onedrive.live.com Open in urlscan Pro
131.253.33.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Submission: On November 08 via manual (November 8th 2018, 5:18:19 pm UTC) from IN

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 131.253.33.217, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on August 2nd 2017. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	131.253.33.217 131.253.33.217	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.19.37.83 2.19.37.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a02:26f0:f1:... 2a02:26f0:f1:296::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a02:26f0:f1:... 2a02:26f0:f1:29f::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:f1:... 2a02:26f0:f1:28f::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:f1:... 2a02:26f0:f1:297::2b57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.8.9.124 23.8.9.124	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
37	10

3 131.253.33.217 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.25 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.37.83 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-37-83.deploy.static.akamaitechnologies.com

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f1:296::356e (European Union)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:f1:29f::1c24 (European Union)

ASN20940 (AKAMAI-ASN1, US)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f1:28f::1c24 (European Union)

ASN20940 (AKAMAI-ASN1, US)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:297::2b57 (European Union)

ASN20940 (AKAMAI-ASN1, US)

uhf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.9.124 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-9-124.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	office.net c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net	530 KB
11	live.com onedrive.live.com word-view.officeapps.live.com	123 KB
4	akamaihd.net spoprod-a.akamaihd.net	165 KB
2	s-microsoft.com c.s-microsoft.com	3 KB
1	live.net js.live.net	16 KB
1	microsoft.com uhf.microsoft.com	128 B
1	sfx.ms p.sfx.ms	366 B
37	7

	Domain	Requested by
8	c1-word-view-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net
8	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1-officeapps-15.cdn.office.net
7	c1-officeapps-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net
4	spoprod-a.akamaihd.net	onedrive.live.com
3	onedrive.live.com	onedrive.live.com
2	c.s-microsoft.com	word-view.officeapps.live.com
1	js.live.net	c1-word-view-15.cdn.office.net
1	uhf.microsoft.com	word-view.officeapps.live.com
1	p.sfx.ms	onedrive.live.com
37	9

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 1	`2017-08-02` - `2019-08-02`	2 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
p.sfx.ms Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
officeapps.live.com Microsoft IT TLS CA 5	`2018-03-07` - `2019-09-07`	2 years	crt.sh
www.microsoft.com Microsoft IT TLS CA 4	`2018-01-16` - `2020-01-16`	2 years	crt.sh
*.cdn.office.net Microsoft IT TLS CA 5	`2017-11-13` - `2019-11-13`	2 years	crt.sh
unistore.www.microsoft.com Microsoft IT TLS CA 5	`2018-01-25` - `2020-01-25`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Frame ID: B58686D22DC74CD7912C7CCAA2951F47
Requests: 8 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Frame ID: AC5768F623F13795463E6829469E459C
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx(?:$|\?)/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

Twitter Flight (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^flight$/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^flight$/i

Page Statistics

37
Requests

95 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

837 kB
Transfer

2638 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 88 KB
29 KB 1192ms
1105ms Document
text/html 131.253.33.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.253.33.217 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

2f56ef663a5d730e21bac802c748e1943b65d2a0359c17d32b1b7948e0aa703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:+X2kJJ5F1og=:143KlG+AntcmHaWlOty7zt9OYfJ0zDOtBiZaKNpNjfM=:F; domain=.live.com; path=/ xid=97f97921-5972-4314-b245-da4cc63390d6&&RD00155D035521&360; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 08-Nov-2018 15:38:04 GMT; path=/ wla42=; domain=live.com; expires=Thu, 15-Nov-2018 17:18:05 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D035521
x-odwebserver: canadacentral0-ODWebpl
x-msedge-ref: Ref A: 01528EEB7F7A44B388E0ED96D6CF3498 Ref B: AM3EDGE1013 Ref C: 2018-11-08T17:18:05Z
date: Thu, 08 Nov 2018 17:18:05 GMT

GET
S 200 maincss-aec76c77.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001// 136 KB
25 KB 49ms
6ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001//maincss-aec76c77.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.25 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 446332e8c993ca5c57c1ec267b71675c4c9e4f72ba3ae4b4aa0468f4e683a0fa

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Nov 2018 17:18:05 GMT
content-encoding: gzip
content-md5: rsdsd6WYhfyy0BwEMRimWg==
status: 200
content-length: 25469
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jul 2018 20:40:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5E380B4F8FA6E
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5304ce13-c01e-0042-1c0b-1a36c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21018237
x-ms-version: 2009-09-19

