onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u106573.ct.sendgrid.net/ls/click?upn=Wqxa9RSXB30-2FdA-2F7WKf1TpqPSWkDMV5jzyRVKS18rT9ZecWtG6dNw4fprR3OpTWwkm-2FPruitO580B...
Effective URL:
https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Submission Tags: falconsandbox
Submission: On January 28 via api (January 28th 2021, 5:50:48 am UTC) from US

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 49 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on October 13th 2020. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
2	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	2a02:26f0:fe0... 2a02:26f0:fe00:4ae::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.109.124.71 52.109.124.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.108.35.184 104.108.35.184	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.114.128.10 52.114.128.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.114.75.149 52.114.75.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
49	9

1 167.89.118.28 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u106573.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:fe00:4ae::1c24 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

c3-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.124.71 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.35.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-35-184.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.114.128.10 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.114.75.149 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	office.net c3-word-view-15.cdn.office.net	838 KB
17	live.com onedrive.live.com word-view.officeapps.live.com	335 KB
8	akamaihd.net spoprod-a.akamaihd.net	395 KB
3	microsoft.com browser.events.data.microsoft.com browser.pipe.aria.microsoft.com	1 KB
2	office.com messaging.office.com	3 KB
1	live.net js.live.net	16 KB
1	sendgrid.net 1 redirects u106573.ct.sendgrid.net	314 B
49	7

	Domain	Requested by
17	c3-word-view-15.cdn.office.net	word-view.officeapps.live.com c3-word-view-15.cdn.office.net
15	word-view.officeapps.live.com	word-view.officeapps.live.com c3-word-view-15.cdn.office.net
8	spoprod-a.akamaihd.net	onedrive.live.com
2	browser.events.data.microsoft.com	c3-word-view-15.cdn.office.net
2	messaging.office.com	c3-word-view-15.cdn.office.net
2	onedrive.live.com	onedrive.live.com
1	browser.pipe.aria.microsoft.com	c3-word-view-15.cdn.office.net
1	js.live.net	c3-word-view-15.cdn.office.net
1	u106573.ct.sendgrid.net	1 redirects
49	9

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2020-10-13` - `2021-10-13`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
officeapps.live.com Microsoft RSA TLS CA 01	`2020-12-08` - `2021-12-08`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 02	`2021-01-26` - `2022-01-26`	a year	crt.sh
messaging.office.com Microsoft RSA TLS CA 02	`2020-10-01` - `2021-10-01`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 02	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Frame ID: 809B0239CBFC945BA71E24A95D54D72D
Requests: 11 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: E17504A22916809C8738F952EA727757
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u106573.ct.sendgrid.net/ls/click?upn=Wqxa9RSXB30-2FdA-2F7WKf1TpqPSWkDMV5jzyRVKS18rT9ZecWtG6dNw4fprR3... HTTP 302
https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ... Page URL

Page Statistics

49
Requests

98 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

1622 kB
Transfer

5984 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u106573.ct.sendgrid.net/ls/click?upn=Wqxa9RSXB30-2FdA-2F7WKf1TpqPSWkDMV5jzyRVKS18rT9ZecWtG6dNw4fprR3OpTWwkm-2FPruitO580BhgmmudjOoUWavf-2BETLGYirjdxctL2fam-2FDxgZ2mNZkpsUUWFVogKKY-2FEffDuOSu0Ev3kx9lNPkdQWt-2FmVB-2Brud1-2BaFphBA-3DSOYo_18RU-2Fxi03MMi1j2ouOMeUxFFIRGA6anggl7y2r7SdZPSTx2te4Rw6YChVt4DaSP65Txyhcbe1h9-2BFvJ3vxXYruFLK4hnKU6wg6Q1WVd54psEUPSTZuu6x6cXGMiNNQ4epeZXaFHX2tM56I8mmecukwFM4c8-2FtkbXraofaH9a9Ge5SnBlOOpLdzoTibe9fsCcyQSSZ4WafV-2BtQSu4kS-2FsT6ZBmYXc035QgmbCz6Gy3lo-3D HTTP 302
https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request embed Show response
onedrive.live.com/
Redirect Chain

https://u106573.ct.sendgrid.net/ls/click?upn=Wqxa9RSXB30-2FdA-2F7WKf1TpqPSWkDMV5jzyRVKS18rT9ZecWtG6dNw4fprR3OpTWwkm-2FPruitO580BhgmmudjOoUWavf-2BETLGYirjdxctL2fam-2FDxgZ2mNZkpsUUWFVogKKY-2FEffDuOSu...
https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2

