50 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 03:32:00 GMT
server: Microsoft-IIS/10.0
etag: "0b84e68782fd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: eastus0-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF608BF3
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
131 B 28ms
27ms Image
image/gif 40.112.57.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.112.57.76 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 12:50:50 GMT
x-msnserver: RD0003FF608BF3
last-modified: Fri, 04 Mar 2022 03:31:59 GMT
server: Microsoft-IIS/10.0
etag: "f26c1d68782fd81:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: eastus0-odwebp
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK word.boot.js Show response
c1-word-view-15.cdn.office.net/wv/s/h410BBA5BBE14D6E1_App_Scripts/ 131 KB
33 KB 133ms
35ms Script
application/javascript 2600:1400:d:593::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h410BBA5BBE14D6E1_App_Scripts/word.boot.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:593::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

410bba5bbe14d6e1a1372313a32663fa3dfc7b98885449ec7e57c5b435c3ade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"11308a9c5253d81:0"
X-OfficeCluster: PUS8
X-OfficeVersion: 16.0.15211.41000
X-OfficeFE: BL6PEPF0000FA93
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 32363
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 18 Apr 2022 18:32:08 GMT
X-OFFICEFD: BL6PEPF0000FA93
X-MSEdge-Ref: Ref A: E86EEE34E6E1444F8B0A811F50788066 Ref B: BLUEDGE1217 Ref C: 2022-04-18T18:32:08Z
X-UserSessionId: b2107377-326a-45fb-9b42-d34f7b0d9b50
Date: Thu, 21 Apr 2022 12:50:50 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b2107377-326a-45fb-9b42-d34f7b0d9b50
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteTelemetry.ashx
word-view.officeapps.live.com/wv/ 0
684 B 141ms
52ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h410BBA5BBE14D6E1_App_Scripts/word.boot.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000FA76
x-officeversion: 16.0.15213.41023
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: ef82a699-6822-41bc-8f61-25e6bd236607
x-officecluster: PUS8
x-usersessionid: ef82a699-6822-41bc-8f61-25e6bd236607
date: Thu, 21 Apr 2022 12:50:50 GMT
x-download-options: noopen
access-control-allow-origin: https://onedrive.live.com
cache-control: private
x-msedge-ref: Ref A: AE84043F6C424441AFF16FAB360B59AA Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z
timing-allow-origin: *
x-officefe: BL6PEPF0000FA76

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 126 KB
128 KB 147ms
86ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c0d36ad8a16b1901c9bfc79a568e16ec683b9728ed09afb57c91d76923894912

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Thu, 21 Apr 2022 12:50:50 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 99E51F3385D2474FB2150A8DD0A56859 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z
x-officecluster: PUS3
x-officefd: BN3PEPF000020B5
x-officefe: BN3PEPF000020B5
x-officeversion: 16.0.15213.41023
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440

POST
H2 200 RemoteUls.ashx
word-view.officeapps.live.com/wv/ 0
0 115ms
53ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://word-view.officeapps.live.com/wv/RemoteUls.ashx?usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&officeserverversion=16.0.15213.41023
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h410BBA5BBE14D6E1_App_Scripts/word.boot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/ Frame 7BAD 277 KB
34 KB 86ms
19ms Stylesheet
text/css 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6e2237b9c2be0a5c83fb5488b43cc0a735414e5a4aa12e5dc24787f14ce288b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6ef9722b5e4fd81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15205.41011
x-officefe: BL6PEPF0000A900
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 34121
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 13 Apr 2022 17:44:48 GMT
x-officefd: BL6PEPF0000A900
x-msedge-ref: Ref A: 6B4686742A9A435D855265E01D69801A Ref B: BLUEDGE1911 Ref C: 2022-04-13T17:44:47Z
x-usersessionid: 01502ee7-1b3b-4fff-9999-408769af5f63
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 01502ee7-1b3b-4fff-9999-408769af5f63
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/ Frame 7BAD 106 KB
24 KB 126ms
59ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b564e1505353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000FA0A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23675
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:11 GMT
x-officefd: BL6PEPF0000FA0A
x-msedge-ref: Ref A: 3ACE8CB875B64CBFB5458FCEDC2BE904 Ref B: BLUEDGE2021 Ref C: 2022-04-18T18:37:10Z
x-usersessionid: 3eefba1c-c234-44fe-b85f-e3d66100178c
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3eefba1c-c234-44fe-b85f-e3d66100178c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h267C622F712E3D6F_App_Scripts/1033/ Frame 7BAD 134 KB
36 KB 123ms
61ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h267C622F712E3D6F_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

267c622f712e3d6f38e3eff4f0af3822ed52eadb45906df72c7af3637f37eddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"57c4ad15e4fd81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15205.41011
x-officefe: BL6PEPF0000FA53
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 36517
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 13 Apr 2022 17:49:26 GMT
x-officefd: BL6PEPF0000FA53
x-msedge-ref: Ref A: 5EEAA25CAA64411FB3E0304828BFBE5A Ref B: BLUEDGE1411 Ref C: 2022-04-13T17:49:25Z
x-usersessionid: e917a766-b1e5-4754-84b5-806adcb8fc59
date: Thu, 21 Apr 2022 12:50:51 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e917a766-b1e5-4754-84b5-806adcb8fc59
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 7BAD 6 KB
2 KB 123ms
61ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "92e0a8a57550d81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00007198
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 15 Apr 2022 03:05:22 GMT
x-officefd: BN3PEPF00007198
x-msedge-ref: Ref A: 52DDFE88C3D04919A856DBC039B97D56 Ref B: BL2EDGE2219 Ref C: 2022-04-17T00:10:25Z
x-usersessionid: 91c985a6-f74c-4690-b535-8c9153b73844
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 91c985a6-f74c-4690-b535-8c9153b73844
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/ Frame 7BAD 19 KB
4 KB 28ms
28ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "2c1ff78c50d81:0"
x-officecluster: PUS3
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00002105
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3318
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 15 Apr 2022 05:45:36 GMT
x-officefd: BN3PEPF00002105
x-msedge-ref: Ref A: 6C3F92291620456EBB968EAAEC431579 Ref B: BLUEDGE1718 Ref C: 2022-04-18T02:37:29Z
x-usersessionid: 36f77538-fb29-4efe-911c-610fd68dfb9c
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 36f77538-fb29-4efe-911c-610fd68dfb9c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hBA648258D7F22F22_App_Scripts/1033/ Frame 7BAD 455 KB
69 KB 85ms
18ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBA648258D7F22F22_App_Scripts/1033/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba648258d7f22f22cdf6fc29b256b64f32ade2017f64b414db3390615f973be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d9fb683a5d4fd81:0"
x-officecluster: GEU1C
x-officeversion: 16.0.15205.41011
x-officefe: AM4PEPF0000D408
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 69984
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 13 Apr 2022 17:38:03 GMT
x-officefd: AM4PEPF0000D7C9
x-msedge-ref: Ref A: 1E5C4938F89247A9BCF4D16422ED1D41 Ref B: BLUEDGE1208 Ref C: 2022-04-13T17:44:47Z
x-usersessionid: b5150aff-401b-4558-94ce-c37aaa325958
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b5150aff-401b-4558-94ce-c37aaa325958
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/ Frame 7BAD 10 KB
3 KB 123ms
57ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e02eadc4381036e40c43626eab409c72fc145e8a1ad2a1a2a2ea04970b108d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8bc2155d5353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000FA7C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2907
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:31 GMT
x-officefd: BL6PEPF0000FA7C
x-msedge-ref: Ref A: 2127D187459645E5904E26461F229812 Ref B: BLUEDGE1914 Ref C: 2022-04-18T18:37:31Z
x-usersessionid: 1c9f3eab-ca82-4dc0-8811-0233a4bd38d7
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1c9f3eab-ca82-4dc0-8811-0233a4bd38d7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/ Frame 7BAD 3 MB
459 KB 29ms
29ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