GET
S 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001// 85 KB
16 KB 67ms
26ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.25 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Nov 2018 17:18:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
status: 200
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jul 2018 20:40:21 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5E380B1ACDFB3
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7b1e6190-201e-008f-490b-1a538e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21018204
x-ms-version: 2009-09-19

GET
S 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001// 169 KB
30 KB 48ms
7ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.25 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Nov 2018 17:18:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
status: 200
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jul 2018 20:40:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5E380B21A0D18
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f4e1548-301e-0031-520b-1a4605000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21018291
x-ms-version: 2009-09-19

GET
S 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001// 123 KB
93 KB 57ms
16ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180706.001//wlx_fonts-c7993ded.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.25 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Nov 2018 17:18:05 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
status: 200
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jul 2018 20:40:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5E380BA86949F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f5ed7e12-901e-0078-090b-1a7565000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21018456
x-ms-version: 2009-09-19

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 89 KB
25 KB 411ms
411ms Script
text/javascript 131.253.33.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.140.1003.3007&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.253.33.217 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

66203b78b1b0103afa2a702d6d6ea60fb012d4ff8e6c710258303121835d8296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.140.1003.3007&useRequiresJs=False
pragma: no-cache
cookie: E=P:+X2kJJ5F1og=:143KlG+AntcmHaWlOty7zt9OYfJ0zDOtBiZaKNpNjfM=:F; xid=97f97921-5972-4314-b245-da4cc63390d6&&RD00155D035521&360; xidseq=1; wla42=
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
:scheme: https
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 51464368D4634945A398542D0BBBF55E Ref B: AM3EDGE1013 Ref C: 2018-11-08T17:18:05Z
x-odwebserver: canadacentral0-ODWebpl
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
date: Thu, 08 Nov 2018 17:18:05 GMT
set-cookie: mkt=en-US; domain=.live.com; expires=Fri, 08-Nov-2019 00:00:00 GMT; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 08-Nov-2018 15:38:05 GMT; path=/ E=P:2nF5JZ5F1og=:9Bg5CTGcTH9+UyvYFPbimLFNDxGeyVNnOLWUaofr7hA=:F; domain=.live.com; path=/ wla42=; domain=live.com; expires=Thu, 15-Nov-2018 17:18:05 GMT; path=/
x-msnserver: RD0003FFC9CD3B
expires: Fri, 08 Nov 2019 17:18:05 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 123ms
123ms Script
text/javascript 131.253.33.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.140.1003.3007&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.253.33.217 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e7e93e5fc09c02d4ce03792cd73c6d5c1da06402097aaed6ca630493c79726bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.140.1003.3007&useRequiresJs=False
pragma: no-cache
cookie: E=P:+X2kJJ5F1og=:143KlG+AntcmHaWlOty7zt9OYfJ0zDOtBiZaKNpNjfM=:F; xid=97f97921-5972-4314-b245-da4cc63390d6&&RD00155D035521&360; xidseq=1; wla42=
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
:scheme: https
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 6DA648498A8748D9A438DE66F57EA6D2 Ref B: AM3EDGE1013 Ref C: 2018-11-08T17:18:05Z
x-odwebserver: canadacentral0-ODWebpl
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
date: Thu, 08 Nov 2018 17:18:05 GMT
set-cookie: mkt=en-US; domain=.live.com; expires=Fri, 08-Nov-2019 00:00:00 GMT; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 08-Nov-2018 15:38:05 GMT; path=/ E=P:hMRNJZ5F1og=:bV1ix6J2S41OvwyeHvffFcSUggwspzXfcMjmU1VKj+4=:F; domain=.live.com; path=/ wla42=; domain=live.com; expires=Thu, 15-Nov-2018 17:18:05 GMT; path=/
x-msnserver: RD00155D035521
expires: Fri, 08 Nov 2019 17:18:05 GMT

GET
H/1.1 200
OK invis.gif
p.sfx.ms/is/ 43 B
366 B 56ms
6ms Image
image/gif 2.19.37.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 2.19.37.83 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-37-83.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 08 Nov 2018 17:18:05 GMT
X-MSNServer: RD0003FF2403F4
Last-Modified: Fri, 26 Oct 2018 21:44:38 GMT
Server: Microsoft-IIS/10.0
X-ODWebServer: westeurope1-ODWebp
Content-Type: image/gif
Cache-Control: public, max-age=76793
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame AC57 53 KB
54 KB 128ms
65ms Document
text/html 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53D72F97A3903C47!468&ithint=file%2cdocx&app=Word&authkey=!AGgUvu6pkw4-ois