60 KB
21 KB

753ms
734ms

Document
text/html

13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dafb9913260ef4f009aebffd9c1aef96651386a1b60ffb22614fd368781a5f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:eoIJnVDD2Ig=:89cP6kmJtgFzhiccADXnPmYfA7XtqhJd1asDzO4QXjk=:F; domain=.live.com; path=/ xid=37ac7d3c-df17-4edd-a2af-07f839602b54&&RD00155D74DDAD&60; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 28-Jan-2021 04:10:27 GMT; path=/ wla42=; domain=live.com; expires=Thu, 04-Feb-2021 05:50:27 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D74DDAD
x-odwebserver: northcentralus1-odwebpl
x-msedge-ref: Ref A: 7001D028912046F69F6A82E80B7E2C5D Ref B: FRAEDGE1212 Ref C: 2021-01-28T05:50:27Z
date: Thu, 28 Jan 2021 05:50:27 GMT

Redirect headers

Server: nginx
Date: Thu, 28 Jan 2021 05:50:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 145
Connection: keep-alive
Location: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
X-Robots-Tag: noindex, nofollow

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 77ms
19ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:27 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=10485401
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 82ms
24ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:27 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=28231777
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 123 KB
93 KB 87ms
29ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//wlx_fonts-c7993ded.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:27 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5410A12E4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f3dbb10f-301e-011c-1ed8-eb8390000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=3874908
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame E175 105 KB
108 KB 114ms
80ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2a739c343cb5bf4a747dffa52dc3af251c7afb6efdc23dcbfb8f6288025d0d96

Security Headers

Name	Value
Content-Security-Policy	font-src data: c3-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c3-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com c3-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .blob.core.windows.net content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c3-word-view-15.cdn.office.net c3-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' https:; child-src blob: ms-word: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: word-view.officeapps.live.com
:scheme: https
:path: /wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=P:eoIJnVDD2Ig=:89cP6kmJtgFzhiccADXnPmYfA7XtqhJd1asDzO4QXjk=:F; xid=37ac7d3c-df17-4edd-a2af-07f839602b54&&RD00155D74DDAD&60; xidseq=1; wla42=
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Wed, 28-Apr-2021 04:50:28 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure SNL1-ARRAffinity=fe43b07dd79182baa252c3f8a3c088e349b6cfe3822d7cd3cf5925de728a402a;Path=/;Domain=word-view.officeapps.live.com; samesite=none; secure
x-correlationid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: AvxG9KeMb6+HiIOz3CmvLJiohBDUNCE9fo68Np/lEskeWCn/SfhlwRMLn8ufIkhtKlLfLBeVekcEblw0JI36BgMAAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTYxNDEyNDc5OSwiaXNTdWJkb21haW4iOnRydWV9 Au4zhK5JVMb0jrGWoC/nSFX17KhgFgS9nCdRcMtWy7tARQA0jPaVfF3zzCT4DaZq4448HkzVzqI80llMvhQrbA4AAAB2eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJFeHBlcmltZW50YWxKU1Byb2ZpbGVyIiwiZXhwaXJ5IjoxNjEzMzkzNTg3fQ== Arrz952Yxnelyt7ahmUhv/aFLxoVtZgV2sT0LiYNhRgGugeJ8zwea4uy5Wo6TS1LzTpZWx8roBGDr6QYEcWWZgkAAACAeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjA1MDUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
x-officefe: AM4PEPF00006050
x-officeversion: 16.0.13725.41017
x-officecluster: SNL1
x-content-type-options: nosniff
content-security-policy: font-src data: c3-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c3-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com c3-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.blob.core.windows.net content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c3-word-view-15.cdn.office.net c3-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src blob: ms-word: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
report-to: { group: 'coep_report', max_age: 86400, endpoints: [{ url: '/wv/reportcoep.ashx'}]},{ group: 'coop_report', max_age: 86400, endpoints: [{ url: '/wv/reportcoop.ashx'}]}
cross-origin-opener-policy-report-only: same-origin; report-to='coop_report'
cross-origin-embedder-policy-report-only: require-corp; report-to='coep_report'
x-officefd: AM4PEPF00006A3E
x-msedge-features: typeheadertest,afd_wordslice,afd_visioslice
x-msedge-ref: Ref A: E5812C5441C240A8AF7FDDAD65F7E258 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
date: Thu, 28 Jan 2021 05:50:27 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 19ms
18ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:28 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=23567281
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 20ms
20ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:28 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=15286644
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 621444729b901edd79a8ac4fd06bb553901fdf84b7be631b7e1efbf31037b13c

Request headers

Origin: https://onedrive.live.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 21ms
20ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:28 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=27851292
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 21ms
21ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:28 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=30134364
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 23ms
23ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Jan 2021 05:50:28 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=10476797
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK WordViewer.css
c3-word-view-15.cdn.office.net/wv/s/h6791BDF19DBA2DBF_resources/1033/ Frame E175 221 KB
40 KB 65ms
13ms Stylesheet
text/css 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/h6791BDF19DBA2DBF_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6791bdf19dba2dbfe8a19b56d5f6eff94d3c6631f12228a8e90a84533eddfcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "e4e4724e33ebd61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13713.41009
X-OfficeFE: AM4PEPF00006050
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 40018
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Fri, 15 Jan 2021 11:41:04 GMT
X-OFFICEFD: AM4PEPF00006A3E
X-MSEdge-Ref: Ref A: 3C8F96F0DB9643C48946CCCB9EF7C1FB Ref B: AMS04EDGE0316 Ref C: 2021-01-18T07:08:27Z
X-UserSessionId: 8a05c051-0ea8-49ee-875a-d546365e4ced
Date: Thu, 28 Jan 2021 05:50:28 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 8a05c051-0ea8-49ee-875a-d546365e4ced
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjaxDS.js Show response
c3-word-view-15.cdn.office.net/wv/s/h435E809AF5325769_App_Scripts/ Frame E175 103 KB
23 KB 65ms
14ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/h435E809AF5325769_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