facc0385d6ede98b462dd35de458558af0b5841e9fa10de5fdb5defb670178e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6a29b505353d81:0"
x-officecluster: GEU1C
x-officeversion: 16.0.15211.41000
x-officefe: AM4PEPF0000D3F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 468526
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Mon, 18 Apr 2022 18:37:10 GMT
x-officefd: AM4PEPF0000D7C9
x-msedge-ref: Ref A: 37C766DFCB3646A3BDDA25C6F2AA6AE4 Ref B: BL2EDGE2115 Ref C: 2022-04-18T18:37:10Z
x-usersessionid: 9c325c4f-0234-4a4e-b2d7-ba9d67426342
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9c325c4f-0234-4a4e-b2d7-ba9d67426342
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
549 B 53ms
53ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAF0
x-officeversion: 16.0.15219.41000
x-officefe: BL6PEPF0000BAF0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: fd86b4f5-519d-4c20-9b44-79148c9d9782
x-officecluster: PGTUS4
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 595B78D2BC6F4AFFA2B2F6B5CD36C05A Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
366 B 84ms
82ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":122,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h6E2237B9C2BE0A5C_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB0B
x-officeversion: 16.0.15219.41000
x-officefe: BL6PEPF0000BB0B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6fcfb364-10b9-45a4-9294-3ac64f377cfa
x-officecluster: PGTUS4
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F4D0F93BC67C42E0816674967DC5B74B Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 7BAD 1 KB
1 KB 244ms
244ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw&v=00000000-0000-0000-0000-000000000802&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&splashscreen=1&build=16.0.15213.41023&waccluster=PUS3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS3
x-wacfrontend: BN3PEPF00002146
x-officeversion: 16.0.15213.41023
x-officefe: BN3PEPF00002146
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1245
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c7d6279e-039f-4204-8b35-8f370e009597
x-officefd: BN3PEPF00002146
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 9831011F43404BB88797AA09AF60DB28 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z
timing-allow-origin: *
expires: -1

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/hE5C1E39EBD126206_App_Scripts/fonts/ Frame 7BAD 3 KB
3 KB 19ms
19ms Font
font/x-woff 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hE5C1E39EBD126206_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "35f6b8c6de4ad81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15205.41011
x-officefe: BL6PEPF0000FA51
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2748
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Apr 2022 00:22:48 GMT
x-officefd: BL6PEPF0000FA51
x-msedge-ref: Ref A: 7A740E4CCD844EC2913FFD48773FE081 Ref B: BL2EDGE2015 Ref C: 2022-04-10T19:25:00Z
x-usersessionid: dbd43c55-d74c-4f39-8071-787d6444f3df
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: dbd43c55-d74c-4f39-8071-787d6444f3df
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
200 B 44ms
44ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":441,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000E942
x-officeversion: 16.0.15213.41023
x-officefe: BL6PEPF0000E942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ff8ab68e-3b85-497e-aa1b-aadd8dc1baad
x-officecluster: PGTUS6
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 404B279CF1D1467BBECFD4B158EE7CFF Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 444 B
767 B 238ms
238ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw&type=png&o15=1&ui=en-US

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

125b04041f0210bab5ca2bc7d30298b26f571ec20fbef6e7c58bb0d1a1bff380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: BN3PEPF000020B5
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.15213.41023
X-Key: /VlUZurbTLMk3wE8tPeJ67jJFYhJpNnWCmg+ny71Z3U=,637861422510521877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PUS3

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS3
x-wacfrontend: BN3PEPF000020B5
x-officeversion: 16.0.15213.41023
x-officefe: BN3PEPF000020B5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 415
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: f9b7f83e-00e3-4bbb-9840-3865200c4057, f9b7f83e-00e3-4bbb-9840-3865200c4057
x-officefd: BN3PEPF00002146
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440, 3b583550-f2f0-4d4e-a77f-36e96ef38440
x-powered-by: ARR/3.0
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: D0E4BB63F79F45F2BA8024E64897D770 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z
timing-allow-origin: *, *
expires: Fri, 21 Apr 2023 12:50:51 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/ Frame 7BAD 40 KB
7 KB 19ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"877875e5353d81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000D264
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:35:19 GMT
x-officefd: BL6PEPF0000D264
x-msedge-ref: Ref A: 15146E08F47C4D1A9821D6F6BB17E11C Ref B: BLUEDGE1909 Ref C: 2022-04-18T18:35:19Z
x-usersessionid: 3f28290b-95e0-47c4-95fc-b8ffffbfa287
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3f28290b-95e0-47c4-95fc-b8ffffbfa287
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/ Frame 7BAD 22 KB
23 KB 20ms
20ms Font
font/x-woff 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"695fea9644fd81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15205.41011
x-officefe: BN3PEPF00004B41
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 13 Apr 2022 18:31:15 GMT
x-officefd: BN3PEPF00004B41
x-msedge-ref: Ref A: 3EA82CD2CFCF4EF7AF6E4819740E81BA Ref B: BLUEDGE1118 Ref C: 2022-04-13T18:31:15Z
x-usersessionid: c75cdb65-eeab-4958-bb5f-1be8dbe18110
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: c75cdb65-eeab-4958-bb5f-1be8dbe18110
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/ Frame 7BAD 6 KB
6 KB 21ms
20ms Image
image/png 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/wapsw.png?b=1601521341023