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

30425453e7c421532125df438830da90992803845a8a6a388b727b58751c6ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: word-view.officeapps.live.com
:scheme: https
:path: /wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
content-length: 231
pragma: no-cache
cache-control: no-cache
origin: https://onedrive.live.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate
cookie: xid=97f97921-5972-4314-b245-da4cc63390d6&&RD00155D035521&360; wla42=; mkt=en-US; xidseq=2; E=P:2nF5JZ5F1og=:9Bg5CTGcTH9+UyvYFPbimLFNDxGeyVNnOLWUaofr7hA=:F
Origin: https://onedrive.live.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Fri, 08-Feb-2019 17:18:06 GMT; path=/; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/
x-correlationid: 76d290f5-991e-4d39-808a-0144a6ed009c
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-ccr: true
x-officefe: cf0b03a414e2
x-officeversion: 16.0.11101.32656
x-officecluster: NL2
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com c.s-microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com c.s-microsoft.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src * https:; img-src * data: blob: https:; report-uri /reportcsp.ashx
x-officefd: c9c26f94c5a8
x-msedge-ref: Ref A: B2C554AB8477458FB1CD9F0AF497C2C5 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:05Z
date: Thu, 08 Nov 2018 17:18:05 GMT

GET
S 200 mscc-0.4.1.min.css
c.s-microsoft.com/mscc/statics/ Frame AC57 1 KB
934 B 89ms
8ms Stylesheet
text/css 2a02:26f0:f1:296::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f1:296::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 08 Nov 2018 17:18:05 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:23 GMT
content-md5: 2MKxgMQLzH/8vixotX2Pog==
status: 200
etag: 0x8D61744C3ED0073
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 41f924a0-901e-0090-04fe-4986d4000000
x-ms-version: 2009-09-19
content-length: 627

GET
H/1.1 200
OK WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 192 KB
29 KB 112ms
33ms Stylesheet
text/css 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

afbdc2a273404bb86568f631449b294923cdd3a81e662435bd88af85fcf28ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"809f8c3d7075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: 19e8eaafc0af
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 28915
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:30:03 GMT
X-OFFICEFD: 52bcd85898e1
X-MSEdge-Ref: Ref A: 3DE848C282714B689821F404636DC225 Ref B: AM3EDGE0417 Ref C: 2018-11-06T01:30:03Z
X-UserSessionId: bb9b3d81-77e9-40b8-935a-a3468906ef17
Date: Thu, 08 Nov 2018 17:18:06 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: bb9b3d81-77e9-40b8-935a-a3468906ef17
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/ Frame AC57 105 KB
27 KB 89ms
16ms Script
application/javascript 2a02:26f0:f1:28f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80c152237075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: d9a1bc710951
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 26964
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:19 GMT
X-OFFICEFD: 8b4cb7e0ec52
X-MSEdge-Ref: Ref A: EE79988DA1F14B0EB0355D6650B5F6F2 Ref B: AM3EDGE0316 Ref C: 2018-11-06T01:29:19Z
X-UserSessionId: ed30d03a-8d97-4bd1-899a-4e0a6348a5ef
Date: Thu, 08 Nov 2018 17:18:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ed30d03a-8d97-4bd1-899a-4e0a6348a5ef
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
S 200 mscc-0.4.1.min.js Show response
c.s-microsoft.com/mscc/statics/ Frame AC57 3 KB
2 KB 86ms
6ms Script
text/javascript 2a02:26f0:f1:296::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.js
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f1:296::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 08 Nov 2018 17:18:05 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:12 GMT
content-md5: XpofSqMdSqYPb4maLkXO+A==
status: 200
etag: 0x8D61744BD6EA9B6
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9fc6c4bd-001e-003f-1afe-49a444000000
x-ms-version: 2009-09-19
content-length: 1588