435e809af53257690e081a7c15142c287dd53a1056bfc2cddf24e245d3ab0ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "6186d483b1f0d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006051
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 23030
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Fri, 22 Jan 2021 11:27:06 GMT
X-OFFICEFD: AM4PEPF00006A3E
X-MSEdge-Ref: Ref A: 854BE47274F24732863135A23C47C415 Ref B: AM3EDGE0814 Ref C: 2021-01-22T11:30:30Z
X-UserSessionId: 8f9b6fbe-43ea-4b8b-b5d4-99d18b899d61
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8f9b6fbe-43ea-4b8b-b5d4-99d18b899d61
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c3-word-view-15.cdn.office.net/wv/s/h4CD18B2E8F34DF84_App_Scripts/1033/ Frame E175 95 KB
29 KB 62ms
14ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/h4CD18B2E8F34DF84_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4cd18b2e8f34df84ebe55c7fc9b48ad1bf808ebe39fe717bc7622845ff75de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "36b5fdadb2f0d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13719.41018
X-OfficeFE: AM4PEPF00006A75
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 28768
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visioslice,afd_wordcapacity_2,afd_pptcapacity_control
Last-Modified: Fri, 22 Jan 2021 11:35:26 GMT
X-OFFICEFD: AM4PEPF00006036
X-MSEdge-Ref: Ref A: 8D91012129F8451B948BD42681DFF3F8 Ref B: AMS04EDGE0715 Ref C: 2021-01-22T11:35:52Z
X-UserSessionId: a22e495e-8424-42f9-9162-7bfd1a203b71
Date: Thu, 28 Jan 2021 05:50:28 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a22e495e-8424-42f9-9162-7bfd1a203b71
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c3-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame E175 6 KB
2 KB 61ms
13ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "9a30c0ab4cebd61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13713.41009
X-OfficeFE: AM4PEPF00006A6F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Fri, 15 Jan 2021 14:42:38 GMT
X-OFFICEFD: AM4PEPF00006A3E
X-MSEdge-Ref: Ref A: 9FC57038415243CE992881142BB8DEB2 Ref B: AMS04EDGE0714 Ref C: 2021-01-19T18:44:17Z
X-UserSessionId: 4f45d375-3447-4f9e-b825-7abc6763a66c
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4f45d375-3447-4f9e-b825-7abc6763a66c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c3-word-view-15.cdn.office.net/wv/s/h1479B52BACE821FC_App_Scripts/1033/ Frame E175 19 KB
4 KB 63ms
14ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/h1479B52BACE821FC_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1479b52bace821fc604e7ded0f67b139808c4fe3fc21623c3cbe420e092ecc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "47fdf013a2eed61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13713.41009
X-OfficeFE: AM4PEPF00006A75
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3310
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 19 Jan 2021 20:31:34 GMT
X-OFFICEFD: AM4PEPF00006036
X-MSEdge-Ref: Ref A: D5100A8728FB467CA430255EE804B3EE Ref B: LON21EDGE1218 Ref C: 2021-01-19T22:23:06Z
X-UserSessionId: 1d65e042-c94f-4022-8310-a91a4377ad7a
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1d65e042-c94f-4022-8310-a91a4377ad7a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerDS.js Show response
c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/ Frame E175 2 MB
412 KB 67ms
15ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe0b15eddb049445fe8dbc574978bf12af311034c3309c0ec80019c101ae14e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "eb294fe7b1f0d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13719.41018
X-OfficeFE: AM4PEPF00006A6F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 421417
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_2_control
Last-Modified: Fri, 22 Jan 2021 11:29:53 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: 6FC42096101346FC90186DEC66A57512 Ref B: AM3EDGE0118 Ref C: 2021-01-22T11:30:30Z
X-UserSessionId: 5bb61638-4073-438b-9fb1-ee97baa7c0aa
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5bb61638-4073-438b-9fb1-ee97baa7c0aa
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
361 B 23ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13725.41017&waccluster=SNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_wordcapacity
x-correlationid: 6ec44f8c-a6bf-4683-8420-a28eeda82cd1
x-officefd: AM4PEPF00006A40
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:27 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C6B1683DA9A24685A2C5CF57E6EB3048 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
331 B 22ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13725.41017&waccluster=SNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":99,"Value":"https://c3-word-view-15.cdn.office.net:443/wv/s/h6791BDF19DBA2DBF_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: b7462d99-cc99-4810-a75d-6186b5bfb45f
x-officefd: AM4PEPF00006036
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:27 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 46ECBF0BA9534F0F8EF4F2422D04ECEB Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame E175 61 KB
62 KB 909ms
909ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427812&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA&v=00000000-0000-0000-0000-000000000802&usid=8223c7ed-a45d-426b-b1e4-064fb0ea0c82&splashscreen=1&build=16.0.13725.41017&PdfMode=1&waccluster=SNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b2d75e97905c1d80049839f252c3e9828f375677860c538aa47ea51da3af539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 62454
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427812&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA00000000-0000-0000-0000-000000000802p1.img"
x-msedge-features: typeheadertest,afd_wordcapacity_2
x-correlationid: 81a583d6-fbf1-4d09-8869-38b6b6188504
x-officefd: AM4PEPF00006036
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 43B4C96FDA854DFABE928CC0454CD7E5 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *
expires: Fri, 28 Jan 2022 05:50:29 GMT