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"818547d57853d81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00007197
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 23:05:44 GMT
x-officefd: BN3PEPF00007197
x-msedge-ref: Ref A: 84EBDE6DAD7E45F59AABDEA7590FA58F Ref B: BLUEDGE1611 Ref C: 2022-04-18T23:05:44Z
x-usersessionid: 12781a1f-bacc-4838-9b42-b5e3df77e0eb
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 12781a1f-bacc-4838-9b42-b5e3df77e0eb
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 2fde8449-814a-4e38-82fa-c52e25e5e8fa
https://word-view.officeapps.live.com/ Frame 7BAD 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/2fde8449-814a-4e38-82fa-c52e25e5e8fa
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
567 B 45ms
45ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":733,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAE3
x-officeversion: 16.0.15219.41000
x-officefe: BL6PEPF0000BAE3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: ede0e84e-f658-4e29-aa42-acf5e91e9179
x-officecluster: PGTUS4
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 01E92955FCB14BF6A65026A3863E3AEC Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/ Frame 7BAD 834 KB
137 KB 20ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28f6463a421d327367ead94f3f1dcbf5b282fb0fc306095a23f5de772203e7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4e23a3515353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000FA59
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 139680
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 18 Apr 2022 18:37:12 GMT
x-officefd: BL6PEPF0000FA59
x-msedge-ref: Ref A: 8F27B0170C374617AE8E01066A3D3303 Ref B: BLUEDGE1411 Ref C: 2022-04-18T18:37:11Z
x-usersessionid: a167bf9f-3abf-43e8-a423-4f4eac29e9ee
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a167bf9f-3abf-43e8-a423-4f4eac29e9ee
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
381 B 78ms
77ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: BN3PEPF000020B5
accept-language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.15213.41023
X-Key: /VlUZurbTLMk3wE8tPeJ67jJFYhJpNnWCmg+ny71Z3U=,637861422510521877
X-bULS-SuppressionETag: 6C1139DD5A0A78408103B6543CCEBA76871E3829
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp-hGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V-wFUX86vHYG_01WnbiOEc_UjMK4Pj4AG7_z0Yqo7ylhnRp0FI
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserType: WOPI
X-AccessTokenTtl: 1652359850507
X-WacCluster: PUS3

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15219.41000
x-officefe: BL6PEPF0000BB0B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 6C1139DD5A0A78408103B6543CCEBA76871E3829
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1efa3abb-098e-4b96-b862-bdb40e6e3ce1
x-officefd: BL6PEPF0000BB0B
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 8D985C098A3E48188C6F5E6690DC696D Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/ Frame 7BAD 695 B
1 KB 20ms
19ms Image
image/gif 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"93e763515353d81:0"
x-officecluster: PUS3
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF0000208D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:12 GMT
x-officefd: BN3PEPF0000208D
x-msedge-ref: Ref A: 13DC3B988DCC488DB13BB3B735A884C5 Ref B: BL2EDGE2219 Ref C: 2022-04-18T18:37:12Z
x-usersessionid: 97cf883f-070d-422c-8a93-846493831203
date: Thu, 21 Apr 2022 12:50:51 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 97cf883f-070d-422c-8a93-846493831203
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 7BAD 33 KB
34 KB 225ms
224ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&build=16.0.15213.41023&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp-hGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V-wFUX86vHYG_01WnbiOEc_UjMK4Pj4AG7_z0Yqo7ylhnRp0FI&access_token_ttl=1652359850809&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw&waccluster=PUS3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bd12fc869e0d4f2e10d2f377bf42f8ebcc667345cb74a0516247fdb123bc58da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS3
x-wacfrontend: BN3PEPF000020F1
x-officeversion: 16.0.15213.41023
x-officefe: BN3PEPF000020F1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34195
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850809&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7fddde19-3335-4834-be48-b456132c6668
x-officefd: BN3PEPF000020F1
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:52 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 22257E01257B4B3199AA0E6CC192A4A1 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z
timing-allow-origin: *
expires: Fri, 21 Apr 2023 12:50:52 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 12 KB
5 KB 121ms
121ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&build=16.0.15213.41023&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw&waccluster=PUS3

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

ab92b478250741085d01f6a53177c0145dc906a4ea04dd7277411869c1ffd425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: BN3PEPF000020B5
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.15213.41023
X-Key: /VlUZurbTLMk3wE8tPeJ67jJFYhJpNnWCmg+ny71Z3U=,637861422510521877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PUS3

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS3
x-wacfrontend: BN3PEPF000020B5
x-officeversion: 16.0.15213.41023
x-officefe: BN3PEPF000020B5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4160
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 4458a5db-f219-4278-8ef9-4c991372cc67, 4458a5db-f219-4278-8ef9-4c991372cc67
x-officefd: BN3PEPF00002106
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440, 3b583550-f2f0-4d4e-a77f-36e96ef38440
x-powered-by: ARR/3.0
date: Thu, 21 Apr 2022 12:50:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: CA8216E24763458CBB9A970A5B8BF1CD Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:51Z
timing-allow-origin: *, *
expires: Fri, 21 Apr 2023 12:50:52 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/1033/ Frame 7BAD 455 KB
69 KB 20ms
20ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/1033/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba648258d7f22f22cdf6fc29b256b64f32ade2017f64b414db3390615f973be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f46d7515353d81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF00007644
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 69984
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:12 GMT
x-officefd: BL6PEPF00007644
x-msedge-ref: Ref A: 60CAE2CCAD114C63987AE6C1868B5910 Ref B: BLUEDGE1509 Ref C: 2022-04-18T18:37:12Z
x-usersessionid: 80cf819f-606d-4cf2-8035-ebffe5f4189e
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 80cf819f-606d-4cf2-8035-ebffe5f4189e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/ Frame 7BAD 695 B
1 KB 19ms
19ms Image
image/gif 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"93e763515353d81:0"
x-officecluster: PUS3
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF0000208D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:12 GMT
x-officefd: BN3PEPF0000208D
x-msedge-ref: Ref A: 13DC3B988DCC488DB13BB3B735A884C5 Ref B: BL2EDGE2219 Ref C: 2022-04-18T18:37:12Z
x-usersessionid: 97cf883f-070d-422c-8a93-846493831203
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 97cf883f-070d-422c-8a93-846493831203
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/ Frame 7BAD 1 MB
246 KB 20ms
20ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

80556590b8d2e8016aa778cbbd4f51db0e1d2f049e3cf11994eb59bb6f2e2284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d57e5725353d81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF00007594
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 250704
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:38:08 GMT
x-officefd: BL6PEPF00007594
x-msedge-ref: Ref A: 13349A8F3247423495B4EE2B5B51D309 Ref B: BLUEDGE1716 Ref C: 2022-04-18T18:38:07Z
x-usersessionid: f7a19f07-c6f6-41ca-9e55-779403b4f620
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f7a19f07-c6f6-41ca-9e55-779403b4f620
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/ Frame 7BAD 232 KB
43 KB 25ms
25ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