GET
H/1.1 200
OK cookiecompliance.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/ Frame AC57 9 KB
3 KB 101ms
28ms Script
application/javascript 2a02:26f0:f1:28f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/cookiecompliance.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80ba55b87075d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: d2319df7460d
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1945
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:33:29 GMT
X-OFFICEFD: 0b92da1d9e8d
X-MSEdge-Ref: Ref A: 7466D6BF91624A8B9E6F620CF042702E Ref B: AMS04EDGE0814 Ref C: 2018-11-06T01:33:29Z
X-UserSessionId: c7d5ee81-97ed-40f4-8841-bc0913d14cef
Date: Thu, 08 Nov 2018 17:18:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c7d5ee81-97ed-40f4-8841-bc0913d14cef
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/1033/ Frame AC57 59 KB
19 KB 91ms
17ms Script
application/javascript 2a02:26f0:f1:28f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

5beb6b937f09a99d28e08863c0afa5f6011df0f017253a9789aefd2110f825fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"051eeb87075d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: c0678f4bd404
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 18087
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:33:30 GMT
X-OFFICEFD: 65e6940e8a46
X-MSEdge-Ref: Ref A: CAC3D4B9DBB8472AAE86D641729BF99B Ref B: AMS04EDGE0522 Ref C: 2018-11-06T01:33:29Z
X-UserSessionId: e9ff299f-e330-44b7-bad0-1e87706a4c5e
Date: Thu, 08 Nov 2018 17:18:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e9ff299f-e330-44b7-bad0-1e87706a4c5e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/ Frame AC57 6 KB
2 KB 89ms
19ms Script
application/javascript 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"02bba227075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: 45b312bb2e91
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1618
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:18 GMT
X-OFFICEFD: dbfdbac63933
X-MSEdge-Ref: Ref A: CC44228C7E5B450B85EEC10C6C47BCBA Ref B: AMS04EDGE0814 Ref C: 2018-11-06T01:29:19Z
X-UserSessionId: 502ffe02-4c2a-4eaf-9930-0f6722392147
Date: Thu, 08 Nov 2018 17:18:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 502ffe02-4c2a-4eaf-9930-0f6722392147
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/1033/ Frame AC57 18 KB
5 KB 79ms
10ms Script
application/javascript 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

926ee7e43143a2e39c914fc3cb28914d25cb66338eada0dd9dbfa05df0ebb7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"809f8c3d7075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: 92416f6ad8d2
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3927
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:30:03 GMT
X-OFFICEFD: 38198d8c31de
X-MSEdge-Ref: Ref A: E9266A17442A41DE8DB0B1D3F5E01503 Ref B: AMS04EDGE0814 Ref C: 2018-11-06T01:30:03Z
X-UserSessionId: 9f255fed-7a5c-4d53-a0c9-ff9c1acb5563
Date: Thu, 08 Nov 2018 17:18:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 9f255fed-7a5c-4d53-a0c9-ff9c1acb5563
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewer.js Show response
c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/ Frame AC57 906 KB
243 KB 105ms
41ms Script
application/javascript 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

882f0f34f2103f71345a401958e566bea45eb217b4720c0d4f64d97cade95a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"02bba227075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: 9c721459027a
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 248328
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:18 GMT
X-OFFICEFD: 9dd6b92c2371
X-MSEdge-Ref: Ref A: 6AE49417D05942A5860C7BB9E05A410A Ref B: AM3EDGE0417 Ref C: 2018-11-06T01:29:19Z
X-UserSessionId: 69913ced-1216-4c35-afde-2f8a7b8929f7
Date: Thu, 08 Nov 2018 17:18:06 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 69913ced-1216-4c35-afde-2f8a7b8929f7
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame AC57 0
293 B 51ms
43ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2
pragma: no-cache
cookie: xid=97f97921-5972-4314-b245-da4cc63390d6&&RD00155D035521&360; wla42=; mkt=en-US; xidseq=2; E=P:2nF5JZ5F1og=:9Bg5CTGcTH9+UyvYFPbimLFNDxGeyVNnOLWUaofr7hA=:F; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
origin: https://word-view.officeapps.live.com
accept-encoding: gzip, deflate
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]
accept: */*
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
content-length: 0
:method: POST
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Origin: https://word-view.officeapps.live.com
X-UserSessionId: 76d290f5-991e-4d39-808a-0144a6ed009c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: 53e2d65a53e7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 658f9f64-c960-4a7a-a675-040890435d9c
x-officefd: 3f7dd30e3dab
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
set-cookie
x-msedge-ref: Ref A: 77E54EB8A9BF45ACBC9C9770A7B0F7E6 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:05Z
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame AC57 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 223f620d31252cab8d99fba428b123b3ccc9fa705bfe3a43417e1d976c4a6221