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
338 B 31ms
30ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068C1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00008361
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest,afd_excelslice,afd_visioslice_control
x-correlationid: 448e378d-3ef3-42a7-be09-c0854947d927
x-officecluster: PNL1
x-usersessionid: 448e378d-3ef3-42a7-be09-c0854947d927
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: ADA053DD49EA467C9A2954052C363F96 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
394 B 24ms
24ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068BC
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006A28
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: df7d76a0-f939-409d-b809-9e6b3baa2ec1
x-officecluster: PNL1
x-usersessionid: df7d76a0-f939-409d-b809-9e6b3baa2ec1
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 7BD0B314CEA8493E99E09233F059486D Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
158 B 24ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13725.41017&waccluster=SNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":532,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: 6b528114-e2a7-4067-97c6-dcdb3e142a3a
x-officefd: AM4PEPF00006036
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 14291DA83E6B427F8BF7AD38624E6D00 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
346 B 50ms
49ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF00008D16
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006A1A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest,afd_visioslice_control,afd_wordcapacity_2_control
x-correlationid: 68208178-ebf9-4462-9b23-9787fcdc4060
x-officecluster: PNL1
x-usersessionid: 68208178-ebf9-4462-9b23-9787fcdc4060
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 1BD5169D7543488DBC06CA520654CA10 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *

GET
H/1.1 200
OK segoeui.woff
c3-word-view-15.cdn.office.net/wv/s/h6791BDF19DBA2DBF_resources/1033/ Frame E175 22 KB
23 KB 15ms
14ms Font
font/x-woff 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/h6791BDF19DBA2DBF_resources/1033/segoeui.woff

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/h6791BDF19DBA2DBF_resources/1033/WordViewer.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://c3-word-view-15.cdn.office.net/wv/s/h6791BDF19DBA2DBF_resources/1033/WordViewer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "f97e33cc4febd61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13713.41009
X-OfficeFE: AM4PEPF00006A73
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Fri, 15 Jan 2021 15:05:01 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: 46C72E21FCC44869A197CF50BFFE86E8 Ref B: AMS04EDGE0817 Ref C: 2021-01-18T06:49:36Z
X-UserSessionId: f1fab4f9-5f73-41e8-97af-dcbbbd5a320f
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: f1fab4f9-5f73-41e8-97af-dcbbbd5a320f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 356 B
609 B 716ms
716ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427812&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA&type=png&o15=1&ui=en-US&PdfMode=1

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/h435E809AF5325769_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c7c67f3b5c549fdaa81e2f61775e19f0cd0f39378b9d6b3be4321e110ba1d48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00006050
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
X-OfficeVersion: 16.0.13725.41017
X-Key: syabDSPoeVeZTBfRq3t/S63q4HDufNywBkK8bW0MXvc=,637474098281319933
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: SNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 352
x-msedge-features: typeheadertest
x-correlationid: 507df161-ba8b-4818-aa0c-f17decc964aa
x-officefd: AM4PEPF00006A3F
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 5C29EF231B544C9D989F310B41CF9E9B Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:28Z
timing-allow-origin: *
expires: Fri, 28 Jan 2022 05:50:29 GMT

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/ Frame E175 40 KB
7 KB 15ms
15ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"4a3d1f2bfbf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006052
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control
Last-Modified: Tue, 26 Jan 2021 15:51:53 GMT
X-OFFICEFD: AM4PEPF00006A3F
X-MSEdge-Ref: Ref A: E303AE35BC864FECAEE9EE509DDBBDD5 Ref B: LON21EDGE0711 Ref C: 2021-01-26T15:51:53Z
X-UserSessionId: b3d1e89b-e400-4e7b-ac1a-bacb445a37c4
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b3d1e89b-e400-4e7b-ac1a-bacb445a37c4
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c3-word-view-15.cdn.office.net/wv/s/161372541017_resources/1033/ Frame E175 6 KB
7 KB 14ms
13ms Image
image/png 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_resources/1033/wapsw.png?b=1601372541017