066670f0c5b6473618f1171133818b8483fb6c4de676af915921c83a05783e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"887da9565353d81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00004AFC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 43302
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:20 GMT
x-officefd: BN3PEPF00004AFC
x-msedge-ref: Ref A: 53BF8D8116304A02A7F729C91428D88E Ref B: BL2EDGE2208 Ref C: 2022-04-18T18:37:20Z
x-usersessionid: 019a41de-309c-4344-86e4-833b82fca2d0
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 019a41de-309c-4344-86e4-833b82fca2d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/ Frame 7BAD 34 KB
35 KB 20ms
20ms Image
image/png 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"f4d28df5353d81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000EA1C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:35:21 GMT
x-officefd: BL6PEPF0000EA1C
x-msedge-ref: Ref A: 5D3BC0A8C42744E68F04E4D0A35F3863 Ref B: BL2EDGE2411 Ref C: 2022-04-18T18:35:21Z
x-usersessionid: 85091347-8ddb-4754-a9ad-fdc691238d9a
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 85091347-8ddb-4754-a9ad-fdc691238d9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/ Frame 7BAD 668 B
1 KB 22ms
22ms Image
image/gif 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_resources/1033/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"8a5dd4515353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000FA9B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:12 GMT
x-officefd: BL6PEPF0000FA9B
x-msedge-ref: Ref A: 96B3DF02D5EC41FCAC72EAE66435393F Ref B: BLUEDGE1912 Ref C: 2022-04-18T18:37:12Z
x-usersessionid: 5dbf85b2-b78c-447a-bd13-b449462c816c
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 5dbf85b2-b78c-447a-bd13-b449462c816c
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
201 B 87ms
87ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officeversion: 16.0.15213.41023
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d8d1ad97-4eb6-4bd9-9703-a4983db6ca9c
x-officecluster: PUS3
x-usersessionid: d8d1ad97-4eb6-4bd9-9703-a4983db6ca9c
date: Thu, 21 Apr 2022 12:50:52 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: A179523B599C4E3996285D3C276B83BB Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:52Z
timing-allow-origin: *
x-officefe: BN3PEPF000020AA

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/ Frame 7BAD 2 MB
437 KB 20ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2e458b97b1ff9120139084ae85b986ec98213fb8ea73a53cab99fa2a5523ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"a5aaf1565353d81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00004B08
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 445374
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:21 GMT
x-officefd: BN3PEPF00004B08
x-msedge-ref: Ref A: 72F0F99A3793419FB54D9144AAA38DD3 Ref B: BLUEDGE1614 Ref C: 2022-04-18T18:37:21Z
x-usersessionid: 5dc111ea-1f45-4be6-970a-e4f73f90b9a9
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5dc111ea-1f45-4be6-970a-e4f73f90b9a9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/ Frame 7BAD 542 KB
116 KB 23ms
22ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65995e576743c3415521ccfc2bbe0695d31a81f5d8204d3f5fbabfd58475d90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f08bd1565353d81:0"
x-officecluster: GEU2C
x-officeversion: 16.0.15211.41000
x-officefe: AM4PEPF0000D43C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 117329
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Mon, 18 Apr 2022 18:37:21 GMT
x-officefd: AM4PEPF0000D7D2
x-msedge-ref: Ref A: D5865B0A3A9E47208215D897BFA56B4D Ref B: BLUEDGE1509 Ref C: 2022-04-18T18:37:21Z
x-usersessionid: a491d9d7-3079-4087-8fea-e551d3f3cb0e
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a491d9d7-3079-4087-8fea-e551d3f3cb0e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 7BAD 31 KB
32 KB 86ms
19ms Font
font/woff2 23.217.44.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.44.136 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-44-136.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
last-modified: Mon, 22 Jun 2020 16:25:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C8D021D2B4
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 8c9257d2-901e-00e0-6623-c7003b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15644610
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 7BAD 35 KB
36 KB 107ms
40ms Font
application/font-woff2 23.217.44.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.44.136 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-44-136.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
last-modified: Wed, 22 Nov 2017 20:18:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D531E6235E7909
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 120318ff-201e-0040-3923-c76e9e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15644669
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 7BAD 33 KB
34 KB 174ms
174ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bd12fc869e0d4f2e10d2f377bf42f8ebcc667345cb74a0516247fdb123bc58da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS3
x-wacfrontend: BN3PEPF000020F1
x-officeversion: 16.0.15213.41023
x-officefe: BN3PEPF000020F1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34195
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 61b4e77c-301c-4650-8eba-b4cf7a13dd84
x-officefd: BN3PEPF000020F1
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:52 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 99AADF91E2284C15B7009E8F7425AC69 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:52Z
timing-allow-origin: *
expires: Fri, 21 Apr 2023 12:50:52 GMT

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/1033/ Frame 7BAD 707 KB
81 KB 19ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/1033/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

039326dd4255b863cfe6516c125605194272395b4ae69fe5abdbd8f5ff234187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4d3210525353d81:0"
x-officecluster: PUS3
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF000021F2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 82157
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:13 GMT
x-officefd: BN3PEPF000021F2
x-msedge-ref: Ref A: 2D642ECB44AD4326B7A8C92662CAC790 Ref B: BLUEDGE2021 Ref C: 2022-04-18T18:37:13Z
x-usersessionid: 5d3076e8-ca74-42fb-83f0-ef9b63f06382
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5d3076e8-ca74-42fb-83f0-ef9b63f06382
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
539 B 45ms
45ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1173,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000B923
x-officeversion: 16.0.15213.41023
x-officefe: BL6PEPF0000B923
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2c263a35-b138-4868-9338-0d8f017fa698
x-officecluster: PGTUS6
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:52 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 2A89A7DD571347E0ACE6BC5C0CBB2419 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:52Z

POST
H2 200 RemoteTelemetry.ashx
word-view.officeapps.live.com/wv/ 0
400 B 54ms
53ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h410BBA5BBE14D6E1_App_Scripts/word.boot.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000FA28
x-officeversion: 16.0.15213.41023
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 30ae2694-f7c8-447e-bd30-c01c4261e462
x-officecluster: PUS8
x-usersessionid: 30ae2694-f7c8-447e-bd30-c01c4261e462
date: Thu, 21 Apr 2022 12:50:52 GMT
x-download-options: noopen
access-control-allow-origin: https://onedrive.live.com
cache-control: private
x-msedge-ref: Ref A: 6B5386E614F947089837F4E95AA5B71D Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:52Z
timing-allow-origin: *
x-officefe: BL6PEPF0000FA28

POST
H2 200 RemoteUls.ashx
word-view.officeapps.live.com/wv/ 0
0 48ms
47ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://word-view.officeapps.live.com/wv/RemoteUls.ashx?usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&officeserverversion=16.0.15213.41023
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h410BBA5BBE14D6E1_App_Scripts/word.boot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 92 KB
33 KB 72ms
18ms Script
application/javascript 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300992CBA40
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a1bffcd9-b01e-00d5-6879-35ae6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27776416
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-ec0768dc.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 335 KB
102 KB 76ms
23ms Script
application/javascript 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac_s_office-ec0768dc.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 59e1ecc15f7639121d99a75dce05be39a43630398ff19de0258b0f5e1cfcbdb1