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame AC57 1 KB
1 KB 2122ms
2121ms Image
text/html 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&v=00000000-0000-0000-0000-000000000802&usid=76d290f5-991e-4d39-808a-0144a6ed009c&splashscreen=1&build=16.0.11101.32656&waccluster=NL2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&v=00000000-0000-0000-0000-000000000802&usid=76d290f5-991e-4d39-808a-0144a6ed009c&splashscreen=1&build=16.0.11101.32656&waccluster=NL2
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
:method: GET
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: ff4f489cf32e
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 404
content-disposition: attachment
content-length: 1245
pragma: no-cache
x-correlationid: 5146eaeb-9945-4e9b-b06e-0c67cbf441dc
x-officefd: 1e13da00479e
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:07 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
set-cookie
x-msedge-ref: Ref A: 94F326015AB041799E73D495FD967425 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:08Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame AC57 0
158 B 42ms
40ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2
pragma: no-cache
origin: https://word-view.officeapps.live.com
accept-encoding: gzip, deflate
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon: [{"Index":1,"MsSinceStart":95,"Value":"https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css","Type":"ResourceDownloadSuccess"}]
accept: */*
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
content-length: 0
:method: POST
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Origin: https://word-view.officeapps.live.com
X-UserSessionId: 76d290f5-991e-4d39-808a-0144a6ed009c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":95,"Value":"https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: 40e9afcb25ee
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 0d20b6c4-b115-4127-8657-1d89094cd298
x-officefd: 6b5225d5d6db
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
set-cookie
x-msedge-ref: Ref A: F4AC60DD494346AE986D59AEF70E2054 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:06Z
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame AC57 60 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame AC57 60 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame AC57 0
158 B 42ms
41ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2
pragma: no-cache
cookie
origin: https://word-view.officeapps.live.com
accept-encoding: gzip, deflate
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon: [{"Index":2,"MsSinceStart":300,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]
accept: */*
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
content-length: 0
:method: POST
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Origin: https://word-view.officeapps.live.com
X-UserSessionId: 76d290f5-991e-4d39-808a-0144a6ed009c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":300,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: 4917c5f189fa
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 4adce7eb-2a16-4aa7-a88c-4884a9b87721
x-officefd: 3e25b8bcb34a
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
set-cookie
x-msedge-ref: Ref A: FC6891237FC649A1A73D1D24DE4BB56F Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:06Z
timing-allow-origin: *

GET
H/1.1 200
OK segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 22 KB
23 KB 26ms
26ms Font
font/x-woff 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/segoeui.woff

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/WordViewer.css
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"f3025b97075d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: 629676bc6905
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 22720
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:33:30 GMT
X-OFFICEFD: f5c2c766d413
X-MSEdge-Ref: Ref A: 0243540AC1524AEBB9D18B6C09B8A868 Ref B: AMS04EDGE0814 Ref C: 2018-11-06T01:33:30Z
X-UserSessionId: e313de53-fbcc-4ac4-b33d-51a9fbf6d399
Date: Thu, 08 Nov 2018 17:18:06 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: e313de53-fbcc-4ac4-b33d-51a9fbf6d399
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame AC57 445 B
740 B 2148ms
2148ms XHR
text/xml 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&type=png&o15=1&ui=en-US

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

57323fc46f58234bc1a6cac9c15ea4b8041385983cb70d55e41e75fb1f5867d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

cookie
accept-encoding: gzip, deflate
x-officeversion: 16.0.11101.32656
x-key: u9oWmndVsBHZBuP95HLnqNGvhjxpi/SmCh6/vSWeD3M=,636772942862849350
x-requested-with: XMLHttpRequest
x-xhr: 1
:path: /wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&type=png&o15=1&ui=en-US
pragma: no-cache
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
x-usertype: WOPI
x-waccluster: NL2
:method: GET
X-UserSessionId: 76d290f5-991e-4d39-808a-0144a6ed009c
X-OfficeVersion: 16.0.11101.32656
X-Key: u9oWmndVsBHZBuP95HLnqNGvhjxpi/SmCh6/vSWeD3M=,636772942862849350
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL2