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "a7f9a1c92f4d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006A6F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Tue, 26 Jan 2021 16:46:26 GMT
X-OFFICEFD: AM4PEPF00006A3F
X-MSEdge-Ref: Ref A: D1BD12FB28F34D3899EFFD41F5E78C06 Ref B: AM3EDGE0905 Ref C: 2021-01-26T18:05:30Z
X-UserSessionId: 1120ebae-e80c-49a8-8d74-9c18b90e35a3
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 1120ebae-e80c-49a8-8d74-9c18b90e35a3
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c3-word-view-15.cdn.office.net/wv/s/161372541017_resources/1033/ Frame E175 34 KB
35 KB 28ms
14ms Image
image/png 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_resources/1033/wv.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "cfd0748fbf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006A6F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 35196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control,afd_pptcapacity_control
Last-Modified: Tue, 26 Jan 2021 15:52:42 GMT
X-OFFICEFD: AM4PEPF00006A40
X-MSEdge-Ref: Ref A: 3686F2D2077B47A9B6289FE28CA168C0 Ref B: LON21EDGE0519 Ref C: 2021-01-26T15:57:34Z
X-UserSessionId: 7fcf0df2-3772-4d49-98ad-f61da1ee34e0
Date: Thu, 28 Jan 2021 05:50:28 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 7fcf0df2-3772-4d49-98ad-f61da1ee34e0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 8c66df5e-0042-44a5-b486-ac4307665a31
https://word-view.officeapps.live.com/ Frame E175 224 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/8c66df5e-0042-44a5-b486-ac4307665a31
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d121efb30d3cde7cdf0b787234330ba3ba77ec1a03aa181c05093f430029283e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
289 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13725.41017&waccluster=SNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1291,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: a0f14727-3890-4890-8ad0-00e2afe36ab5
x-officefd: AM4PEPF00006A40
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 972D3AD692FD49A1BC9EB38E62FDC79E Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:29Z
timing-allow-origin: *

GET
H/1.1 200
OK WordViewerDS.common.js Show response
c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/ Frame E175 195 KB
36 KB 15ms
15ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.common.js

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

17325d48ee7df3ff26256f4af51a93050fda513369776706bd06bc795013054b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8e9e33feb1f0d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13719.41018
X-OfficeFE: AM4PEPF00006A6F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 36211
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordslice_control
Last-Modified: Fri, 22 Jan 2021 11:30:31 GMT
X-OFFICEFD: AM4PEPF00006037
X-MSEdge-Ref: Ref A: 16F7CFFE63824D7C9CEF1EB72BA26FA1 Ref B: AM3EDGE1009 Ref C: 2021-01-22T11:30:31Z
X-UserSessionId: 194cb752-bbde-45e3-acbb-fc8a303a87d3
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 194cb752-bbde-45e3-acbb-fc8a303a87d3
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerDS.dll1.js Show response
c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/ Frame E175 569 KB
95 KB 15ms
15ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

99dda252d47b17325eeec8605e60065d57f5cc644022f7ff68488f7198b9ad6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "26a79ce8b1f0d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13719.41018
X-OfficeFE: AM4PEPF00006052
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 96241
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_2
Last-Modified: Fri, 22 Jan 2021 11:29:55 GMT
X-OFFICEFD: AM4PEPF00006A3E
X-MSEdge-Ref: Ref A: 9FDD2F8269084239A113D70157E26CB2 Ref B: AM3EDGE0921 Ref C: 2021-01-22T11:30:31Z
X-UserSessionId: 378eedaf-06e3-4f57-8f58-7fda7327e2c3
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 378eedaf-06e3-4f57-8f58-7fda7327e2c3
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/ Frame E175 435 KB
85 KB 15ms
14ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b8baea0a6d89b8d50d45bebf40c48bfc26c74d9fe773fff8429c8ca09c864eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "4d1f2aa2faf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13725.41017
X-OfficeFE: AM4PEPF00006051
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 86169
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control
Last-Modified: Tue, 26 Jan 2021 15:48:04 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: 0D69DB8EF6864CCF9CBFC315A830BB30 Ref B: LON21EDGE0511 Ref C: 2021-01-26T15:56:24Z
X-UserSessionId: a6797803-c5d5-42ab-8fb6-9933da9e1340
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a6797803-c5d5-42ab-8fb6-9933da9e1340
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c3-word-view-15.cdn.office.net/wv/s/161372541017_resources/1033/ Frame E175 695 B
2 KB 14ms
13ms Image
image/gif 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_resources/1033/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "de44bb75fbf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006A6F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_powerpointslice,afd_visioslice,afd_pptcapacity
Last-Modified: Tue, 26 Jan 2021 15:53:59 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: 83D77FF8C9B242F7925068F93D545686 Ref B: LON21EDGE1008 Ref C: 2021-01-26T16:01:31Z
X-UserSessionId: 150873fd-bb92-4959-a3e4-9213ccf7bb07
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 150873fd-bb92-4959-a3e4-9213ccf7bb07
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame E175 61 KB
62 KB 167ms
167ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=8223c7ed-a45d-426b-b1e4-064fb0ea0c82&build=16.0.13725.41017&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w-IzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n_0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE_1DzDgmqFUT2LFeAZg-QVn_-0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427949&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA&waccluster=SNL1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b2d75e97905c1d80049839f252c3e9828f375677860c538aa47ea51da3af539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 62454
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427949&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA00000000-0000-0000-0000-000000000802p1.img"
x-msedge-features: typeheadertest
x-correlationid: 491928e7-f570-4565-be18-a886fb5da651
x-officefd: AM4PEPF00006036
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: C76DB0ABE3784120A48E0DFA8F55192C Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:29Z
timing-allow-origin: *
expires: Fri, 28 Jan 2022 05:50:29 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 880 B
1 KB 31ms
28ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=8223c7ed-a45d-426b-b1e4-064fb0ea0c82&build=16.0.13725.41017&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427812&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA&waccluster=SNL1&PdfMode=1