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
content-encoding: gzip
content-md5: 7Ado3M0q7A+Lv1sYG3wtIA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 103797
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009A4534D4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1a6b0092-401e-005f-4a86-358414000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781824
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 334ms
80ms XHR
application/json 20.189.173.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 12:50:52 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 295
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/ Frame 7BAD 945 KB
193 KB 19ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0E02EADC4381036E_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3847e37e2b5cf45ccc475c823f4265916889f41caa98f66205b6482b7a5916bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d31cf7565353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000FAAC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 196828
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:21 GMT
x-officefd: BL6PEPF0000FAAC
x-msedge-ref: Ref A: 0AC6D68897B645748BF1914FB0D79CE9 Ref B: BLUEDGE1411 Ref C: 2022-04-18T18:37:21Z
x-usersessionid: 592f9acb-ac91-4c17-8aa1-08c832d662e8
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 592f9acb-ac91-4c17-8aa1-08c832d662e8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 en-us Show response
shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 7BAD 25 KB
5 KB 101ms
19ms XHR
application/json 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-us

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

d1f94f985844acf57ce7d417a257ac5b8080e4ca11c4bd845d79a2085b784b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip
x-content-type-options: nosniff
server: Kestrel
date: Thu, 21 Apr 2022 12:50:52 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache-start: 1650545230, 1650545230
cache-control: max-age=300
x-cdn: 222
timing-allow-origin: *
content-length: 5079
x-o365suiteuxshell-correlationid: cb95ac0c-8209-40b1-9c11-9946fa660bdf

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/ Frame 7BAD 549 KB
102 KB 24ms
23ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

276e1c617442f43dc578ce2c9fa188a1d2ce23ea4480b4a1b08040775cbbe731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"331ecf5353d81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000767F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103379
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:35:20 GMT
x-officefd: BL6PEPF0000767F
x-msedge-ref: Ref A: A3C77D8089FA486AB40F52D18391C6CE Ref B: BL2EDGE2111 Ref C: 2022-04-18T18:35:20Z
x-usersessionid: c0f562b7-18b4-4469-8c4f-069823404519
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c0f562b7-18b4-4469-8c4f-069823404519
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shellstrings.json Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/strings/en/ Frame 7BAD 13 KB
5 KB 19ms
19ms XHR
application/json 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/strings/en/shellstrings.json

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d1a27b46e85786fa59850d7074bf7ee11d9876bf21337f2b0c32a02eef2a3680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"8046bc565353d81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00004B33
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4327
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:21 GMT
x-officefd: BN3PEPF00004B33
x-msedge-ref: Ref A: 36AB6E29B4AB4F53A9CA6B2C6D539F8D Ref B: BLUEDGE1220 Ref C: 2022-04-18T18:37:21Z
x-usersessionid: b8ed3b28-034a-47ef-9c56-ce003717460e
date: Thu, 21 Apr 2022 12:50:52 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-correlationid: b8ed3b28-034a-47ef-9c56-ce003717460e
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 7BAD 42 KB
16 KB 132ms
30ms Script
application/javascript 104.71.185.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.71.185.148 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-185-148.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 12:50:52 GMT
X-MSNServer: RD0003FF818B2C
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=34806, public
X-ODWebServer: eastus21-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H3-Q050 200 wac2-d8541046.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 310 KB
107 KB 20ms
20ms Script
application/javascript 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c949982df7b0a15866feaa71641d1dd64f0bd6415013cbff9a5bf2a61d65b33c

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
content-encoding: gzip
content-md5: 2FQQRinE/bhgf3Cx3CcwlA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 109105
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009A455BDB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 945695f7-501e-0031-0d86-35d13b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781829
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac0-efa56458.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 15 KB
6 KB 25ms
24ms Script
application/javascript 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009A209B1D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 13509bd7-601e-0083-0a86-352e4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781672
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 47 KB
14 KB 25ms
24ms Script
application/javascript 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=4DAFE66015F06FAC!2433&ithint=file%2cdocx&authkey=!AI3xLDS_8RM4T08
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:52 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009A26B4B9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5ceaa102-e01e-0069-0986-350964000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27782070
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
DATA 200
OK truncated
/ Frame 7BAD 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 segoeui-semilight-final.woff
c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/ Frame 7BAD 25 KB
26 KB 21ms
20ms Font
font/x-woff 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/segoeui-semilight-final.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h6E2237B9C2BE0A5C_resources/1033/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"91ae4af4704fd81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15205.41011
x-officefe: BL6PEPF0000FA98
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 25997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 13 Apr 2022 19:59:16 GMT
x-officefd: BL6PEPF0000FA98
x-msedge-ref: Ref A: 364CF1F0D90A46F6834A2255E6E26B68 Ref B: BL2EDGE2106 Ref C: 2022-04-13T19:59:15Z
x-usersessionid: d79ab35c-063e-4b9e-9e3e-c028e979a577
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: d79ab35c-063e-4b9e-9e3e-c028e979a577
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.core.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/ Frame 7BAD 257 KB
70 KB 27ms
26ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f5bf46575353d81:0"
x-officecluster: PUS9
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF00004B4F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71204
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:37:21 GMT
x-officefd: BN3PEPF00004B4F
x-msedge-ref: Ref A: 29712F27DC43444595FE1921896A9526 Ref B: BL2EDGE1610 Ref C: 2022-04-18T18:37:21Z
x-usersessionid: 6592bdaf-c302-425a-a265-5e4e3b28fcb9
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6592bdaf-c302-425a-a265-5e4e3b28fcb9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/ Frame 7BAD 7 KB
3 KB 20ms
20ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"999682745353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000F9F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1932
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:38:10 GMT
x-officefd: BL6PEPF0000F9F6
x-msedge-ref: Ref A: 50DB34FF1C9C4A7E83D2CD8D91B9AB2A Ref B: BLUEDGE1716 Ref C: 2022-04-18T18:38:10Z
x-usersessionid: 294041fa-51ef-4197-9fb6-90412e28a1f0
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 294041fa-51ef-4197-9fb6-90412e28a1f0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/ Frame 7BAD 18 KB
3 KB 29ms
28ms Stylesheet
text/css 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5452f4135353d81:0"
x-officecluster: PUS3
x-officeversion: 16.0.15211.41000
x-officefe: BN3PEPF0000223E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:35:28 GMT
x-officefd: BN3PEPF0000223E
x-msedge-ref: Ref A: D7B18C55130341A2884FE9DF347CE472 Ref B: BL2EDGE1808 Ref C: 2022-04-18T18:35:28Z
x-usersessionid: a26b8513-0855-44aa-87a6-0aec4c2f538c
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: a26b8513-0855-44aa-87a6-0aec4c2f538c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/Intl/en/ Frame 7BAD 2 KB
1 KB 19ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1ee76ba1e2059f5f369cdaeebb38dc0fbbb643168eb5ebb20869afd2f86efa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1e873eeee350d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15213.41023
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 770
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 15 Apr 2022 16:14:49 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: ABE78F4E339B42F8A426EB0AED3670F7 Ref B: BLUEDGE1509 Ref C: 2022-04-18T18:37:20Z
x-usersessionid: 81864d3a-6160-4bf7-98bc-d77e702d2e73
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 81864d3a-6160-4bf7-98bc-d77e702d2e73
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/ Frame 7BAD 98 KB
29 KB 20ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hFACC0385D6EDE98B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f27f273c5c46575edaec65046e64f256ef792b9037252a6566f3b8f34cdbf69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "95d2f562de50d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15213.41023
x-officefe: AM4PEPF0000F27B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29060
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 15 Apr 2022 15:35:08 GMT
x-officefd: AM4PEPF0000F27B
x-msedge-ref: Ref A: 2F13E8D2824348ABA1CF38727F6B032F Ref B: BL2EDGE1519 Ref C: 2022-04-18T18:37:12Z
x-usersessionid: 75444fed-7222-4115-ad28-f036e49eee48
date: Thu, 21 Apr 2022 12:50:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 75444fed-7222-4115-ad28-f036e49eee48
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 2 KB
2 KB 133ms
132ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw&uilang=en-US