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: 16f97a03a4b4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 417
x-correlationid: 5fc8a60d-176c-45f0-b765-490722517f78
x-officefd: 3f7dd30e3dab
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:07 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
set-cookie
x-msedge-ref: Ref A: 011E8A19BD054C0A846A9B4CF368A5A0 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:08Z
timing-allow-origin: *
expires: Fri, 08 Nov 2019 17:18:08 GMT

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/ Frame AC57 40 KB
7 KB 27ms
27ms Script
application/javascript 2a02:26f0:f1:28f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

458d704b9bfcd0c284aa3a76db26dfce870f7537f2913937aec2a6b9d0c969ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"0851c257075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: e5db6168a235
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6728
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:22 GMT
X-OFFICEFD: 7deb6bcfc7e8
X-MSEdge-Ref: Ref A: 2C1756E622774C36AA06049C36147B94 Ref B: AM3EDGE0417 Ref C: 2018-11-06T01:29:21Z
X-UserSessionId: 5b76d3d9-5215-4def-a165-483b89a65cb8
Date: Thu, 08 Nov 2018 17:18:06 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5b76d3d9-5215-4def-a165-483b89a65cb8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 6 KB
7 KB 32ms
9ms Image
image/png 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_resources/1033/wapsw.png?b=1601110132656

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "5723fe56f75d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11101.32656
X-OfficeFE: fbfc5e6d2929
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 5884
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:27:34 GMT
X-OFFICEFD: 75da34ff5917
X-MSEdge-Ref: Ref A: A426ED2D52264B42A2204E176B833A3C Ref B: AMS04EDGE0522 Ref C: 2018-11-06T01:33:30Z
X-UserSessionId: b01a17b1-73b5-4665-84d1-21cb8e2e7f2b
Date: Thu, 08 Nov 2018 17:18:06 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: b01a17b1-73b5-4665-84d1-21cb8e2e7f2b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
S 204 _log
uhf.microsoft.com/ Frame AC57 0
128 B 59ms
10ms Image
text/html 2a02:26f0:f1:297::2b57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhf.microsoft.com/_log?o=mscc&s=officeapps.live.com&m=show&nv=aspnet-3.1.4&sv=0.1.2
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f1:297::2b57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Nov 2018 17:18:06 GMT
status: 204
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Thu, 08 Nov 2018 17:18:06 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame AC57 0
321 B 50ms
50ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /wv/RemoteUls.ashx?build=16.0.11101.32656&waccluster=NL2
pragma: no-cache
cookie
origin: https://word-view.officeapps.live.com
accept-encoding: gzip, deflate
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon: [{"Index":3,"MsSinceStart":2520,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]
accept: */*
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
content-length: 0
:method: POST
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
Origin: https://word-view.officeapps.live.com
X-UserSessionId: 76d290f5-991e-4d39-808a-0144a6ed009c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":2520,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: e8a60f8e3e37
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: d90ef29f-62f5-44f0-90dc-8c8b7791f590
x-officefd: 0b92da1d9e8d
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
set-cookie
x-msedge-ref: Ref A: 499088296BE24A40BF32303AC1721075 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:08Z
timing-allow-origin: *

GET
H/1.1 200
OK WordViewer.dll1.js Show response
c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/ Frame AC57 408 KB
102 KB 66ms
65ms Script
application/javascript 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.dll1.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

20b8bec4c484a7b543aaaff360e2180e8acf2b5ad30dc82fda6fb19a4b04d4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"0851c257075d41:0"
X-OfficeCluster: NL2
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: e48142dbb6d1
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 103957
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:22 GMT
X-OFFICEFD: e1df6edbf765
X-MSEdge-Ref: Ref A: C80537D2C4664F30B3E05827EE63D89C Ref B: AM3EDGE0411 Ref C: 2018-11-06T01:29:22Z
X-UserSessionId: b240c9c6-3e88-4afa-84b3-c9b6de148b28
Date: Thu, 08 Nov 2018 17:18:08 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b240c9c6-3e88-4afa-84b3-c9b6de148b28
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame AC57 62 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b030e22ff9a5d87520129ed6a21578ad63ad1866bec5e5b5c7e09efe10af901

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame AC57 62 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dea5f586a271cd8f113bae8b8f9379af86da0e2a65a16f897e5a7bdf3a6b28e