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/h435E809AF5325769_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a35f18d84f7e9f17733ce2a2ccd0cec4ff8819e8a219c3b27431da4f4e8b00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00006050
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
X-OfficeVersion: 16.0.13725.41017
X-Key: syabDSPoeVeZTBfRq3t/S63q4HDufNywBkK8bW0MXvc=,637474098281319933
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: SNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 549
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427812&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA00000000-0000-0000-0000-000000000802p_1_10.xml"
x-msedge-features: typeheadertest,afd_wordslice_control,afd_wordcapacity_2
x-correlationid: 1937885b-d0c7-469c-9afe-f37e9fde6807
x-officefd: AM4PEPF00006A3E
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:28 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 08CCAF2981EA49B4B051F3651FF6AED4 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:29Z
timing-allow-origin: *
expires: Fri, 28 Jan 2022 05:50:29 GMT

GET
H/1.1 200
OK officebrowserfeedback.css
c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/ Frame E175 17 KB
3 KB 13ms
13ms Stylesheet
text/css 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a4864530e8c21f08364bf52157ad1e3c297bf12ea7da8e443e08f31aa55b03f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ad7db4ccfbf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006A75
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2604
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_pptcapacity
Last-Modified: Tue, 26 Jan 2021 15:56:25 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: 128F6ADE9C964B1782851227C417DB90 Ref B: LON21EDGE0619 Ref C: 2021-01-26T15:56:25Z
X-UserSessionId: 7e80078f-844b-4367-92c8-329d88555e00
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 7e80078f-844b-4367-92c8-329d88555e00
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedbackstrings.js Show response
c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/Intl/en/ Frame E175 5 KB
2 KB 14ms
13ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6c57447ba4ec4c8434faa5921ec251a018dde28b1955f3c9b5ca8ede635ba6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "8a1ea9e7fbf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006A73
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1323
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 26 Jan 2021 15:57:10 GMT
X-OFFICEFD: AM4PEPF00006037
X-MSEdge-Ref: Ref A: DB3BDFCF5ED84409BA74189E64405141 Ref B: LON21EDGE1209 Ref C: 2021-01-26T16:01:31Z
X-UserSessionId: 528ca75c-bc31-4a9b-aad2-37eafcfe80b1
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 528ca75c-bc31-4a9b-aad2-37eafcfe80b1
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 CampaignMetadataAggregator Show response
messaging.office.com/lifecycle/ Frame E175 13 KB
3 KB 267ms
266ms Fetch
application/json 52.109.124.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.13725.41017&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26AppHostName%3DOneDriveWOPI%26AppMode%3DPDF-EMBED_VIEW%26Datacenter%3DSNL1%26UpsellMode%3DShowNothing%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwacfloodgateflight16treatment%3Bwacfloodgateflight6control%3Bwacfloodgateflight8control%26&contentType=CampaignContent&puid=&OFC_FLIGHTS=wac-floodgateflight16-treatment%3Bwac-floodgateflight6-control%3Bwac-floodgateflight8-control%3B

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.124.71 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

00c8a52318e10ce24a23d6b3cfdb6c348ef623513e8b23cb294c4976e173d755

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 8c1a89a0-1945-4fd6-4463-2365c3c0791a
x-usersessionid: 6419448d-9417-4e22-26f7-45601b1363a3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: sea-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-powered-by: ASP.NET
x-officefe: OmexMessagingStorefront_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 2653
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: bb192226-8dde-4fe4-9ab1-080be45316bf
server
x-usersessionid: 6419448d-9417-4e22-26f7-45601b1363a3
date: Thu, 28 Jan 2021 05:50:29 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: sea-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_0
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
x-officeversion: 21.4.10125.11951

OPTIONS
H2 200 CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0
0 520ms
191ms Other 52.109.124.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