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

17325b8eb1863a5d13c610c045400e9a93c92acb71cce8636e9cdd625d0119d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: BN3PEPF000020B5
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
accept-language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.15213.41023
X-Key: /VlUZurbTLMk3wE8tPeJ67jJFYhJpNnWCmg+ny71Z3U=,637861422510521877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PUS3

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS3
x-wacfrontend: BN3PEPF000020B5
x-officeversion: 16.0.15213.41023
x-officefe: BN3PEPF000020B5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1406
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: db6b66e2-87db-4c52-9b54-2a82c21ef2af, db6b66e2-87db-4c52-9b54-2a82c21ef2af
x-officefd: BN3PEPF00002146
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440, 3b583550-f2f0-4d4e-a77f-36e96ef38440
x-powered-by: ARR/3.0
date: Thu, 21 Apr 2022 12:50:53 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 74D37DB383D247A9AEA49782FF3E2F7F Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:53Z
timing-allow-origin: *, *
expires: -1

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame 7BAD 4 KB
2 KB 90ms
89ms Fetch
application/json 52.109.6.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.15213.41023&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPUS3%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.6.39 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8f29baa489f5212793aebf90cb59c718285394bdb3acfc9134f5cb25e8ee45b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 7a0a5b93-038d-4fbd-7a4b-390c775336f1
x-usersessionid: d9ccbdd3-7965-42b1-d0d8-f8e6dc602011
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: eus2-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10412.11459
x-officefe: OmexMessagingStorefront_IN_12
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 1716
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: f2a70ef1-fca9-4245-b208-e65ecc7f291f
server
x-usersessionid: d9ccbdd3-7965-42b1-d0d8-f8e6dc602011
date: Thu, 21 Apr 2022 12:50:53 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: eus2-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_12
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 276ms
62ms Preflight 52.109.6.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.6.39 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Thu, 21 Apr 2022 12:50:53 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: 5087bc04-cd1b-4900-8a73-25966789ddb7
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: eus2-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_12
x-officecluster: eus2-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_12
x-officeversion: 22.4.10412.11459
x-ua-compatible: IE=edge
x-usersessionid: 5087bc04-cd1b-4900-8a73-25966789ddb7
x-xss-protection: 1; mode=block

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
104 B 27ms
27ms Image
image/gif 40.112.57.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.112.57.76 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 12:50:52 GMT
x-msnserver: RD0003FF608BF3
last-modified: Fri, 04 Mar 2022 03:31:59 GMT
server: Microsoft-IIS/10.0
etag: "f26c1d68782fd81:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: eastus0-odwebp
accept-ranges: bytes
content-length: 43

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 7BAD 27 KB
10 KB 113ms
25ms Script
application/javascript 2620:1ec:49::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=WordOnline&version=10.21153.1&market=EN-US&wrapperId=suiteshell

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b420949aa98af0497a1bc71f1879a0a2d09cc999c9f6e5b7d3b0a75d11897d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 01D1hYgAAAADLonULJUNiQ6/9X83kbuuDRVdSMzBFREdFMDUxMgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Thu, 21 Apr 2022 12:50:52 GMT
x-azure-ref: 0LVNhYgAAAABxtOlI2s5xTYB8PK9ejX5MWVRPMjIxMDkwODE5MDA5ADlmZTZjM2YxLTE3MTgtNGE5My05MjU1LTYzY2QzZjhjYTVhYg==
x-cache: TCP_HIT, CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Thu, 21 Apr 2022 18:01:43 GMT

GET
H2 200 suiteux.shell.plus.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/ Frame 7BAD 273 KB
60 KB 19ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6b3ca9735353d81:0"
x-officecluster: PUS8
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000FA87
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 60580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:38:09 GMT
x-officefd: BL6PEPF0000FA87
x-msedge-ref: Ref A: 7D8BA4FC104B4018BF989F9ED5A7F9E7 Ref B: BL2EDGE2122 Ref C: 2022-04-18T18:38:09Z
x-usersessionid: 4cdde676-2f93-4fb0-9c86-1f6db626ddba
date: Thu, 21 Apr 2022 12:50:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4cdde676-2f93-4fb0-9c86-1f6db626ddba
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 7BAD 4 B
333 B 389ms
216ms XHR
application/json 13.89.179.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.179.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 12:50:52 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H3-Q050 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 8 KB
8 KB 164ms
46ms Image
text/css 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filesbucket3-5286f09d.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:53 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA030095CA6455
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e83b60cd-201e-0066-2786-357f08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781950
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
426 B