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 695 B
1 KB 19ms
18ms Image
image/gif 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"4be318387075d41:0"
X-OFFICEFD: c9c26f94c5a8
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: ae87d8bf08df
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 695
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:53 GMT
X-OfficeCluster: NL2
X-MSEdge-Ref: Ref A: D7E32F40D7FD4603996B25AD7562A0C4 Ref B: AM3EDGE0316 Ref C: 2018-11-06T01:29:53Z
X-UserSessionId: 71a5abac-9206-4459-a97b-e6234b59b88a
Date: Thu, 08 Nov 2018 17:18:08 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 71a5abac-9206-4459-a97b-e6234b59b88a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET ResReader.ashx
word-view.officeapps.live.com/wv/ Frame AC57 0
0

GET
H/1.1 200
OK segoeui-semilight-final.woff
c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 25 KB
26 KB 13ms
12ms Font
font/x-woff 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/segoeui-semilight-final.woff

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/WordViewer.css
Origin: https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "5c6cee46f75d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11101.32656
X-OfficeFE: fbfc5e6d2929
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 25997
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:27:34 GMT
X-OFFICEFD: dde2dc781c9b
X-MSEdge-Ref: Ref A: F173B8180FAA4783BB21EA9C25AC5572 Ref B: AMS04EDGE0522 Ref C: 2018-11-06T01:33:31Z
X-UserSessionId: 9bc950e1-f1ae-407c-bae3-22e089e0625b
Date: Thu, 08 Nov 2018 17:18:08 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 9bc950e1-f1ae-407c-bae3-22e089e0625b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 33 KB
34 KB 14ms
13ms Image
image/png 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161110132656_resources/1033/wv.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

7e3a4bd4ad002fdadef0d886c9d238ae093e371b61b8a40c64a37c2b8c9a8e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"2423ae267075d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: e48142dbb6d1
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 33586
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:24 GMT
X-OFFICEFD: 52bcd85898e1
X-MSEdge-Ref: Ref A: 7DE98FA235B94C47AE849AE62B968F03 Ref B: AM3EDGE0417 Ref C: 2018-11-06T01:29:24Z
X-UserSessionId: c480d29f-8851-4942-adfb-112070ac10d4
Date: Thu, 08 Nov 2018 17:18:08 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: c480d29f-8851-4942-adfb-112070ac10d4
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress16.gif
c1-officeapps-15.cdn.office.net/wv/s/161110132656_resources/1033/ Frame AC57 668 B
1 KB 22ms
22ms Image
image/gif 2a02:26f0:f1:29f::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161110132656_resources/1033/progress16.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"6afb4b267075d41:0"
X-OfficeCluster: NL2
X-CCR: true
X-OfficeVersion: 16.0.11030.32653
X-OfficeFE: 048c347f3b90
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 668
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 06 Nov 2018 01:29:23 GMT
X-OFFICEFD: c9c26f94c5a8
X-MSEdge-Ref: Ref A: FC8CB085590745D69938621EA8189F66 Ref B: AM3EDGE0417 Ref C: 2018-11-06T01:29:24Z
X-UserSessionId: 2c619b27-fd45-4f84-9d83-2c85d452e6d8
Date: Thu, 08 Nov 2018 17:18:08 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 2c619b27-fd45-4f84-9d83-2c85d452e6d8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame AC57 10 KB
11 KB 2133ms
2133ms Image
image/png 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

63db398260c582bfece82e60d12fd6b0ae8c931eb0038901cb29d22fdb851571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&v=00000000-0000-0000-0000-000000000802&usid=76d290f5-991e-4d39-808a-0144a6ed009c&splashscreen=1&build=16.0.11101.32656&waccluster=NL2
pragma: no-cache
cookie
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: word-view.officeapps.live.com
referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
:scheme: https
:method: GET
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en-US&rs=en-US&hid=1tSUztw9tk+4S8iFeGWdSg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&wde=docx&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL2
x-officeversion: 16.0.11101.32656
x-officefe: 51b94519f938
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 10521
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY00000000-0000-0000-0000-000000000802p1.img"
x-correlationid: 92b13638-c72a-40a8-aa0d-7ad61f60a144
x-officefd: 1e13da00479e
x-ccr: true
x-usersessionid: 76d290f5-991e-4d39-808a-0144a6ed009c
date: Thu, 08 Nov 2018 17:18:10 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
set-cookie
x-msedge-ref: Ref A: C73BDEC5E4C345BABEFF99CC5BAF7889 Ref B: VIEEDGE0313 Ref C: 2018-11-08T17:18:10Z
timing-allow-origin: *
expires: Fri, 08 Nov 2019 17:18:10 GMT