52.109.124.71 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Origin: https://word-view.officeapps.live.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: private
server
x-correlationid: 2c8a2924-5f1c-4e69-950a-4c8a751f9d17
x-usersessionid: 2c8a2924-5f1c-4e69-950a-4c8a751f9d17
x-officefe: OmexMessagingStorefront_IN_0
x-officeversion: 21.4.10125.11951
x-officecluster: sea-000.omexmessaging.osi.office.net
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-machine: sea-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_0
x-gateids: AirTrafficControl.GovernanceRule
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
x-frame-options: deny
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-expose-headers: *
x-powered-by: ASP.NET
date: Thu, 28 Jan 2021 05:50:29 GMT
content-length: 0

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame E175 42 KB
16 KB 93ms
20ms Script
application/javascript 104.108.35.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.108.35.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-35-184.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 05:50:29 GMT
X-MSNServer: RD0003FF23ED10
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=12046, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
241 B 22ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13725.41017&waccluster=SNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1479,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest,afd_visioslice_control,afd_wordcapacity_2
x-correlationid: 77cadd14-3941-4b3d-aea3-913d5b46610c
x-officefd: AM4PEPF00006036
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:29 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: B3E36C534AAF41A79104EF40F68769F9 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:29Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 0
338 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13725.41017&waccluster=SNL1

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/h435E809AF5325769_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w-IzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n_0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE_1DzDgmqFUT2LFeAZg-QVn_-0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw
X-WacFrontEnd: AM4PEPF00006050
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
X-OfficeVersion: 16.0.13725.41017
X-Key: syabDSPoeVeZTBfRq3t/S63q4HDufNywBkK8bW0MXvc=,637474098281319933
X-bULS-SuppressionETag: BE052A72B09FE4FE92D9F8BC633FBC9A25BC4131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1613627427812
X-WacCluster: SNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: BE052A72B09FE4FE92D9F8BC633FBC9A25BC4131
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: b868fc51-f668-4884-ad5c-f947d9b794b4
x-officefd: AM4PEPF00006A3F
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:29 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 18008824C9A24C22BFEEEA5312212AD6 Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:29Z
timing-allow-origin: *

GET
H/1.1 200
OK otelFull.min.js Show response
c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/ Frame E175 117 KB
31 KB 13ms
13ms Script
application/javascript 2a02:26f0:fe00:4ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/otelFull.min.js

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fe00:4ae::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e67817c4049b1290e4d150b1c91b79c0939e9cd6fb0604d4a57def1edfc7e386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c9be831fbf3d61:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.13720.41022
X-OfficeFE: AM4PEPF00006A75
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 31135
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Tue, 26 Jan 2021 15:52:05 GMT
X-OFFICEFD: AM4PEPF00006A40
X-MSEdge-Ref: Ref A: E4007520E4E94789B67E0158095DA863 Ref B: AMS04EDGE0910 Ref C: 2021-01-26T15:52:05Z
X-UserSessionId: 48df89ed-7e22-45e3-82ea-6ee83a4c501d
Date: Thu, 28 Jan 2021 05:50:29 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 48df89ed-7e22-45e3-82ea-6ee83a4c501d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame E175 4 B
333 B 520ms
125ms XHR
application/json 52.114.128.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.10 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 05:50:29 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame E175 1 KB
2 KB 21ms
20ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&access_token=4w%2DIzeXIOf8YpWaLaO8kgqmPGFivEbVXnFtrIMJM7n%5F0TQaVBaEIj92GdA7c9Sfd7JYMG7nRi4QzP62fR9RE%5F1DzDgmqFUT2LFeAZg%2DQVn%5F%2D0lwSVrUi6bnccMnwuihIcaoQAA25NDSb6602YmVjWKpw&access_token_ttl=1613627427812&z=aODhGMkJGNTJBMDdDQTc5QiExMTAuNA&uilang=en-US

Requested by

Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/h435E809AF5325769_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abad1f91488ce16d779ec2e79f9e75ea0628b7b6ecf32cee12e4a7e63663f962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00006050
X-UserSessionId: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
X-OfficeVersion: 16.0.13725.41017
X-Key: syabDSPoeVeZTBfRq3t/S63q4HDufNywBkK8bW0MXvc=,637474098281319933
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=6JMb89Cni0CuyO/LQxbfHg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F88F2BF52A07CA79B%21110&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: SNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: SNL1
x-officeversion: 16.0.13725.41017
x-officefe: AM4PEPF00006050
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 1095
pragma: no-cache
x-msedge-features: typeheadertest,afd_wordcapacity,afd_wordcapacity_2,afd_pptcapacity_control
x-correlationid: 38dc3f62-8495-4147-af5f-840f8ed43ad0
x-officefd: AM4PEPF00006A40
x-usersessionid: 8223c7ed-a45d-426b-b1e4-064fb0ea0c82
date: Thu, 28 Jan 2021 05:50:29 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: DD7164C55FAC413DB9D4DEAE895AAF1D Ref B: AMS04EDGE0618 Ref C: 2021-01-28T05:50:30Z
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame E175 0
396 B 63ms
15ms XHR
application/json 52.114.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.75.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 05:50:30 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 54
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame E175 24 B
380 B 510ms
130ms XHR
application/json 52.114.128.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.5&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1611813031680&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c3-word-view-15.cdn.office.net
URL: https://c3-word-view-15.cdn.office.net/wv/s/161372541017_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.10 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 28 Jan 2021 05:50:31 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 440
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H2 404 log Show response
onedrive.live.com/ 77 KB
77 KB 137ms
136ms XHR
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/log