31ms
31ms

Image
image/gif

20.36.253.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4327%26IR%3D1%26EX%3D0%26L.h%3D1911%26L.bc%3D1924%26L.ac%3D1924%26L.f%3D1935%26L.sjs%3D4253%26L.ttg%3D3513%26C.st%3D1650545448839%26N.jsPlt%3D2873%26N.domIn%3D1935%26N.dns%3D124%26N.tcp%3D39%26N.req%3D1598%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.3080125256734487&ctsa=mr&CtsSyncId=A1B430E026C94059A5EC2C4B2D0953E6&MUID=11DED5215172605C17A6C4AC557264D4
Protocol: H2
Server: 20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 12:50:52 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 12:50:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 207AEE84EA394167827638ED78B2381C Ref B: YTO01EDGE0412 Ref C: 2022-04-21T12:50:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=87b9174e-4cec-4573-9fe8-93d51dccef7f&reqid=001c0aae4f7&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA70FA0%26MA%3Den-CA%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4327%26IR%3D1%26EX%3D0%26L.h%3D1911%26L.bc%3D1924%26L.ac%3D1924%26L.f%3D1935%26L.sjs%3D4253%26L.ttg%3D3513%26C.st%3D1650545448839%26N.jsPlt%3D2873%26N.domIn%3D1935%26N.dns%3D124%26N.tcp%3D39%26N.req%3D1598%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.3080125256734487&ctsa=mr&CtsSyncId=A1B430E026C94059A5EC2C4B2D0953E6&MUID=11DED5215172605C17A6C4AC557264D4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/ Frame 7BAD 74 KB
23 KB 19ms
19ms Script
application/javascript 2600:1400:d:583::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:583::1c24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f4bff4735353d81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15211.41000
x-officefe: BL6PEPF0000E9D7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23057
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 18 Apr 2022 18:38:10 GMT
x-officefd: BL6PEPF0000E9D7
x-msedge-ref: Ref A: C92C20F6FB824EA0B4D9DBBD426E46BF Ref B: BLUEDGE1509 Ref C: 2022-04-18T18:38:09Z
x-usersessionid: 571ed2ca-8d21-4e8b-a200-0167f015f815
date: Thu, 21 Apr 2022 12:50:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 571ed2ca-8d21-4e8b-a200-0167f015f815
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 7BAD 17 KB
17 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88

Request headers

Referer
Origin: https://word-view.officeapps.live.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1650545453264
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1650545453&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

189ms
56ms

Image
text/html

40.126.24.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1650545453&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.24.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: CH01PF3D3BE596C
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.891.405.2005
date: Thu, 21 Apr 2022 12:50:53 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1650545453&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: QdrivbPZ8k+R9lG5BvVm1A.0
content-length: 0
x-errorcodechain: Unauthenticated

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
396 B 79ms
79ms XHR
application/json 20.189.173.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 12:50:53 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 26
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H3-Q050 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 8 KB
2 KB 21ms
20ms Stylesheet
text/css 23.50.53.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-53-184.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 12:50:53 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA030095CA6455
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e83b60cd-201e-0066-2786-357f08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=27781950
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 7BAD 0
542 B 241ms
241ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15213.41023&waccluster=PUS3

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: BN3PEPF000020B5
accept-language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.15213.41023
X-Key: /VlUZurbTLMk3wE8tPeJ67jJFYhJpNnWCmg+ny71Z3U=,637861422510521877
X-bULS-SuppressionETag: 6C1139DD5A0A78408103B6543CCEBA76871E3829
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp-hGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V-wFUX86vHYG_01WnbiOEc_UjMK4Pj4AG7_z0Yqo7ylhnRp0FI
X-UserSessionId: 3b583550-f2f0-4d4e-a77f-36e96ef38440
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-CA&rs=en-US&hid=A7FUYYyJsUydRZXeX%2F7AFw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4DAFE66015F06FAC!2433&wde=docx&sc=host%3D%26qt%3DDefault&wdp=3&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=3b583550-f2f0-4d4e-a77f-36e96ef38440&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&newsession=1&sftc=1&readonly=1&wdorigin=Unknown&wdredirectionreason=Unified_ViewActionUrl
X-UserType: WOPI
X-AccessTokenTtl: 1652359850507
X-WacCluster: PUS3

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15219.41000
x-officefe: BL6PEPF0000BAE3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 6C1139DD5A0A78408103B6543CCEBA76871E3829
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: ee55f726-a12f-4edb-849c-c401930579ff
x-officefd: BL6PEPF0000BAE3
x-usersessionid: 3b583550-f2f0-4d4e-a77f-36e96ef38440
date: Thu, 21 Apr 2022 12:50:54 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 61FF763C5E0147F0828249D10827EAD0 Ref B: EWR311000101051 Ref C: 2022-04-21T12:50:53Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 7BAD 0
396 B 234ms
234ms XHR
application/json 20.189.173.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 12:50:55 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 39
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 7BAD 24 B
430 B 153ms
39ms XHR
application/json 13.89.179.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045,7e7959aac92e41d6892c69a87259ed58-de5c63ef-10f5-45e1-bef2-d23e9cac2fab-6830&upload-time=1650545455220&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.179.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Apr 2022 12:50:54 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 125
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 7BAD 0
396 B 137ms
79ms XHR
application/json 20.189.173.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1650545455258&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 12:50:55 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 95
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 7BAD 24 B
430 B 52ms
52ms XHR
application/json 13.89.179.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.9&apikey=b0c82c6598ad49f3848b1d3dc0d8dd25-299cbfe9-b72e-4e9d-a5e3-20319efba5b5-7268&upload-time=1650545455305&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161521341023_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.179.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f

Request headers

cache-control: no-cache, no-store
Referer: https://word-view.officeapps.live.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/x-json-stream

Response headers

Date: Thu, 21 Apr 2022 12:50:54 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 197
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 173ms
173ms Preflight 13.89.179.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.9&apikey=b0c82c6598ad49f3848b1d3dc0d8dd25-299cbfe9-b72e-4e9d-a5e3-20319efba5b5-7268&upload-time=1650545455305&time-delta-to-apply-millis=use-collector-delta&w=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.179.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Thu, 21 Apr 2022 12:50:54 GMT
Server: Microsoft-HTTPAPI/2.0