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame AC57 42 KB
16 KB 68ms
7ms Script
application/javascript 23.8.9.124
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161110132656_App_Scripts/WordViewer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 23.8.9.124 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-9-124.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com

Response headers

Date: Thu, 08 Nov 2018 17:18:09 GMT
X-MSNServer: RD0003FF23D5AC
Last-Modified: Mon, 13 Aug 2018 18:19:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03da5233233d41:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=76394
X-ODWebServer: westeurope1-ODWebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=76d290f5-991e-4d39-808a-0144a6ed009c&build=16.0.11101.32656&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&waccluster=NL2

Domain: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=76d290f5-991e-4d39-808a-0144a6ed009c&build=16.0.11101.32656&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F53D72F97A3903C47%21468&access_token=4w%2DHcmZ4cCzvXP4tCE0s5CRTU7o6UTbOqVVpc3SmnFxOtLDOkNgwfK10xa8bPngZI27k3SZk%5F%2DgZiJ8qQJgFmMYsGsU4qoMFHldoigXOp2vOtPRb%5FHvtWWqdIbGnL2vSGLqad7USHhSG5W9YrltWgyfA&access_token_ttl=1543511885080&z=aNTNENzJGOTdBMzkwM0M0NyE0NjguNzY&waccluster=NL2

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			word-view.officeapps.live.com/wv	1969-12-31 23:59:59	Name: Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.s-microsoft.com
c1-officeapps-15.cdn.office.net
c1-word-view-15.cdn.office.net
js.live.net
onedrive.live.com
p.sfx.ms
spoprod-a.akamaihd.net
uhf.microsoft.com
word-view.officeapps.live.com
word-view.officeapps.live.com
131.253.33.217
2.16.186.25
2.19.37.83
23.8.9.124
2620:1ec:a92::171
2a02:26f0:f1:28f::1c24
2a02:26f0:f1:296::356e
2a02:26f0:f1:297::2b57
2a02:26f0:f1:29f::1c24
0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
0b030e22ff9a5d87520129ed6a21578ad63ad1866bec5e5b5c7e09efe10af901
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
20b8bec4c484a7b543aaaff360e2180e8acf2b5ad30dc82fda6fb19a4b04d4c0
223f620d31252cab8d99fba428b123b3ccc9fa705bfe3a43417e1d976c4a6221
2f56ef663a5d730e21bac802c748e1943b65d2a0359c17d32b1b7948e0aa703b
30425453e7c421532125df438830da90992803845a8a6a388b727b58751c6ec1
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
446332e8c993ca5c57c1ec267b71675c4c9e4f72ba3ae4b4aa0468f4e683a0fa
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
458d704b9bfcd0c284aa3a76db26dfce870f7537f2913937aec2a6b9d0c969ca
57323fc46f58234bc1a6cac9c15ea4b8041385983cb70d55e41e75fb1f5867d1
5beb6b937f09a99d28e08863c0afa5f6011df0f017253a9789aefd2110f825fa
63db398260c582bfece82e60d12fd6b0ae8c931eb0038901cb29d22fdb851571
66203b78b1b0103afa2a702d6d6ea60fb012d4ff8e6c710258303121835d8296
7e3a4bd4ad002fdadef0d886c9d238ae093e371b61b8a40c64a37c2b8c9a8e56
83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7
882f0f34f2103f71345a401958e566bea45eb217b4720c0d4f64d97cade95a12
8dea5f586a271cd8f113bae8b8f9379af86da0e2a65a16f897e5a7bdf3a6b28e
910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c
926ee7e43143a2e39c914fc3cb28914d25cb66338eada0dd9dbfa05df0ebb7c6
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
afbdc2a273404bb86568f631449b294923cdd3a81e662435bd88af85fcf28ef1
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e93e5fc09c02d4ce03792cd73c6d5c1da06402097aaed6ca630493c79726bb

onedrive.live.com Open in urlscan Pro 131.253.33.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

95 %HTTPS

56 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

837 kBTransfer

2638 kBSize

1 Cookies

1 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
131.253.33.217 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

837 kB
Transfer

2638 kB
Size

1
Cookies

37 HTTP transactions
5 data transactions