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85da1c5beda8f1f33f27a93d4533a9ebd3a8a27c140490a612fb8a4a1a98c614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=88F2BF52A07CA79B&resid=88F2BF52A07CA79B%21110&authkey=ANoKWwQ3hnNQ9G8&em=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: RD00155D3F30AA
x-content-type-options: nosniff
x-msedge-ref: Ref A: C04F74D94AFE462684A1A3E4ACFADA33 Ref B: FRAEDGE1212 Ref C: 2021-01-28T05:50:38Z
x-odwebserver: northcentralus1-odwebpl
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
date: Thu, 28 Jan 2021 05:50:37 GMT
content-length: 78522
expires: -1

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1970-01-19 15:53:37	Name: wla42 Value:
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1969-12-31 23:59:59	Name: xid Value: 37ac7d3c-df17-4edd-a2af-07f839602b54&&RD00155D74DDAD&60
.live.com/	1969-12-31 23:59:59	Name: E Value: P:eoIJnVDD2Ig=:89cP6kmJtgFzhiccADXnPmYfA7XtqhJd1asDzO4QXjk=:F

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js(Line 1) Message: %c👌Powered By Dullscript!👌 font-size: 40px; color: green
console-api	log	URL: https://c3-word-view-15.cdn.office.net/wv/s/hFE0B15EDDB049445_App_Scripts/WordViewerDS.js(Line 1) Message: Dullscript is a project to convert office online's Script# codebases to Typescript. This session is running on build created from the transpiled source code. If you would like to learn more, or provide feedback, please reach out in our Teams channel: https://aka.ms/dullscriptfeedback

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c3-word-view-15.cdn.office.net
js.live.net
messaging.office.com
onedrive.live.com
spoprod-a.akamaihd.net
u106573.ct.sendgrid.net
word-view.officeapps.live.com
104.108.35.184
13.107.42.13
167.89.118.28
2.16.186.40
2620:1ec:a92::171
2a02:26f0:fe00:4ae::1c24
52.109.124.71
52.114.128.10
52.114.75.149
00c8a52318e10ce24a23d6b3cfdb6c348ef623513e8b23cb294c4976e173d755
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1479b52bace821fc604e7ded0f67b139808c4fe3fc21623c3cbe420e092ecc0e
17325d48ee7df3ff26256f4af51a93050fda513369776706bd06bc795013054b
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2a739c343cb5bf4a747dffa52dc3af251c7afb6efdc23dcbfb8f6288025d0d96
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3b2d75e97905c1d80049839f252c3e9828f375677860c538aa47ea51da3af539
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
435e809af53257690e081a7c15142c287dd53a1056bfc2cddf24e245d3ab0ea9
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
4a35f18d84f7e9f17733ce2a2ccd0cec4ff8819e8a219c3b27431da4f4e8b00a
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4cd18b2e8f34df84ebe55c7fc9b48ad1bf808ebe39fe717bc7622845ff75de16
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
621444729b901edd79a8ac4fd06bb553901fdf84b7be631b7e1efbf31037b13c
6791bdf19dba2dbfe8a19b56d5f6eff94d3c6631f12228a8e90a84533eddfcdb
85da1c5beda8f1f33f27a93d4533a9ebd3a8a27c140490a612fb8a4a1a98c614
99dda252d47b17325eeec8605e60065d57f5cc644022f7ff68488f7198b9ad6b
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4864530e8c21f08364bf52157ad1e3c297bf12ea7da8e443e08f31aa55b03f5
abad1f91488ce16d779ec2e79f9e75ea0628b7b6ecf32cee12e4a7e63663f962
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
b8baea0a6d89b8d50d45bebf40c48bfc26c74d9fe773fff8429c8ca09c864eb4
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c7c67f3b5c549fdaa81e2f61775e19f0cd0f39378b9d6b3be4321e110ba1d48c
d121efb30d3cde7cdf0b787234330ba3ba77ec1a03aa181c05093f430029283e
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
dafb9913260ef4f009aebffd9c1aef96651386a1b60ffb22614fd368781a5f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67817c4049b1290e4d150b1c91b79c0939e9cd6fb0604d4a57def1edfc7e386
f6c57447ba4ec4c8434faa5921ec251a018dde28b1955f3c9b5ca8ede635ba6d
fe0b15eddb049445fe8dbc574978bf12af311034c3309c0ec80019c101ae14e5

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

49 Requests

98 %HTTPS

22 %IPv6

7 Domains

9 Subdomains

9 IPs

4 Countries

1622 kBTransfer

5984 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

1622 kB
Transfer

5984 kB
Size

4
Cookies

49 HTTP transactions
1 data transactions