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: xid Value: 87b9174e-4cec-4573-9fe8-93d51dccef7f&&RD0004FFA70FA0&149
.live.com/	1970-01-20 02:39:10	Name: wla42 Value:
.live.com/	1970-01-20 11:13:55	Name: mkt Value: en-CA
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2
.live.com/	1969-12-31 23:59:59	Name: E Value: P:tBBokJUj2og=:eV/sVSjpX/cih2jDvPHEAsA2Y8A35KnFXVSPibP0J0E=:F
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryDeviceId Value: c9a23497-070e-cde0-22fa-13b4358d7ead
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1650545450772
word-view.officeapps.live.com/	1970-01-20 04:40:07	Name: DcLcid Value: ui=1033&data=1033
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1650545452609_0.066235176891144
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-20 11:50:41	Name: MUID Value: 11DED5215172605C17A6C4AC557264D4
.bing.com/	1970-01-20 11:50:41	Name: MUID Value: 11DED5215172605C17A6C4AC557264D4
.c.bing.com/	1970-01-20 02:39:10	Name: MR Value: 0
.c.bing.com/	1970-01-20 11:50:41	Name: SRM_B Value: 11DED5215172605C17A6C4AC557264D4
.c.bing.com/	1970-01-20 11:50:41	Name: SRM_L Value: 11DED5215172605C17A6C4AC557264D4
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 11:50:41	Name: SRM_L Value: 11DED5215172605C17A6C4AC557264D4
.c.live.com/	1970-01-20 02:39:10	Name: MR Value: 0
.c.live.com/	1970-01-20 02:29:06	Name: ANONCHK Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 55d68d3f8e1e411d863774ef3b220ffe
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1650545453&co=1
.login.live.com/	1970-01-20 11:50:41	Name: MSCC Value: 149.56.153.188-MY
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DQ7jVZphmJGZvACAYP3yp91vqmpTVr9U8fGR73ZQOSw!1G7I1a6P9Hm!N2S1KNDbPifHVP8mWxAijRvpbwkOL8QoIx16wyQhPxEBPbC6KjVYAeVdEUNhswidkF0viQWhxld3NobQA6zY!HtBKyQWk2YnavkYeF5fPbFafHNEGYAzUgoeLouYCbY4oq7EMRRCsPwnlTqLJv6RjBKRw20Qxxw81cmM4kjvJJarhNLIOdBYFq1hHEl6pAju72c4yEshXewTSwc2Z!qTrLafXL8xTYrSd0RUalf9hxl82LUVnI6uTo1iAyNn!t1f1pAAMOjNjnfbB6w1u!BwRACLZr7WPbbofLmk3gxFO5vHL1Fz8c6Ma8nOCZdFywLpVchYk3rWqcg2TRa!13EXRURkD!UCfAs4f50oWXGwrteF0dJ5SJ5zArheX5zVjvS4XgNWRIRXVFP8rQOFdAvg*QjBxs3X9Vv1jAiwUe7FFzHXveSU
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-2795a25b-bd92-40d3-9d0e-c3ae8857a547

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4DAFE66015F06FAC%212433&access_token=4wFxutVyQYwshTR4EyaLqyNm81b8YcHHEdb9Nd1UYal1PHWSjWrTKQp%2DhGbXUe2V89IEK85kyt2vsRkpHD3ntiYuaylTpcmaw8WoBXHpVbD1HePyH9BDOgSPZw7V%2DwFUX86vHYG%5F01WnbiOEc%5FUjMK4Pj4AG7%5Fz0Yqo7ylhnRp0FI&access_token_ttl=1652359850507&z=aNERBRkU2NjAxNUYwNkZBQyEyNDMzLjIw&v=00000000-0000-0000-0000-000000000802&usid=3b583550-f2f0-4d4e-a77f-36e96ef38440&splashscreen=1&build=16.0.15213.41023&waccluster=PUS3 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-word-view-15.cdn.office.net
c1h-word-view-15.cdn.office.net
js.live.net
login.live.com
messaging.office.com
onedrive.live.com
p.sfx.ms
shell.cdn.office.net
spoprod-a.akamaihd.net
static2.sharepointonline.com
storage.live.com
word-view.officeapps.live.com
104.71.185.148
13.105.28.18
13.107.42.13
13.89.179.9
20.189.173.1
20.36.253.92
23.217.44.136
23.50.53.184
2600:1400:d:583::1c24
2600:1400:d:593::4b36
2600:1400:d:5ac::4b36
2620:1ec:49::40
2620:1ec:a92::171
2620:1ec:c11::200
40.112.57.76
40.126.24.146
52.109.6.39
036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88
039326dd4255b863cfe6516c125605194272395b4ae69fe5abdbd8f5ff234187
05fc8cc1fb1a50ff10607fa116f3ab4549b864a37581e347a72002ad26d33bbd
066670f0c5b6473618f1171133818b8483fb6c4de676af915921c83a05783e58
09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981
0e02eadc4381036e40c43626eab409c72fc145e8a1ad2a1a2a2ea04970b108d4
125b04041f0210bab5ca2bc7d30298b26f571ec20fbef6e7c58bb0d1a1bff380
17325b8eb1863a5d13c610c045400e9a93c92acb71cce8636e9cdd625d0119d2
1ee76ba1e2059f5f369cdaeebb38dc0fbbb643168eb5ebb20869afd2f86efa9c
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
267c622f712e3d6f38e3eff4f0af3822ed52eadb45906df72c7af3637f37eddd
276e1c617442f43dc578ce2c9fa188a1d2ce23ea4480b4a1b08040775cbbe731
28f6463a421d327367ead94f3f1dcbf5b282fb0fc306095a23f5de772203e7a6
2e458b97b1ff9120139084ae85b986ec98213fb8ea73a53cab99fa2a5523ecf1
2f27f273c5c46575edaec65046e64f256ef792b9037252a6566f3b8f34cdbf69
3847e37e2b5cf45ccc475c823f4265916889f41caa98f66205b6482b7a5916bc
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0
410bba5bbe14d6e1a1372313a32663fa3dfc7b98885449ec7e57c5b435c3ade8
49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
59e1ecc15f7639121d99a75dce05be39a43630398ff19de0258b0f5e1cfcbdb1
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a
65995e576743c3415521ccfc2bbe0695d31a81f5d8204d3f5fbabfd58475d90c
6e2237b9c2be0a5c83fb5488b43cc0a735414e5a4aa12e5dc24787f14ce288b1
7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
7dcf543de2492ed4293798253b866897ee552bf4e936cc33d5fb46fca491f19a
80556590b8d2e8016aa778cbbd4f51db0e1d2f049e3cf11994eb59bb6f2e2284
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
8f29baa489f5212793aebf90cb59c718285394bdb3acfc9134f5cb25e8ee45b1
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
aac238c6ea869a1e5a5d3823fd953ea5a67c2da4cf9dea382a0b85582508eeb6
ab92b478250741085d01f6a53177c0145dc906a4ea04dd7277411869c1ffd425
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
ba648258d7f22f22cdf6fc29b256b64f32ade2017f64b414db3390615f973be3
bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff
bd12fc869e0d4f2e10d2f377bf42f8ebcc667345cb74a0516247fdb123bc58da
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0d36ad8a16b1901c9bfc79a568e16ec683b9728ed09afb57c91d76923894912
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c949982df7b0a15866feaa71641d1dd64f0bd6415013cbff9a5bf2a61d65b33c
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2
d1a27b46e85786fa59850d7074bf7ee11d9876bf21337f2b0c32a02eef2a3680
d1f94f985844acf57ce7d417a257ac5b8080e4ca11c4bd845d79a2085b784b59
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b420949aa98af0497a1bc71f1879a0a2d09cc999c9f6e5b7d3b0a75d11897d
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f
facc0385d6ede98b462dd35de458558af0b5841e9fa10de5fdb5defb670178e8

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

97 %HTTPS

35 %IPv6

10 Domains

17 Subdomains

16 IPs

1 Countries

3137 kBTransfer

14677 kBSize

25 Cookies

1 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

97 %
HTTPS

35 %
IPv6

10
Domains

17
Subdomains

16
IPs

1
Countries

3137 kB
Transfer

14677 kB
Size

25
Cookies

88 HTTP transactions
2 data transactions